electronic discovery compliance meeting the challenges avoiding a trial by fire l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Electronic Discovery & Compliance: Meeting the Challenges - “Avoiding a Trial by Fire….” PowerPoint Presentation
Download Presentation
Electronic Discovery & Compliance: Meeting the Challenges - “Avoiding a Trial by Fire….”

Loading in 2 Seconds...

play fullscreen
1 / 37

Electronic Discovery & Compliance: Meeting the Challenges - “Avoiding a Trial by Fire….” - PowerPoint PPT Presentation


  • 195 Views
  • Uploaded on

Electronic Discovery & Compliance: Meeting the Challenges - “Avoiding a Trial by Fire….”. Timothy Wells Information Governance Specialist EMC Corporation wells_tim@emc.com. Agenda. Who Are We and How Did We Get Here? A Brief Background of e-Data, Compliance, the FRCP and eDiscovery

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Electronic Discovery & Compliance: Meeting the Challenges - “Avoiding a Trial by Fire….”' - garson


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
electronic discovery compliance meeting the challenges avoiding a trial by fire

Electronic Discovery & Compliance:Meeting the Challenges -“Avoiding a Trial by Fire….”

Timothy Wells

Information Governance Specialist

EMC Corporation

wells_tim@emc.com

slide2

Agenda

  • Who Are We and How Did We Get Here?
    • A Brief Background of e-Data, Compliance, the FRCP and eDiscovery
  • What's Next and Why Should I Care?
    • 2010 Drivers and Landscape
    • Costs and Risks of e-Information
  • What's An Enterprise To Do?
    • Information Management (Email, Archives, Records, etc.)
    • eDiscovery Process and Infrastructure
  • How Can We Justify Our Spend?
    • The Road To ROI
  • What's Our Next Step?
    • Conclusions and Next Steps
  • How About Some Free Advice?
    • Q&A
emc ediscovery compliance team
EMC eDiscovery & Compliance Team
  • An Expert, Diverse Team of 90+ Professionals
    • Industry-leader Kazeon & SourceOne Family
    • Focused on eDiscovery
      • Industry best, dedicated sales team
      • Dedicated Legal / SME Team
      • Product management and support
  • Leading-Edge Activities
    • The Sedona Conference
    • Electronic Discovery Reference Model (EDRM)
    • ARMA
    • Webcasts, Podcasts, Articles, Speaking engagements

CT

TX

CA

NY

CO

GA

MA

slide4

Digital Information Created, Captured, Replicated Worldwide

Exabytes

2501 exabytes

5-fold Growth in 4 Years!

DVD

RFID

Digital TV

MP3 players

Digital cameras

Camera phones, VoIP

Medical imaging, Laptops,

Data center applications, Games

Satellite images, GPS, ATMs, Scanners

Sensors, Digital radio, DLP theaters, Telematics

Peer-to-peer, Email, Instant messaging, Videoconferencing,

CAD/CAM, Toys, Industrial machines, Security systems, Appliances

1,713 exabytes

487 exabytes

487 exabytes

Source: IDC Digital Universe White Paper, Sponsored by EMC, May 2009

perfect storm drives the need for efficiency
Perfect Storm Drives the Need for Efficiency

Information explosion

70% of information is created by individuals but enterprises are responsible for the security, privacy, reliability, and compliance of 85%

Your “digital shadow” is larger than the digital information you actively create about yourself

More lawsuits and regulation

Widespread belief that deregulation was a failure

Food and drug safety

Climate change, and environmental concerns and sustainability efforts

Financial meltdown

Workplace/unions

No New Budget

Do more with less

Enterprise Information Management – How do you get started?

years after frcp amendments
Years After FRCP Amendments…

Errors Generate Sanctions and Headlines

Scenario 1:

Lawyers for a company produced a small batch of relevant e-mails about 10 hours before trial. U.S. District Court Judge Marilyn Hall Patel declares “Heads will have to roll.” According to reports, the punished company had reviewed terabytes of information for this case.

Scenario 2:

Company hit with an $8.5 million penalty for mistakes with its own discovery of e-mail relevant to a patent lawsuit. As federal courts emphasize the responsibility of parties to conduct thorough discovery searches, more such mishaps are likely.

