Recent amendments to the Federal Rules of Civil Procedure (FRCP) (for more information, please click here) require organizations involved in litigation to know where their information is stored — and to be able to quickly search and retrieve all “reasonably accessible” data.

In a 2002 employment discrimination case (Zubulake v. UBS Warburg), the court found the defendant’s failure to provide relevant electronically stored information — including email — warranted the imposition of monetary sanctions and an adverse inference to the jury. Subsequently, the jury awarded the plaintiff a $29.3 million verdict, of which $20.2 million were punitive damages.

Failure to preserve and retrieve relevant data, even when unintentional, can result in harsh penalties and adverse judgments. For companies that use Lotus Notes, data — email, calendar entries, Sametime instant messages, Notes applications, and even documents produced outside the context of Notes — are all subject to search and subpoena for legal purposes.

Preparing a Notes environment for the rigors of the e-discovery process can be a daunting task, not just technically, but culturally. While the entire process of finding, retrieving, and reviewing potentially relevant data can be outsourced to specialized vendors, the costs can be prohibitive. More and more organizations are finding it advantageous to develop an in-house e-discovery process. What form this takes can vary by industry, legal requirements, infrastructure, and budget, but the primary motivation, of course, is cost. In addition to the costs of lawyer review, most data retrieval vendors charge a per-gigabyte fee to search and process data. With electronic data discovery (EDD) fees typically in the $800 – $1400 per GB range, costs can quickly spiral out of control.

Setting realistic expectations for what work can be performed efficiently and cost-effectively in-house vs. where outsourcing makes sense is critical. Turnaround time is also a factor, as data must be retrieved in a timely manner. Even in instances that require outside expertise along the way, it’s easy to see that having an in-house search capability to reduce the potentially relevant data set from, say, 100 GB to 10 GB can be a wise investment.

In fact, the savings realized in a single case alone may more than justify the cost of implementing internal e-discovery and/or email management solutions.

Easing disruption to day-to-day business operations, reducing overall liability and risk, and complying with regulatory requirements (SEC, IRS, FDA, etc.) are all added intangible benefits. Freedom of information requirements, criminal complaints, and internal investigations (termination, harassment, security) may also come into play, as well as simple improvements in the management of the beginning-to-end data life cycle.

A key determinant for the success of an in-house e-discovery process is who takes ownership of the process. Let’s face it: litigation is unpleasant and disruptive. And from the standpoint of the Notes or IT administrator, it’s not exactly their field of expertise. But that doesn’t get them off the hook. The legal department may very likely take the position that data retrieval is strictly an IT function. The truth is, both sets of players need to be intimately involved, in terms of both what is to be searched (and where), and in understanding the ins and outs of whatever search solution you’ve adopted.

First off, know what needs to be searched. Mail is most common, and from a Notes-centric perspective, the most obvious. But, does that include attachments? Probably.
Other considerations:

  • Does email need to be preserved or journaled?
  • Under what circumstances are users allowed to delete email?
  • What about Sametime Chat Logs or other retained instant messaging?
  • Do document retention polices need to be applied universally or only to a handful of key users (in legal terminology, who are the “custodians”)?
  • Are Notes applications outside of email susceptible to electronic discovery?
  • Do stores outside of Notes, such as data maintained on file shares, need to be searched?
  • Is searching the central data repositories sufficient, or do searches also need to extend to replicas, archives, and other data that may reside on users’ local workstations?
  • Are there criteria other than content that need to be considered, such as document age or last modified date?
  • How can confidential (“privileged”) information be excluded?
  • Should duplicate documents in the search results be excluded?

These are technical issues that the legal team may not think to ask but that will be crucial to the success of an organization’s e-discovery efforts.

Other online resources:

Thanks to Marta Farensbach and Steve Treible for additional contributions to this posting.