It is important to remember at the outset that collecting ESI is a critical stage in discovery because the activities undertaken during collection impact every subsequent stage of the process. It is essential to perform a collection a defensible manner.
The objective, of course, is to perform a reasonably comprehensive — but not over-inclusive — collection of relevant materials. The collection should be proportional to the needs of the case. At the same time, it is necessary to maintain the integrity of the data collected and document the collection process. Ideally, the collection also should not disrupt the organization’s business operations.
Plan the collection project
Planning is crucial when collecting ESI. Like any project, it’s always smart to start at the end, by asking “what does done look like?” Begin by defining the scope of the collection. Identify and interview the custodians and consider the data storage locations. Narrow the collection as much as possible — by date range, file type, or other criteria. In most cases, it is usually unnecessary to collect everything.
The first objective then is simple: Collect only the data that is needed. Make reasonable efforts to identify potentially relevant ESI and keep the collection effort proportional to the needs of the case.
Maintain the integrity of the collection
Next, it is important to maintain the integrity of the collection. If ESI is collected improperly, it increases the risk of problems later in discovery and could result in spoliating metadata. For example, if a case turns on whether or not a party knew something on a specific date and an electronic document resolves that issue but it was collected in a way that altered or did not preserve the file or system metadata, then the party advancing the argument is going to have difficulty making their date-specific point.
In most cases it is necessary to produce metadata. If not collected properly, it may not be possible to produce metadata and it is often difficult to go back and do it again. Use of proper collection tools and a write-blocking device that prevents alteration of the data is a simple solution.
Quality assurance and validating measures are necessary, too. Perform a file hash analysis prior to and after collection. This ensures the integrity of the data by confirming the file has not been altered during collection.
Document the collection process
Third, document the collection process. The ESI that is collected may be evidence in a legal proceeding and there are rules for the proper admission of evidence in court. Make sure that whoever collected the ESI prepared a collection log or acquisition report and that chain of custody documentation is completed showing what data was collected and who handled the data.
Documentation like this not only memorializes what was done, but speaks also to the integrity of the collection itself. This documentation will also assist in authentication and admissibility of the evidence in later proceedings.
But who should collect the data?
Many organizations face the initial question of whether to outsource collection processes or perform them internally. There are benefits and risks in both methods. One benefit of outsourcing is to transfer the risk associated with a technical process to trained professionals accustomed to performing such work. Few organizations are staffed with forensics experts, and few have the tools necessary to perform a proper collection. Engaging a service provider for this purpose mitigates and transfers the risk to that service provider.
One thing’s for sure: self-collection remains the least favored means of collecting ESI. It is rarely a good idea to subject individual custodians to scrutiny regarding how they collected their own data. But in addition, individual custodians may not recognize the relevance of some ESI, and the process of self-selecting ESI may lead to errors and/or inadvertent spoliation. Trained technicians, on the other hand, are accustomed to collecting ESI, can provide expert testimony if necessary, and they are able to prepare the necessary documentation.
That said, there are relatively simple and affordable tools on the market that make collecting ESI defensible. The question for the organization and their counsel is how much risk they are willing to assume in connection with the collection.
Each collection project turns on its own unique circumstances. The collection method used should be based on the needs of the case. Regardless of which collection tool is used, the objectives outlined here provide the framework for developing a defensible collection process. That process should include planning and scoping the collection, trained personnel who use write-protecting tools and quality assurance measures, and the completion of documentation to memorialize the collection.
Mike Quartararo is the managing director of eDPM Advisory Services, a consulting firm providing e-discovery, project management and legal technology advisory and training services to the legal industry. He is also the author of the 2016 book Project Management in Electronic Discovery. Mike has many years of experience delivering e-discovery, project management, and legal technology solutions to law firms and Fortune 500 corporations across the globe and is widely considered an expert on project management, e-discovery and legal matter management. You can reach him via email at [email protected]. Follow him on twitter @edpmadvisory.