State of Readiness: Unprepared

  • 57% of law firms: Clients are not ready to find and produce information relevant to litigation
  • 39% of In-house: Company is not prepared for e-discovery

“Companies Not Ready For E-Discovery”, http://www.informationweek.com/blog/main/archives/2008/09/ companies_not_r.html, posted 9/23/08 (Andrew Conry-Murray, Information Week). Survey from Oce Business Services.

pension committee case guidance from the bench
Pension Committee CaseGuidance from the Bench

Pension Committee provides guidance related to litigation holds, preservation and search methods, and appropriate behavior by organizations charged with delivering relevant data as part of a civil litigation matter.

Some insight from Judge Scheindlin:

  • Courts cannot expect perfection. They do expect that litigants and counsel take necessary steps to ensure that relevant records are preserved when litigation is reasonably anticipated. One requirement noted by the judge is written hold notifications be issued to and acknowledged by all potential custodians.
  • Failure to preserve evidence, electronic or paper, resulting in the loss or destruction of relevant information is "surely negligent" and depending on the circumstances, may be "grossly negligent" or "willful."
  • Preservation of backup tapes can be required if they are the sole source of relevant information related to the matter.
what is ediscovery

Audit

Litigation

Investigation

Public

Disclosure

State and federal regulators, IRS, OSHA, SEC, NASD, FINRA, HIPAA, Data Privacy & Protection

Internal and external audits of books and records, Defense Contractor Audit, Govt Contract Audits,etc.

Federal, State and Local - Freedom of Information Act, Open/Public Records Acts

Current and reasonably anticipated state and federal litigation

What is eDiscovery?

Electronic discovery (eDiscovery) is the process in which electronically stored information (“ESI”) is searched, collected, preserved, analyzed, and reviewed for legal and regulatory proceedings.

8

slide9

Agenda

  • Who Are You and How Did We Get Here?
    • A Brief History
  • What's Next and Why Should I Care?
    • 2010 Drivers and Landscape
    • Costs and Risks of e-Information
  • What's An Enterprise To Do?
    • Recommendations and Initiatives
    • eDiscovery Process and Infrastructure
  • How Do We Justify That?
    • The Road To ROI
  • What's Our Next Step?
    • Conclusions and Next Steps
  • How About Some Free Advice?
    • Q&A
2009 outlook hint it hasn t changed much for 2010
2009 OutlookHint: It hasn’t changed much for 2010….

Forrester: “As one outcome of the current macro-economic environment… expect more litigation and regulation in 2009.”

  • Regulatory investigations
    • Fallout from the financial crisis = enhanced regulation
  • Employee Litigation
    • Layoffs generate lawsuits and investigations
  • Shareholder derivative actions
    • Reporting, drop in stock, financial crisis
  • Aggressive IP Practices
    • Seeking additional revenue sources
  • CFO Oversight
    • Weaker economy results in pressure on expenses - including legal

"A tidal wave of

wrongful termination

lawsuits is expected in

the coming months..."

Los Angeles Times

Sources: Forrester: “Trends 2009: eDiscovery”, Brian Hill, 1/15/2009

“As companies increase layoffs, lawsuits are likely to follow”, Carol Williams, Los Angeles Times, 12/28/08

the costs of ediscovery
The Costs of eDiscovery

$1.5M

Average Cost

Per Incident

89%

Of Companies

Face Litigation

10x

Increased Costs

To Outsource

$34M

Average Annual

Legal Costs

$18M+

Cost to Review

1 TB of Info

slide12
E-mail Is Most Requested Content in Legal Proceedings and Regulatory Investigations…But Not the Only Electronic Information requested

E-mail and attachments

80%

General office productivity

60%

E-mail residing on:

Database records

49%

Invoices and other customer records

41%

Financial statements

36%

Phone call recordings and other

29%

Digital images

25%

Laptops

Desktops

Instant messages

21%

File servers

Video files

16%

E-mail servers

Other

5%

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

Source: ESG Research Report: 2007 E-mail Archiving Survey, November 2007; based on 107 respondents

To the best of your knowledge, which of the following record types has your organization been asked to produce in a legal proceeding or regulatory inquiry?

web 2 0 on the horizon
Web 2.0 On the Horizon
  • Blogs: 48% for industry, 33% in government
  • Wikis: 44% industry; 38% in government.
  • Facebook: 44% industry; 28% government
  • YouTube: 26% of government responders; 25% of industry
  • Virtual World / Second Life (typically used for recruitment or web conferences): 13% of industry responders and 10% of government responders.

IDC, Survey Shows Glimmers of Hope for Government Web 2.0, Adelaide O'Brien, August 26, 2009

slide14

Agenda

  • Who Are You and How Did We Get Here?
    • A Brief History
  • What's Next and Why Should I Care?
    • 2009 Drivers and Landscape
    • Costs and Risks of e-Information
  • What's An Enterprise To Do?
    • Recommendations and Initiatives
    • eDiscovery Process and Infrastructure
  • How Do We Justify That?
    • The Road To ROI
  • What's Our Next Step?
    • Conclusions and Next Steps
  • How About Some Free Advice?
    • Q&A
slide15
Establish Boundaries Around Information Management…Use the appropriate process for cost & risk management

Enterprise Content Subject to Compliance Control

Unstructured Content

Unmanaged Unstructured Content

Managed Unstructured Content

Email Systems

Content Management

Network File Shares

Collaboration

Common Services

Desktops & Laptops

Custom

Classify/Archive

eDiscovery

Structured Content

Policy Enforcement

Page-Oriented Data

LegacySystems

Disposition

Database Content

Physical Records

Line-oriented Data

Email Archive

Structured Content

Manage In-place Fixed Content

electronic discovery reference model edrm
Electronic Discovery Reference Model (EDRM)

“IT organizations that have an electronic information inventory, active policy management and archiving solutions, and a repeatable process in place for e-discovery will spend up to 50% less on e-discovery … than those that do not.” ~ Gartner

Information

Management

Retain or delete based on value

eDiscovery Process

Bring eDiscovery in-house

Processing

Preservation

Information

Management

Identification

Review

Production

Presentation

Collection

Analysis

segment data by business value
Segment Data by Business Value

Compliance

Archive

  • Official business record
  • Long-term retention

Compliance or

Native Archive

  • Referential
  • Modest retention
  • Required for discovery

Native Archive

  • Non-record
  • Compliance-driven
  • Enforced deletion
potential esi
Enterprise Email Server(s)

Local Email stores (pst, etc.)

Relational databases

CRM

Accounting / Financial Data

Fileshares

Content Management

Instant Messaging

Video and voice captures

Backup / DR tapes

Wikis & Blogs

Legacy data

User desktops

CDs, DVDs

PDAs / Wireless phones

Flash drives

Home offices

Legacy / stray tapes

Decommissioned servers

Computer graveyard

Stray drives

Archives

Potential ESI
common questions for it infrastructure
Common Questions for IT Infrastructure

What content do I have on my storage?

Microsoft SharePoint, file shares, laptops?

Is it appropriate? Is it where it should be?

What kind of resources is unmanaged content consuming?

What does it cost me?

Is it on the right tier? Should I archive it?

What business records are out there that I don’t know about?

What kind of risk are we carrying?

What if there is confidential or private content or content subject to regulation out there?

How can I clean up my storage?

Can I safely delete content that doesn’t have business value?

What information do I need to archive and retain?

file remediation classification

Classification

Action

Attributes

Non Record

Delete

Lunch, Gym, emails, MP3s, etc

Referential Record

Short Retention

Mkt. PowerPoint, Meeting Notices, etc.

Move to RM System

Contracts, Invoices, PII, etc

File Remediation / Classification

Record

Infrastructure

intelligent information governance with emc
Intelligent Information Governance with EMC

EMC Celerra,Data Domain, Centera

Laptops and desktops

File systems

E-mail servers

Documentum

Documentum

Microsoft SharePoint

Microsoft

SharePoint

Third-party archives

The cloud

EMC SourceOne File Intelligence

Enables educated decision-making and policy creation

Copy/move to archive storage

Copy/move to enable records

Identify content to migrate to

Copy/move to cloud storage

sourceone file intelligence how it works
SourceOne File Intelligence: How It Works

Catalog

Analyze

Act

Classify

Search

Report

  • Crawl data sources
  • Build index
    • Metadata basic
    • Metadata with document type
    • Metadata with hash
    • Deep crawl full text
    • Deep crawl with classification
  • Classify files based on metadata, keyword content, and pattern matching
  • Age, owner, location, file type, etc.
  • Business value, security risk, intellectual property, PII, PCI
  • Analyze data with search and report tools
    • Semantic search with Boolean, proximity, stemming, phrase support
    • More than 30 pre-built reports out of the box
    • Custom reports as needed
  • Robust action set
    • Move, copy, delete, retain, export, tag
  • Policy-based actions
    • One-time
    • Scheduled
    • Recurring
rich data classification
Rich Data Classification

Classify files by attributes

High business value

Files created or modified in the last 30 days

Files owned by company executives

Medium business value

Files not accessed in the last 90 days and not modified in the last 180 days

.PST files

Low business value

Files not accessed in the last 180 days

MP3/MP4, JPEG, MOV files

Classify selected files based on file content and metadata

Files with “Confidential” content

e.g., source code files, patents, product manuals, contracts, etc.

