As a result, whether they know it or not, they are inadvertently creating an electronic footprint that, if the need arises, can be used for or against them as evidence.
Electronic discovery, otherwise simply known as E-discovery, simply refers to any and all procedures or processes that aid in the; identification, preservation, collection, processing and final review or any form of electronic data. However, in order to be truly classified as “E-discovery”, these aforementioned procedures need to be carried out with the intent of ultimately using any data that is collected to support a legal case (whether criminal or civil).
Some of the more prominent examples of data that is usually retrieved by E-Discovery Miami techniques are: word processor documents, emails, history from web browsers, instant messages and chat logs.
How Is E-Discovery Handled By The Law?
Even though electronic devices have been utilized for both business and personal use for decades now, it was not until late in the year 2006 that E-discovery actually became an official legal expression under the Federal Rules of Civil Procedure. Under this aforementioned designation it is explicitly stated that any prospective E-discovery evidence should be preserved and processed whenever it is deemed pertinent.
The type of evidence that theseE-discovery techniques covered upon the implementation of these laws included emails and electronic documents. However, this was soon after expanded to include more modernized methods of communication such as instant messaging.
Identification
While this is only the initial phase, it can however be argued that in reality it is the most important. This refers to any and all of the processes by which the electronic data is scrutinized to figure out if it is worth saving, collecting and reviewing later on.
This of course means searching the devices and databases that the entity under investigation may have used. However, at other times, service providers and third party data hosts may need to be identified and contacted for their records and data as well.
In order to guarantee that all possible sources of data are identified and perused thoroughly advanced information technology techniques, such as data mapping, are utilized. However, whether or not it is one system or multiple databases that are being investigated, the sheer magnitude of the amount of data can be extremely vast and overwhelming.
Because of this, various efforts are made to tighten the scope of the identification period by using specific search parameters or looking at the date range of specific data.
Preservation
After all pertinent data has been identified and highlighted; it is then retained in what is known as a “legal hold’. This safeguards the identified data from being illegally tampered with or even destroyed. While in theory this procedure might seem simple enough, in reality extra precautionary measures must be taken to make certain that the end result of this process is invulnerability so that there is absolutely no way that loss or destruction of data can occur.
Extra care must be taken during these initial stages of the E-discovery process. If there is any unintentional (or intentional) alteration of the pertinent data; the entire E-discovery process could be ruined.
Collection
When all relevant data and documents has been identified and preserved the step that follows is the actual collectionprocedure.This sets the stage for the final half of the E-discovery process since the collection procedure actually refers to the gathering together of the previously specified data,so that it can be easily and effectively processed and reviewed by official litigators and digital forensic experts.
The specific techniques and measures used during the collection procedure, as well as its overall scope and magnitude, are determined by the amount of data identified and preserved beforehand.
Processing
After all collection procedures have been taken care of the stage is then set so that processing stage can begin. During this processing stage the information from the original files is copied and extracted so that they can then be utilized on dedicated review arrangements. The extracted information is not only text based; often times it consists of relevant
• Administrative metadata – how and when the data was created, file types, access history and privileges
• Structural metadata – how the data is put together and organized
• Descriptive metadata – keywords, title, author
In an effort to lessen the amount of work that needs to be done in the subsequent steps of the E-discovery process various techniques are implemented. One such major technique is the deduplication of informationto avoid having to sift through literal identical copies of information.
In addition to all of this, certain documents and files may be copied and converted to formats that are easier to interpret and understand (e.g. pdf) as long as the content is not altered in any way. Depending on the nature of the case and data itself, processing can be an extremely lengthy process.
Review
When all of the data has finally been thoroughly processed, what remains is finally reviewed. The data is reviewed with certain parameters in place that will check its receptiveness to various set criteria that are relevant to the case and legal guidelines and privilege.
Information that is needed is highlighted, cataloged and noted so that it can be shared with key individuals and brought up in legal related dialogue if it is needed. Information is still sorted by parameters such as dates and keywords and it is removed or kept based on whether or not it remains relevant.
Production and Presentation
After the entire reviewing process has been completed, the collected and sorted data is finally delivered to the customary appropriate entities or individuals. If no further issues arise from this it is then brought before the required legal audiences and presented.
What Does This All Mean?
Electronic data exists in a world away from traditional hardcopy evidence. This fact is only more highlighted by the sheer magnitude of the amount of time and effort that goes into finding, collecting, preparing and reviewing electronic data. In addition to all of this, electronic information is always accompanied by “hidden” metadata and properties that often times can far exceed the quantity of the data that it represents and is much more complicated to decipher. Also, extra care has to be taken to ensure that throughout the entire E-Discovery Miami process the data is not tampered with in any way, so that it remains relevant and pristine.
Conclusion
As it relates to the corporate world, employers should ensure that they take the time to educate their employees on how to properly deal with ESI (electronically stored information) and subsequently inform them about the detrimental effects that not doing so may have on the business and their livelihood. This means that they should always be fully aware of how they are making changes to company documents and files, with whom they are sharing them with and on what devices they view or edit them on.
Likewise, there is also an added risk when personal accounts; such as email accounts or social networking accounts (Twitter, Facebook, etc.), are linked to corporate systems. Logs and metadata from these accounts will almost certainly be stored on corporate systems, meaning that any implications that arise around these accounts may also affect the corporation as a whole. Matters concerning corporations and electronically stored information are often times placed under much more scrutiny when compared to personal matters.
This is because corporations have to abide by a much more comprehensive list of rules and guidelines that relate to their information management policies. In the event of discrepancies they have to answer to not only legal authorities; they also have to answer to official government entities as well.
For more information please visit:
No comments:
Post a Comment