In This Article

What is E-Discovery?

Terry Mann
| Read Time 6 min read| Updated On - December 14, 2022


E-discovery (electronic discovery) is the legal procedure for locating, collecting, and delivering electronically stored information (ESI) as evidence to be used in court cases or investigations. Information governance programs frequently incorporate e-discovery since it is an obligatory legal and regulatory requirement.

What is Electronically Stored Information (ESI)?

ESI may comprise of “writings, drawings, graphs, charts, pictures, sound recordings, images, and other data or data compilations,” as stated by the Federal Rules of Civil Procedure (FRCP). Emails, documents, voicemail, videos, and data from any apps and services you use, are also examples of ESI. As a result, any tweet or Facebook post can be used as proof in court. The metadata that is embedded in electronic files can also be very useful as a form of evidence, which can include the file’s author, location, and other relevant details relating to the file’s creation. This metadata must be carefully preserved, as the act of just copying a file to another location has the potential to change its metadata, casting doubt on the file’s veracity as evidence.

How E-Discovery Works

E-discovery is a procedure with various stages and techniques, and there is no one methodology that works for everyone. The majority of e-discovery law firms will conduct their own investigations, using their own stages and techniques; however, most processes will follow a common theme.

E-discovery typically involves nine stages, which are as follows:

1. Information governance (IG): IG refers to the processes, controls, and policies required for collecting and preserving data. The Information Governance Reference Model (IGRM), developed by EDRM, offers a robust structure that e-discovery agencies follow.

2. Identification: Parties have a legal obligation to keep the relevant ESI safe as soon as litigation is foreseeable. However, they must first decide what information is relevant before they can preserve it. E-discovery teams employ a number of techniques, such as studying the case facts, conducting interviews, and trawling through repositories – both local and remote – to locate sources of potentially relevant ESI.

3. Preservation: After the relevant ESI has been located, it must be safeguarded against “spoliation” – the legal term used for any altering or destruction of evidence. There are other ways to preserve ESI; however, the legal hold process (or preservation order) is most commonly used. A ‘legal hold’ is a written directive from the legal team to the relevant data owners (sometimes referred to as ‘custodians’) instructing them not to delete certain ESI.

4. Collection: The strategy chosen to collect and consolidate ESI must be legally defensible, which means it must prevent any changes to the contents and metadata during the collection process.

5. Processing: ESI must be processed in order to make it ready for legal inspection and analysis. Processing may involve removing files from folders, erasing useless system data, or changing specific file formats in order to make the data suitable for attorney examination.

6. Review: The review stage of e-discovery is by far the most demanding as it entails assessing the ESI for both relevance and attorney-client privilege, which is exempt from e-discovery. Law firms generally handle this stage for organizations; however, modern technology enables in-house legal teams to employ artificial intelligence (AI) algorithms to separate privileged documents from those that are not relevant. Conducting reviews internally is now much more feasible thanks to these time and money-saving technologies.

7. Analysis: This stage involves assessing the ESI’s content and context, including important patterns, topics, people, and discussions. Even though this stage comes after the review stage, an analysis should be conducted throughout the process of discovery, as well as pre-discovery.

8. Production: To be used as possible evidence, the relevant ESI that has been found must be presented in the form of physical documentation. There are rules for e-discovery that specify how documents must be produced.

9. Presentation: Evidence must be presented to the relevant attorneys, judges, juries, mediators, and deposition participants for use in court proceedings. Data is organized in the final presentation phase to make it simple to parse and communicate to an audience.

Why is E-Discovery Important?

The success of your lawsuits may largely depend on the use of e-discovery, as tampering with digital evidence or failing to properly adhere to the nine stages could be enough to cost you the lawsuit. Organizations must understand how e-discovery works in order to safeguard data when looking into unauthorized data access and privacy concerns. Many of the regulatory guidelines that control the storage and processing of private data call for an audit trail. An audit trail makes it possible to determine what data was accessed, when and by whom. E-discovery would make it easier to ascertain whether any unauthorized data access was caused by a system compromise or an insider threat.

Why Do Organizations Struggle with E-Discovery?

E-discovery is frequently ignored and only becomes meaningful after a case is launched. However, the e-discovery process is unfamiliar ground for many organizations. Investigations into data privacy concerns and digital infiltration can be challenging, even with experienced internal staff. Even if the organization names an attacker, law enforcement agencies need sufficient proof before they can open a case. Another problem with e-discovery relates to the amount of data that needs to be collected. Organizations that store large amounts of data need to know exactly what data they have, and where it is located. Large databases might take months to search, and investigators need to have access to the right information quickly. In some cases, the search for and collection of data may require appointing a number of additional staff, which will cost money. Even if every piece of data is found, you still have to trust those staff members won’t alter or delete any of it. Also, data might be stored on an employee’s mobile device instead of the network, and this device must be turned over and kept secure until the data can be recovered. It is the duty of the entire organization to maintain the integrity of its data until it can be transferred to a secure storage facility.

How Lepide Helps with E-Discovery

The Lepide Data Security Platform provides an e-discovery tool out-of-the-box that will scan your repositories, both on-premise and cloud-based, to locate sensitive data. Locate files containing personally identifiable information through eDiscovery and let Lepide do all the work in the background. Generate all the required information you need to respond to DSARs, right to be forgotten, or e-discovery.

Our e-discovery solution allows you to combine multiple values as well as search an expansive range of file types ensuring you get the most accurate results possible and avoid irritating and time-consuming false positives.

If you’d like to see how the Lepide Identify can help you complete the nine e-discovery stages, schedule a demo with one of our engineers or start your free trial today.

Terry Mann
Terry Mann

Terry is an energetic and versatile Sales Person within the Internet Security sector, developing growth opportunities as well as bringing on net new opportunities.

Popular Blog Posts