I get it. You’re tired of e-discovery. It seems that every presentation and article is an equal measure of technical gobbledygook and proclamations of dire consequences, all culminating in a sales pitch for the next “New Shiny Thing™” that will solve all your problems. Operators, I’m sure, are standing by.
This article isn’t one of those pitches. Instead, it’s a plea. It’s a plea from outside counsel that specializes in efficiently and defensibly solving the challenges posed by electronic discovery. And it’s a simple one: You need to do something about all that data your company is keeping. Unless you’ve already taken affirmative steps to address the explosion in the volume of data that your employees are creating and using, then I can assure you that you have way too much data. And all that data—which you don’t need—is why your next e-discovery case is going to be much more expensive than it needs to be.
But wait a minute, you might say. If we are drowning in data, why hasn’t the IT department said anything? If they aren’t complaining, we must be fine. But what you might not know, though, is that it’s cheap and easy just to buy more storage space. Did you know that the cost of a gigabyte of storage has dropped from roughly $1,000 per GB in 1995 to less than 10¢ a GB in 2015? Your IT department has enough headaches—and enough people annoyed with them—they aren’t going to sign themselves up for more griping by trying to put the company on a data diet.
Usually when I first start working for a client, in my role as e-discovery specialist, they’ve already learned of a lawsuit or investigation where e-discovery is going to be an issue. And that’s terribly frustrating because, by that time, they’ll have tied one hand behind my back. That’s because, once they have a reasonable basis to anticipate a lawsuit or a government investigation is imminent, the preservation obligation has attached. So whatever potentially relevant data your company might have, will need to be preserved. And throughout that matter, we will be challenged by the fact that there is too much.
Data volume is the primary determinant of e-discovery expense. All the various processing steps, data hosting, document review time, and production expenses are charged in such a way that the more data there is, the more expensive it will be. Those costs add up. According to one study, which analyzed data from 35 large-volume e-discovery productions from large corporations in various industries, e-discovery cost between $12,000 to $30,000 per gigabyte reviewed. See N.M. Pace & L. Zakaras, “Where the Money Goes: Understanding Litigant Expenditures for Producing Electronic Discovery,” 2012 found at http://www.rand.org/pubs/monographs/MG1208.html.
My opinion is that those numbers are too low, because they don’t account for the fact that a larger document universe translates into more expense for the non-e-discovery facets of a matter. If you have more documents, it takes longer (and costs more) to prepare for a deposition, engage in motion practice or prepare for hearings or trials. The numbers also don’t take into account that larger data volumes mean a greater risk for non-monetary costs such as the risk of waiving privilege or confidentiality for sensitive information.
So what should we do about this problem? Two things. First, implement an email retention policy (perhaps more accurately described as an email deletion policy). Second, implement a rigorous legal hold policy.
As to an email retention policy, I should note, at the outset, that there are some that would correct me on this and say that a holistic document retention policy is needed. And there is some truth to that. But devising and implementing a universal retention policy can be, depending on the company, a massive undertaking that oftentimes stalls before it is fully realized. From an e-discovery perspective, however, simply addressing the retention of email will provide a tremendous return on investment, because email makes up the overwhelming majority of data in a typical matter.
Email retention policies come in a variety of shapes and sizes, so the particular approach you take can be customized to your company’s particular circumstances. They can take the form of something as simple as a limitation on the size of an employee’s mailbox or, more complex, an automated protocol that deletes email after a defined period of time. The protocol can be set to apply to all email or just certain folders. It’s important to get input from a wide variety of employees so that the email retention policy appropriately targets excessive email storage while not impairing the employee’s ability to do their job. There will also need to be training to explain the purpose for the retention policy and what emails should be kept beyond your selected standard retention period as well as how that is to be accomplished.
The second step is to implement a vigorous legal hold policy. Once a company has a reasonable basis to anticipate a lawsuit or government investigation, it will need to be able to quickly act to suspend the email retention policy to ensure that it is able to meet its preservation obligation. The good news is that the more recent iterations of Microsoft’s Exchange Server—the tool used to run most corporate email environments—makes implementing a preservation directive on an email account very simple. The key is to make sure that there is a process to help ensure that legal holds are properly implemented, since doing nothing would mean that the automatic deletion will continue.
By taking steps now to implement both an email retention and legal hold policy, your company will be far better positioned to avoid unnecessary expense the next time it’s involved in a lawsuit or government investigations. With the money you save, maybe you can splurge on a different “New Shiny Thing™.” Operators are standing by.
Scott Wandstrat chairs the electronic discovery practice at Arnall Golden Gregory.