Files containing non-public information

e.g., Social Security numbers, credit card numbers etc.

Classify files based on IT or business input

Administrator tags

Line-of-business tags

User tags

file visibility and remediation
File Visibility and Remediation

Reduce risk, lower costs, and improve efficiency

Gain insight into unmanaged file content through granular file-level visibility and reporting

Identify opportunities to optimize storage environments where static data is consuming valuable IT resources

Locate and safely delete content to reduce risk, reduce data volume, and improve operational performance

Reduce risk by migrating content to a secure archive or repository for ongoing policy management

Migrate content to virtualized, deduplicated, and cloud platforms to improve performance and reduce costs

litigation hold collection spectrum
Litigation Hold / Collection Spectrum

Tape

Custodian–Driven Holds & Collection

Enterprise / Automation

  • Custodians do hold/collection of own items
  • Cheap, simple
  • Shifts burden of work
  • Risk of “Faux eDiscovery”
  • Can be difficult to do correctly(e.g. Cache La Poudre)
  • Loss of metadata
  • System-based collection of main repositories
  • Fast, efficient
  • Great ECA
  • Justify initial investment

Last resort

Moderate risk / low

ESI Complexity

Best practice

Forensics

  • Pull daily / weekly monthly tapes
  • Deceptively easy and simple (it’s not!)
  • Cons: (Not enough room)
  • Take images of all targeted devices
  • Very complete
  • Expensive
  • Significant over-collection
  • Scalability
  • Good tool to have – not in all cases

Focused Use

As Needed

emc ediscovery data flow

@

EMC eDiscovery - Data Flow

Desktops

Fileshares

Exchange Server

EMC Documentum

Microsoft SharePoint

Step 1

Step 2

Step 3

Step 4

Step 5

Knowledge workers create electronically stored information (ESI) on data sources as usual; this solution requires no changes to data creation processes and no agents to be deployed on data sources

The solution indexes (harvests) the ESI on the data sources to gather intelligence about the stored data

Investigative users search the indexes to determine what ESI is relevant

Relevant ESI is secured and placed on legal hold on immutable storage

Investigator culls through held data and generates production sets for use in legal review by outside counsel or hosted review vendor

slide27

EMC SourceOne eDiscovery Kazeon

Case

Management

  • Legal Hold reporting dashboard
  • Legal Hold workflow management
  • Segregate data and cases by role
  • Built-in and custom reports
  • Agent-based & agent-less collection
  • Full and incremental collections
  • Laptop / Desktop Collection
  • Single-step targeted collection
  • Multiple target repositories

Preservation

and Collection

Analysis

and Review

  • Distributed and collaborative review
  • Email analytics and threading
  • Concept search and analysis
  • Interactive tagging and review
  • Highly scalable for multiple case support
enterprise information governance solution
Enterprise Information Governance Solution

File

Shares

Avamar Backups

Snapshots

Document

Repositories

SharePoint

Documentum

PST

PST

PST

PST

S1 Supervisor

Regulatory ComplianceReview Sampled Messages

MS Exchange 2003 / 2007 / 2010

Lotus Notes / Domino

Messaging Servers

S1 eDiscovery – Kazeon

Includes Connectors for:

File Shares

Home Drives (laptops & desktops)

Exchange & Notes / PSTs & NSFs

Documentum

SharePoint

S1 Email Archive

SourceOne

Archive

Other Content Repositories

Currently two step collection and unified matter management for:

FileNet, Content Manager, GroupWise and other sources

Email & IM

MS SharePoint

File Archiving

In-place

Legal Hold

Target

Legal Hold

Collect

Legal Store

Preservation

Server

Desktops, Remote Offices,

and Laptops

Legal Hold /

Legal Store or

Preservation Store – Celerra, Centera, Data Domain & others

slide29

Agenda

  • Who Are You and How Did We Get Here?
    • A Brief History
  • What's Next and Why Should I Care?
    • 2009 Drivers and Landscape
    • Costs and Risks of e-Information
  • What's An Enterprise To Do?
    • Recommendations and Initiatives
    • eDiscovery Process and Infrastructure
  • How Do We Justify Purchases in 2010?
    • The Road To ROI
  • What's Our Next Step?
    • Conclusions and Next Steps
  • How About Some Free Advice?
    • Q&A
challenges
Challenges

