The Federal Reserve of eDiscovery

Can your defense team save additional litigation costs and reduce risk by using the cloud to dramatically reduce the number of data transfers?

In recent years, the cloud has become a ubiquitous tool for most organizations (and industries). However, when dealing with legal situations and eDiscovery, companies are still in the habit of shipping hard disks, optical disks, or if they’re lucky, electronically transferring terabytes of data to their external law firms in response to eDiscovery collections. In turn, those same law firms then follow the same data shipping or data transfer processes when turning over client eDiscovery data to opposing counsel.

By now you would have expected the legal industry to have progressed to a point of keeping these huge data sets relatively stationary while accessing and working with them remotely, shortening response time, reducing costs, maintaining chain of custody, and raising data security. However, law firms have never been known as early adopters of new technology. This helps to explain why the cloud, in many cases, is still being studied – mainly because of security concerns.

Reduce your risk - Stop moving data sets around

One of the key challenges facing law firms today is the continuous increase of eDiscovery data being generated, replicated, and transferred from place to place – all of which significantly increases the risk of data loss and corruption. This reality means that new data handling techniques must be developed and adopted to accelerate the rate of data transfer, protect the data, reduce costs, and maintain chain of custody.

One new strategy for defense counsel is to move toward common, secure, cloud-based eDiscovery repositories that all sides can access (with appropriate controls) and work with: client, defense counsel, even plaintiff’s counsel. For example, a trusted third party eDiscovery cloud provider (such as an eDiscovery services vendor or even large defense law firms with litigation heavy clients) could provide a common cloud repository with the proper access controls, encryption/security, and management software so that all sides could work with it without needing to move large amounts of data back and forth. The legal repository requirements would need to include:

1. The ability to produce audit/access logs
2. Encryption onsite before transfer to the cloud
3. Data set storage stored on WORM media (immutable storage) so that data, once placed into the repository, would be considered original and unchangeable
4. Repository data sets, disposable by the third party repository owner - only when the case and all appeals are concluded
5. A case management application to control creation, access, security, review, tagging, and export of individual case data
6. Secure encrypted work areas for all law firms involved and their attorneys, provided by the case management program
7. Data encryption: the data sets and all work product would be encrypted. The encryption keys would only be available to the originating attorney, designated team members, and specific individuals within opposing counsel
8. eDiscovery data set indexing capability, controlled programmatically by the third party case manager as agreed at the meet and confer conference
9. The ability for plaintiff and defense counsel to create and place tags and legal holds
10. The ability for all data and work product to be exportable in various accepted formats
11. Bill-back capability: Plaintiffs’ attorneys could be billed for “out of the ordinary” search and computing charges within the repository

Is it time for common eDiscovery repositories?

In 2018, following highly publicized incidents involving law firms and sensitive client data, the ABA issued Formal Opinion 483 that included the following warning: “the data security threat is so high that law enforcement officials regularly divide business entities into two categories: those that have been hacked and those that will be." Given concerns about security, data fidelity, timelines, and costs, maybe it’s time for law firms to consider common eDiscovery repositories. With the appropriate management and security controls, instead of shipping terabytes of data around (affecting response times, data fidelity, security and chain of custody), law firms could connect to a common legal repository and (at least) perform a first pass search and culling of the eDiscovery data sets, and when ready, download the data in a legally defensible manner to their system for further processing and eventual production.

Trust but verify

Obviously, for this kind of centralized legal data repository to be successful, trust of the system, measurable cost savings, and verifiable security are all necessities. The key is to include a management software layer that ensures all data is stored and managed at the highest security levels, all access and processing is audited, all workspaces and work product is encrypted and protected, basic eDiscovery functions such as on-demand indexing and search are available, and disaster recovery procedures such as geographic replication are standard.

It would seem that trusted service providers and law firms with the correct cloud infrastructure and eDiscovery management software could act as trusted industry eDiscovery clearinghouses that would speed data transfers, ensure chain of custody, and reduce eDiscovery costs – much like the Federal Reserve does for checks etc.

For more information on cloud-based eDiscovery repositories and case management, contact Archive360 at:  http://www.archive360.com/contact-us/