Security Learning its Role in E-Discovery


This article can also be found in the Premium Editorial Download "Information Security magazine: Reviews of six top Web application firewalls."

Download it now to read this article plus other related content.

Common Pitfalls
At the beginning of a civil court case, legal teams meet to determine what types of evidence are relevant to a case. This process of discovery generates requests for email, word processing documents, logs of transactions, and other data that counsel thinks will help win the case. As IT and security teams begin to ponder how to handle e-discovery, they often make errors, either because they don't fully understand the requirements or don't communicate with counsel. Here are three common mistakes:

  1. Assuming that saving all information forever is the best way to manage risk. This isn't true. Frankly, it's not cost effective to save all information. Although storage continues to become less expensive, it's not free, and the amount of ESI organizations create annually is staggering.

    Even if it weren't cost prohibitive to save all information, courts don't expect an organization to follow this course. Information is expected to be destroyed during the normal flow of business. What's critical is that retention and destruction policies are well articulated, well known across the organization, and followed appropriately and consistently. The major caveat is that information relevant to a case that can be reasonably anticipated on the horizon should be spared from the normal destruction phase of the information lifecycle--that

    Requires Free Membership to View

  1. is, it should be preserved.

    In addition, over-saving information creates other risks that should be avoided. By keeping old information indefinitely, enterprises could possibly disclose facts that aren't material to a case but open other avenues of investigation that could have been closed if the information had been routinely retired, thereby protecting its confidentiality. Although no ethical counsel will advise the willful destruction of evidence, it is simply true that business records have a useful life, and when that life has concluded, the information should be discarded. The critical points of consideration are:

    • What external requirements necessitate continued preservation of information? These may include regulatory requirements or investigations, not just court cases.

    • What ongoing litigation or likely future litigation requires suspension of standard destruction practices? These are formally known as "legal holds," and are something to determine with the legal team.

This was first published in March 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: