The information contained in this note is intended to place the IT issues involved in e-discovery in the context of an evolving legal landscape. It does not constitute legal advice, and should not be taken as such. The reader should consult with and obtain the advice of its own legal counsel before taking any actions of significance in any pending or anticipated litigation.

Legal discovery "is the act or process of finding or learning something that was previously unknown." It is the compulsory disclosure, at a party's request, of information that relates to litigation. If your IT group has not yet been involved in a legal discovery action, count yourself among the lucky few. It doesn't mean it hasn't happened — it just means you don't know about it. Consider the following:

A recent survey of 840 companies by the ePolicy Institute and the American Management Association found that one out of every five organizations has received subpoenas for employee e-mail or used e-mail to defend the company against allegations of sexual, racial or other discrimination claims (source: Susan L. Cisco and Wanda K. Jackson, "Creating Order out of Chaos with Taxonomies," The Information Management Journal, ARMA International: The Association for Information Management, 1 May 2005). This is e-mail alone, and only for discrimination claims.

Electronic documents (e-documents) are also becoming the dominant form of evidence requested for civil and criminal litigation purposes. Producing e-evidence may not be so easy. According to an online article from LAW.COM, more than 90 percent of new business records are created electronically, and 40 percent of them are never converted to paper (source: Brian Ingram, "Locate Smoking Guns Electronically." LAW.COM. 29 September 2003. Available at www.law.com/special/supplement/e_discovery/smoking_gun.shtml — accessed 29 November 2005).

Electronic evidence is the predominant form of discovery today. We also have growing evidence that many organizations are unprepared for litigation or criminal prosecution in the digital age. Organizations respond, but often in a disorganized and hasty fashion, which adds cost and risk to the operation.

Preparations for E-Discovery

• Is there someone in the IT department familiar enough with the rules of civil (or criminal) procedure who can accurately capture and produce a computer file that can be entered into evidence without a charge of spoliation?
• Is there an attorney on the in-house corporate legal staff (or outside counsel) who can accurately describe the organization's IT architecture and explain it?
• Does you organization have a clearly articulated document retention policy that takes into account all regulatory mandates and is strictly enforced?

If you answered "No" to even one of these questions, you are not properly prepared.

Electronic legal discovery is a booming business, with the majority of the money going to attorneys, law firms and outsourced providers of legal discovery services. The true internal costs of digital discovery are unknown because there is no process owner, and responses tend to be ad hoc. Although counsel has a good idea of how much is being spent on many things, there are undoubtedly hidden and untracked costs; most of the untracked portion of the cost is attributed to IT.

Right now, most organizations will have to turn to outside experts or service providers to fulfill e-discovery requests. Over the longer term, the costs associated with e-discovery can be mitigated by developing and enforcing meaningful information management policies and implementing content management technology.

The ultimate solution to controlling the costs of unstructured content (for example, word documents, e-mail and spreadsheets) is having a proper records retention program and applying a policy to unstructured content. The principal objective of this series of research notes is to provide IT (not legal) advice on how the organization can prepare for the day when the evidentiary request arrives. Some of the systems, policies and procedures we suggest will do more than prepare the organization for addressing litigation or prosecution. Used wisely, these suggestions can also improve overall corporate performance.

Records Management and Compliance

Gartner continues to write extensively on the subject of records management. Records management and compliance are topics of great interest to enterprises dealing with escalating costs and risks of uncontrolled, unstructured content.

There are many misconceptions in the business world about what needs to be kept and what doesn't. It is by no means incumbent on your company to save everything, although this is what many are doing. However, best practices for retention are emerging, which companies should follow to reduce risks and costs. Case law in this area continues to evolve. Therefore, the IT department must work with counsel to define and implement policies to manage e-content.

We have described the guidance for records retention from a well-recognized third-party source, The Sedona Conference (see "Findings From the 'Compliance and Risk' Research Meeting: Following the Sedona Guidelines Will Minimize Records Management Risks"). For Gartner's own best practices, refer to "Records Management Best Practices Are Becoming Increasingly Important for Compliance" and "Records Management for Compliance Is a Best Practice in Organizational Responsibility."

For organizations that have passed the policy formulation stage of records management and are moving on to implementation, useful research is "Take Seven Steps to Implement Enterprisewide Records Management."

E-Discovery Basics

Judging by our client inquires, the vast majority of companies are literally years away from solving their unstructured content problems via records management. Meanwhile, Gartner clients have an increasing need to know the basics of e-discovery. The following series introduces the concepts, the facts and some of the vendors involved.

"A Primer on the Legal Discovery of Electronically Stored Documents" and "What Every CIO Needs to Know About Legal Discovery" elaborate on the IT department's role in legal discovery. To get an idea of e-discovery costs and the risks to your company, read "The Costs and Risks of E-Discovery in Litigation." These three Research Notes can serve as a brief background for IT professionals. The field of e-discovery is extremely complicated and changing quickly. To advise your company on technology decisions in this area, it is important to at least have definitions and a vocabulary for discussing the issues with your company's counsel.

We've written research specifically about the technology. In "Understanding e-Discovery Technology," we present a generic view of the process of e-discovery and how the software pieces fit together, and explain the various components of the process. In "Understanding the E-Discovery Vendor Landscape," we group vendors in terms of their offerings. This vendor analysis gives IT professionals a place to begin assessing various vendors' capabilities in an often confusing and crowded marketplace.

Finally, we look at computer forensics and how they play a role in discovery and other kinds of civil and criminal investigations. "Proper Preparation Crucial in Digital Investigations" is an overview that compares all three main forms of digital investigation: incident response, e-discovery, and criminal. In "Management Update: Prepare Your Organization for Effective Computer Forensics," we specifically address forensic techniques and tools.