E-Discovery Basics: Collection of ESI (Vol. 1, No. 7)

Employee Self-Collection: This approach involves asking employees likely to possess or control relevant ESI to locate and forward it either to someone on the legal team or to a storage device. It is generally considered to be the riskiest of the options, as employees may overlook relevant ESI and may even be tempted to delete relevant information if their own conduct is under investigation. Additionally, the mere act of opening and forwarding ESI can irrevocably change it. Metadata values may be changed and lost, for example, when a document is opened in Windows without employing specialized collection software. Recent court decisions have held that metadata is an integral part of an electronic document, making parties vulnerable to spoliation claims for its loss or alteration. Enough decisions have questioned employee self-collection that some now consider it an untenable approach. Nevertheless, new tools are emerging that, while not addressing all the potential issues, may at least allow for forensically sound self-collection.

IT-Assisted Collection: This approach involves having employees in a company’s IT department collect relevant ESI using specialized collection software that does not alter the metadata. This option is popular with many businesses but can pose challenges where the IT department lacks experience in collecting data for use in litigation or where appropriate software tools are not used. Maintaining chain of custody logs can be burdensome, and the work involved can result in a decline in the IT department’s productivity. Additionally, over-collection is sometimes associated with this approach, as IT departments may "copy everything" to avoid needing to revisit a data source later. This can result in significant additional costs at the review stage. Companies also should consider the potential drain on their resources if IT personnel have to testify in defense of the collection process.

Outside Assistance: This approach entails retaining an outside vendor or certified forensic examiner to collect relevant ESI. It may avoid risks associated with the "DIY" approaches but can involve a range of costs, from modest to substantial, depending on the nature of the matter and the volume of relevant data. Specialists may collect the data on-site or, in some circumstances, remotely. They will likely have established procedures, maintain comprehensive documentation, and be prepared to testify as to the methodology and defensibility of the process. Companies should consider the costs of such outside help relative to the risks mitigated and the importance and amount in controversy of the matter.

The Hybrid Approach: To manage costs while obtaining some or all of the advantages of outside help, it is becoming increasingly common for companies to employ a combination of IT-assisted collection and the assistance of an e-discovery vendor or consultant. This approach typically involves the vendor or e-discovery consultant working with and overseeing the IT department in making the collection in a forensically sound and defensible manner.

Collection is an area where one size does not fit all, so companies and their counsel should carefully consider which approach is appropriate under the circumstances of a particular case or investigation.

In our next installment of E-Discovery Basics, we will discuss processing and review of ESI.

Other installments in our E-Discovery Basics series are available here.

If you would like to subscribe to future installments of E-Discovery Basics, please click here.