If your organization recently received a complaint or is facing a dispute that could lead to litigation, your in-house legal and IT teams will need to preserve all electronically-stored information (ESI) pertinent to those disputes.
With businesses projected to increase their spending on enterprise software by 6.2% to $3.9 trillion in 2021. You’ll likely be turning to Office 365 email messages, Slack conversations, Box files, and other ESI sources to locate important evidence. Many enterprise platforms offer some eDiscovery features, especially those relating to data retention and data loss prevention. But it’s very likely that you will need a more powerful toolset to support your legal needs. The features included in most enterprise systems may not be enough to guarantee the admissibility of your evidence.
Using specialized third-party tools to complement your software’s built-in compliance and eDiscovery case manager features can help underscore the defensibility of your data handling procedures. It can also help mitigate potential admissibility hurdles down the road.
Here’s how enterprise platform eDiscovery features support your legal hold strategy—and how they can be augmented by legal-centric, third-party eDiscovery apps.
How Built-In Enterprise Compliance Platforms Can Help and Hinder Legal Holds
Many of the major enterprise tools can play a key role in helping you manage your ESI in anticipation of litigation. They can help you avoid ESI spoliation sanctions under the Federal Rules of Civil Procedure 37(e).
Office 365, for example, hosts a full-fledged eDiscovery case manager that allows companies to not only conduct keyword searches in specific accounts but also manage retention policies and implement preservation locks to ensure SEC compliance and meet other retention requirements. Box throws in even fancier features as add-ons.
Looking to incorporate AI to locate relevant ESI or self-manage your encryption keys to preserve ESI chains of custody? Done and done. And if you’d prefer running Google searches for ESI files, you can always use Google Vault.
With these features available, what could judges possibly be concerned about? While technical aspects of ESI preservation do matter, judges also want to see that you’ve established a defensible audit trail describing how you carried out your ESI preservation protocols. This means you’ll need to thoroughly document the steps you’re taking to maintain and suspend retention protocols, contact key custodians, and preserve your ESI chains of custody to obviate potential tampering and integrity concerns. It’s in this area where many of the built-in compliance tools in enterprise platforms fall short.
While many of the enterprise platforms do include basic activity log and auditing tools, you’d be hard-pressed to find features that track how businesses are handling true legal holds. These, of course, are the notices your in-house counsel will issue to custodians when notifying them of their duty to preserve evidence. Tracking custodian legal hold acknowledgments, interview and survey responses, and reminders are just as key to showing your business preserved its ESI in a defensible manner.
There’s also the convoluted problem of managing retention policies and collection procedures on these platforms at once. As the Sedona Conference’s 2019 primer on social media evidence notes, users tend to start their communications on one application and then carry them over onto other platforms. In doing so, they’ll incorporate not only text-based communications but also video and other dynamic content.
Therefore, it’s likely that your business will need to collect diverse ESI from multiple platforms and manage multiple retention policies when preserving evidence. In turn, your in-house counsel and IT staff will need to manage and monitor multiple retention policies when preserving this data. This can lead to disjointed collection strategies and increased spoliation risks.
Beyond this, you’ll also have to look out for potential legal hold capability limits on your user accounts, which can vary on a license-by-license basis. Many of the entry-level Office 365 and Google Vault plans do not support eDiscovery capabilities, while Box only offers eDiscovery support through app add-on purchases. You’re also at the mercy of enterprise developers when it comes to updates and system limitations.
Even if your business is using enterprise-level O365 licenses, you’re still limited to issuing up to 10,000 holds across all of your organization’s cases, each of which can take up to 24 hours to take effect. Google’s recent decision to retire Classic Hangouts later in 2019, on the other hand, could create opportunities for inadvertent spoliation if businesses fail to adapt their retention procedures accordingly.
Constantly adjusting your preservation strategies to accommodate these pitfalls may prove cumbersome for your in-house teams—and inflate your legal spend.
How Third-Party Applications Can Enhance Your Legal Hold Procedures
Fortunately, businesses can quickly meet their legal hold and preservation compliance obligations by using third-party apps with compatible software connectors. As the name implies, these connectors allow users to “connect to” their organization’s enterprise accounts to index important contacts, messages, files, and other electronically-stored information (ESI).
These programs can be used to access and manage collection activities across multiple enterprise programs at once, and are capable of performing eDiscovery-related tasks more quickly than enterprise software tools.
Connector-enabled apps can be incredibly useful from both a practical and legal perspective. Legal-focused apps will allow your in-house counsel to dictate how your organization collects and prepares ESI evidence. Meanwhile, your IT staff can focus on identifying key data sources and handling the technicals.
Since you’re able to use these third-party apps in conjunction with most of the major enterprise messaging servers and software programs, you’ll be able to preserve evidence seamlessly and mitigate your spoliation risks.
Enterprise legal hold features do have their place when it comes to handling the IT aspects of ESI preservation. They just need to be paired with robust tools that account for the legal side of legal hold management.
Eric Pesale is an attorney who writes about business and legal issues for various publications, law firms, and companies. His articles on eDiscovery, cybersecurity, and information governance have been featured in CSO, The New York Law Journal, Above the Law, and Lexology. Eric is the founder and chief legal contributor of Write For Law®, and is admitted to practice in New York, Connecticut, and New Jersey.