In 2010 IT Budgets are flat or declining *,

but eDiscovery is not discretionary and the money is already being spent

  • IT
    • FTEs spending time on restores of historic data based on vague requests by Legal
    • No ability to delete because of a lack of insight into data, and unrealistic policies from Legal
  • Legal
    • Massive over-collection (“screw drivers and wheel barrels”), leads to huge legal review and processing costs by outsourcers (1 gig = 50,000 files for review)
    • Risk of sanctions for deleting the wrong thing leads to over-preservation (“save everything”)
  • *“Global purchases of IT goods and services … will equal $1.66 trillion in 2009, declining by 3% after an 8% rise in 2008.” Global IT Market Outlook: 2009, Forrester Research, 1/12/2009
ediscovery and rim roi

“Between 10% and 90% of what [clients] have does not need to be retained for any reason.”

Budget roughly $500,000 on IT support for cases involving 10 or more custodians and/or more than three different systems

One terabyte of data can result in $18.75M in legal review costs

Unprepared companies will spend 1/3 more on e-discovery than those with content archiv-ing solutions.

ROI Factors

eDiscovery and RIM ROI

“Organizations unprepared for e-discovery in 2009 will be at a disadvantage … open to potential sanctions from an increasingly technically literate U.S. judiciary. As defendants, organizations need to respond quickly and effectively ... As plaintiffs, organizations must have their ESI house in order and be prepared for reciprocal discovery requests…”

Gartner, “Reduce the Cost and Risk of E-Discovery in 2009”, D.Logan & J. Bace, 1/9/09

the cost of ediscovery
The Cost of eDiscovery

Notice

Percentage of discovery costs when proceedings

or investigations involve the discovery of ESI:*

Collection

  • Costs associated with document collection from inaccessible locations

28%

Hold

  • Cost of holding massive volumes
  • Unanticipated legal risk
  • Spoliation risk

20%

Inspect/Review

  • Cost directly related to number of documents to review

35%

Produce

  • Cost of delivering ESI to various recipients on various media (e.g., CD, DVD, or paper)

17%

* Source: Enterprise Strategy Group, 2007

straightforward roi
Straightforward ROI

“T]he payback period for an e-discovery investment is very short, on the order of three to six months after implementation takes place.”[1]

[1] “MarketScope for E-Discovery Software Product Vendors”, Gartner, Inc., 12/17/08.

slide34

Agenda

  • Who Are You and How Did We Get Here?
    • A Brief History
  • What's Next and Why Should I Care?
    • 2009 Drivers and Landscape
    • Costs and Risks of e-Information
  • What's An Enterprise To Do?
    • Recommendations and Initiatives
    • eDiscovery Process and Infrastructure
  • How Do We Justify That?
    • The Road To ROI
  • What's Our Next Step?
    • Conclusions and Next Steps
  • How About Some Free Advice?
    • Q&A
next steps
Next Steps
  • Get Cross-Functional
    • IT Meet Legal; Legal Meet IT
  • Assemble Your Case
    • Collect data, anecdotes, research
  • Top-Down
    • Focus initial work on high impact areas
  • Let EMC Help
    • We know your information
    • Our team can facilitate next steps
  • Knowledge Is Power
    • EMC eDiscovery and Compliance (www.emc.com/ediscovery)
    • Bringing eDiscovery In-House (For Dummies): (www.emc.com/ediscovery4dummies)
    • The Sedona Conference (www.SedonaConference.net)
    • EDRM (www.edrm.net)
slide36

Agenda

  • Who Are You and How Did We Get Here?
    • A Brief History
  • What's Next and Why Should I Care?
    • 2009 Drivers and Landscape
    • Costs and Risks of e-Information
  • What's An Enterprise To Do?
    • Recommendations and Initiatives
    • eDiscovery Process and Infrastructure
  • How Do We Justify That?
    • The Road To ROI
  • What's Our Next Step?
    • Conclusions and Next Steps
  • How About Some Free Advice?
    • Q&A