• Join our Communities!

  • Twitter Updates

    Error: Twitter did not respond. Please wait a few minutes and refresh this page.

  • Disclaimer:

    The information in this weblog is provided "AS IS" with no warranties, and confers no rights. The opinions and interests expressed on this employee blog are the employees' own and don't necessarily represent EMC's positions, strategies or views. Inappropriate comments will be deleted at the authors discretion.

eDiscovery and Sharepoint

I am consistently surprised that the eDiscovery of Microsoft Sharepoint repositories does not strike more fear into organizations.  Sharepoint is complex, contains different types of documents/objects, can have rich metadata and is a key repository for business content.  Yet most organizations that we talk with state that they are not concerned with their ability to handle eDiscovery work on Sharepoint sites.

There are several potential reasons for this hands-off attitude:

– There are no significant reported cases where a party was sanctioned for failing to properly preserve or collect content from Sharepoint.  I did some of my own research in a few eDiscovery caselaw databases, and none of my searches located the word “sharepoint” in connection with a sanctions motion;

– Few litigants seem to be asking for Sharepoint content during discovery.  (Of course this is not a valid reason for organizations to ignore it.  The duty to preserve and produce ESI is not tied to whether the other party asks for the content.  But in reality, if both sides bury their heads in the Sharepoint sand, then no one knows whether relevant content is being ignored).

– Most organizations lack the tools and capabilities to discover from Sharepoint, at least beyond basic Office documents that might be stored in a site.  Whether Legal is aware that IT is not undertaking discovery of Sharepoint sites is a good question to ask.

What makes Sharepoint more complex than a fileshare, at least in eDiscovery?  Many different types of content can be stored in a site:  documents, email messages, OneNote files, webpages, community posts, microblogs, Lync IMs, and more.  Not all of this content is readily accessible, so eDiscovery teams may have difficulty in locating relevant content.  Even when found, the preservation and collection of that content can be difficult.

Metadata in eDiscovery is often a misunderstood issue, and Sharepoint has a lot of metadata.  For example, each user can define a set of metadata tags for use with documents.  This information is arguably not relevant in many cases, but it may be useful or important in locating relevant documents.  And since one cannot rule out relevancy before a case even begins, organizations need a plan to capture this information when necessary.

A more advanced but still important concern is with authentication and admissibility of the Sharepoint content.  The creator of a document can often be difficult to determine, even on a fileshare where the “owner” of that document may be clear (based on the directory structure).  In Sharepoint, the situation can be far murkier due to its collaboration capabilities.  For example, multiple parties may have contributed to a document but the identified owner and creator may not be part of that group.  (For some great background on these issues, download The Sedona Conference Commentary On ESI Evidence & Admissibility).

What can you do?

– Legal and IT should get together to discuss the organization’s Sharepoint deployment and determine whether it is (or should be) on the Data Map; and if so, how content can best be located, preserved and collected when necessary.  Microsoft has added some eDiscovery capabilities to Sharepoint 2013 but whether those features are sufficient, and how to handle prior versions of Sharepoint, remain a concern;

– The organization should consider (now!) policies relating to the retention of Sharepoint content.  This is a great step to take before the situation becomes too difficult to handle because Sharepoint adoption tends to grow very rapidly.

Advertisements

Archiving: The Secret Sauce to IT Transformation (Part 2)

Lady Backup asserts that there is a key enabler in IT transformation that EMC hasn’t paid enough attention to: archiving.
To understand why, let’s look at the 3 key benefits of archiving:
Benefit 1: Archiving increases operational efficiency.
How old are the emails stored in your email system? How frequently are files older than a year accessed in your file servers? How many sites are sat untouched in SharePoint?
Archiving allows you to be smart in how you retain content by storing aged content outside of your production environment. First, this reduces the storage capacity required. But also a lean production environment improves backup and recovery, increases application performance, and eases application maintenance/upgrades.
Benefit 2: Archiving improves end user productivity.
Data growth is not just a challenge for the infrastructure – it is also a challenge for end users to find content.
Take this scenario: you are trying to find a Word document created a year ago. Was it sent to by email? Did you save it to your PC hard drive? Or did you store on a network drive? Or maybe it was uploaded into a SharePoint site? Where do you look first??
Your archive can be the first stop for users to do granular searches for content, saving time hunting around for the file or worse, recreating it because it can’t be found.
Benefit 3: Archiving consistently manages retention policies.
Retention management not only keeps your data volumes under control, but from a corporate governance perspective you can consistently enforce retention policies.
Archiving allows you to consistently and automatically execute policies that meet your company’s policies and/or your regulatory requirements.
Let’s face it – data volumes are challenging a “keep everything forever” mentality.
Next week, we’ll look at considerations for an archiving solution. LB

Machine Learning For Document Review: The Numbers Don’t Lie

Jim Shook

Jim Shook

In light of Magistrate Judge Andrew Peck’s recent decision in Da Silva Moore v. Publicis, much has been written and discussed about the idea of using machine learning techniques to automatically classify documents during review, a process sometimes known as “predictive coding” or even “computer assisted review”. (Although these terms may actually imply different technologies and processes this article adopts Judge Peck’s umbrella use of the term “predictive coding”). This article explores some of the key issues around this promising intersection of law and technology.

What Is Predictive Coding? How is It Used?

At a simple level, predictive coding is just a technological “lever” that allows a (relatively) small amount of review work – usually by humans — to be leveraged across a much larger set of documents. Let’s say Continue reading

Information Taming Technologies – The New Buzz Phrase?

IDC published their key findings from the annual Digital Universe study (sponsored by EMC), highlighting just how much information we’re all creating and using.  In EMC’s press release, we highlighted the following:  “Information Taming” technologies are driving down the cost of creating, capturing, managing and storing information—one-sixth the cost in 2011 versus 2005.”  Information Taming Technologies!  What a name!

I would consider the SourceOne family of Information Governance products to be “information taming technologies.”  For example, SourceOne products can help archive inactive content from production environments. This leads to improved application performance, improved backup operations and reduced costs through tiered storage – all while preserving the user experience.  If those benefits are delivered, I would say Continue reading

Forensic Imaging – eDiscovery Overkill?

This week I had the pleasure of working with Brian Babineau from  Enterprise Strategy Group on an EMC sponsored webinar on In-House eDiscovery ROI.  During the Q&A session, an attendee asked:

“We use in-house forensic imagining tools to preserve and collect data and send it out to our outside counsel to review.  Why should we move to an in-house eDiscovery solution when this system seems to work well for us?”

I want to explore that concept a little more here because I suspect many corporations are relying solely on these tools to do eDiscovery in order to avoid taking a more focused approach that may have more upfront costs.

If you have an eDiscovery process that in your opinion works, then you should Continue reading

The Ghosts of eDiscovery Past, Present and Future

This is the time of year when many make predictions for 2011.  But while we try to look forward, the reality is that as an industry, we have not yet conquered our eDiscovery challenges from 2010 – or even 2009 or earlier!  In the spirit of the season and with a nod to Charles Dickens’ A Christmas Carol, I decided to take a Scrooge-based approach to eDiscovery.  Without further ado, I present the ghosts of eDiscovery Past, Present and Future.

eDiscovery Past

In the early days of eDiscovery, even before the amendments to the FRCP in December 2006, we all made plenty of mistakes as we learned about this challenging new area.  Many of our problems resulted from collecting and preserving electronically stored information (ESI) from backup tapes; artificially segmenting the eDiscovery process into three stages known informally as “collect stuff”, “throw stuff over the wall” and “review stuff”; and pretending that eDiscovery either was a passing fad, or just could not be as difficult as we had heard.

While the list of mistakes and challenges from the past is virtually limitless (see Ralph Losey’s recent blog entry on this issue), many of these mistakes really boiled down to a few fundamental issues:  a lack of coordination and communication between Legal and IT (and Records Management or “RM”); and a lack of basic knowledge on IT systems from people working in legal roles.

If these ghosts of eDiscovery past continue to plague you, next year resolve to:

  • Have your legal team learn at least the basics about your IT infrastructure;
  • Insure that Legal, IT (and RM) coordinate, communicate and interact on a regular basis; and
  • Have a basic plan, prepared in advance, for what to do when eDiscovery hits.

eDiscovery Present

Over the last year, we continued to struggle with the concept of when sanctions should be awarded for eDiscovery blunders, and how we should determine the severity of those sanctions.  In fact, these are such difficult issues that there is currently disagreement even within the same jurisdiction (compare Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities, et al., 2010 WL 184312 (S.D.N.Y. Jan. 15, 2010) (Amended Order) with Orbit One Commc’ns, Inc. v. Numerex Corp., 2010 WL 4615547 (S.D.N.Y. Oct. 26, 2010)).

But there were several other trends that rang through loud and clear.  One of the clearest trends is that there is significant risk in relying upon employees to preserve and collect their own data for eDiscovery.  (See our “Weekend At Bernie’s” post).  While there is still no absolute prohibition, the problem with “custodian-based eDiscovery” is that employees can be self-interested or uninterested in a case, making it risky to assume that they will do what they are asked.  Even for those who are sufficiently motivated, many will still fail because they are under-educated on both legal and IT issues.  This makes it exceptionally difficult for them to determine what ESI should be retained as relevant to a case, and how to properly find and preserve that ESI.

Another clear trend is that unintentional – and even seemingly minor and understandable—eDiscovery blunders can cascade into prejudicing a case and result in severe sanctions.  (See Harkabi v. Sandisk Corp., 08 Civ. 8203 (WHP) (S.D.N.Y. Aug, 23, 2010).

A trend that has been around for a while, but seems to finally be gaining momentum, is enforcing the point that litigation holds do not begin upon receipt of the first Request For Production of Documents, or even upon being served with a Complaint.  Instead, the hold duty attaches when one can reasonably anticipate litigation, which typically occurs before the data of service (and for plaintiffs, will certainly occur before filing the Complaint).  Courts are beginning to take a closer look at when a party’s preservation process actually began, so companies need to get legal informed about litigation threats so that decisions on holds can be made at the right time.

If these ghosts have the chance of haunting you, next year resolve to:

  • Rely more upon your eDiscovery team of investigators and counsel, and arm them with useful technologies to complete their work.  Merely hoping that your employees are handling the preservation and collection of critical ESI is no longer a viable option;
  • Review your eDiscovery processes to insure that litigation holds are integrated into your business processes.  This will insure that holds can be recognized at the appropriate time and not just after litigation has already commenced.

eDiscovery Future

There are two main roads that the ghost of eDiscovery Future can take.  The first is the obvious road of emerging and future technologies.  For 2011, emerging issues will clearly include the Cloud and social media technologies such as Facebook and Twitter, and we will certainly see some new technologies that we have not yet even worried about.

The second road in the future is more sinister, and relates to issues that we should already be aware of but have failed to adequately address because they have not yet risen to the right level.  These issues are actually riskier because we should be prepared, and mistakes with these technologies may not be viewed in a forgiving light because we should know better.  As a few examples, this group would include legal issues around international data privacy, data stored in Sharepoint repositories, and structured databases.

It is difficult to predict what you should do about the ghosts of eDiscovery Future, but consider a few possible resolutions for the new year:

  • At minimum, update your ESI Map to include basic information about data that may be outside your firewall (such as outsourced Email and other Cloud technologies, Facebook, Twitter, etc.);
  • If you transact business outside the U.S., understand the basics of privacy law and determine whether and how they may impact you in normal litigation matters; and
  • Subscribe to a publication that will keep you updated on the latest legal and technology developments (Law Technology News and its Daily Alert are terrific, free resources).

Good luck in 2011!

Managing Information Chaos

EMC World 2010 in Boston was alive and vibrant.  There was an excitement and buzz around the show that I think was missing last year.  Particularly because I think people are feeling more confident. The economy seems to be on the upswing, which means that budgets and project funding are coming back – even if at a cautious pace.   As we do each year, EMC put on a fantastic show – both socially and from a professional development standpoint.  The show floor was packed, sessions were well attended, and the parties were rocking.  All in an all – it was a super event.

For me personally, this was my 5th EMC World.  This year was different for me.  For one, I’m now based in the United Kingdom, so it is a new experience to travel overseas to my home country for our corporate event.  Second, the messaging around the journey to the private cloud is so pervasive and well targeted.  I think across the board EMC has the potential to really truly change the IT dynamics for our customers – and it is exciting to be a part of the revolution.

For my part, I look at how the SourceOne products have relevance to the private cloud.  Since we announced SourceOne last year, we are on a mission to equate SourceOne with Information Governance, which really plays well to a challenge that customers will have across both the public and private cloud. Information Governance is about the technologies and policies to help our customers to understand what and where information is stored.  I see this concept of information visibility and management being even more of a challenge in the journey to the private cloud.  Information might be stored in a combination of onsite and in the cloud, and without proper management of its lifecycle there is great likelihood of information chaos.

It’s more than a question of what’s stored and where – our view is that Information Governance should help you to understand what you have stored, how it should be classified, how it should be managed and who should have access.  In short, it’s the holistic approach to managing your information across its lifecycle so that it continues to feed your customer service, your competitive advantage and your next innovation.  Whatever your industry, information is at the heart of your business.

I talked with many customers across multiple industries, countries and even organizational sizes at EMC World.  The common theme is that information growth has reached the point where it is weighing down production systems and sprawled in such as way that it’s difficult for anyone to find what is relevant.  For that specific reason, we introduced the SourceOne family – to help you reign in your information chaos.  Over the past year we have evolved the SourceOne family from email management to a broader portfolio that includes eDiscovery, SharePoint management and soon to follow other tools to gain control of your unstructured information.

If you have similar challenges with information chaos as well, why not check out what Information Governance can do for you at www.emc.com/sourceonecity.