Fifteen or twenty years ago, when you thought about record retention and electronic communications, “electronic mail” or, email, was the only thing to worry about. Back then, firms and the regulators scrambled to interpret how to apply existing rules pertaining to communications to the new modality of email. Nowadays, email is just a one piece of a more complex communications landscape. Companies are deploying new forms of communication and the pace is only accelerating. Your firm might be using Unified Communications platforms like Microsoft Lync and IBM Sametime, collaboration tools like Chatter, IBM Connections, or Jive, or IM networks such as corporate Lync IM or perhaps public-facing such as Yahoo! Messenger. Your firm may even be using community networks geared towards specific industries such as Reuters and Bloomberg , widely used in the financial services sector, or ICE within the energy markets. And, of course, your regulated users, such as financial advisors, may also be clamoring to use social networking sites such as Facebook, LinkedIn, Twitter, YouTube, Google+, Pinterest, Instagram to prospect and conduct business.
However when you strip away the complexity, regulators worldwide are consistent when it comes to recordkeeping: business records need to be captured, archived and made e-discoverable. The content, not the device or channel, is determinative. With this is mind, I sat down with Jim Obrien, General Counsel at Actiance, to ask a few questions.
Belbey: Can You Tell Us About Electronically Stored Information (ESI)?
Obrien: ESI is the catch-all term for the digitally stored files of litigants in a federal case. During the pre-trial discovery phase of a lawsuit, all ESI is subject to discovery, meaning it all has to be checked for relevant information that the other side has requested to help it prove its case. Only the relevant files need to be actually given to the opposing party, but all ESI has to be checked to make sure all the relevant files have been located and handed over. It sounds simple enough, but it is hard if you are not prepared in advance and a lot can go wrong. It can be surprisingly easy to lose track of ESI.
When the e-discovery rules changed in late 2006, there was a lot of commotion about it, and a lot was written about the need for companies to have their ESI organized and well maintained in order to be able to respond to the tight discovery timelines set by the new rules. I don’t see that message has really sunk in though. And now that the rules are no longer “new,” and the commotion has died down, it is easy for companies to lose track of whether they have really prepared to meet the current e-discovery challenges. Yes, the e-discovery market is growing, but more spending is not assurance that the companies really understand all the risks or even the problems they are trying to solve.
Belbey: Are Most Firms Capturing, Archiving And Making Sure All The New Forms Of Electronic Communications Are E-Discoverable?
As the resident lawyer at Actiance, I am occasionally asked to talk about e-discovery issues with customers, or on a panel. Sometimes I can tell that a person I’m speaking with just doesn’t want to have to deal with Instant Messages, Enterprise Social Platforms communications, or social media in e-discovery, even when these communications are used for business purposes in their company. To them, the most obvious way not to deal with it is to make it go away, or more precisely, to take the position that these are not business records and therefore will not be saved. No saved records, no ESI, problem solved. There are undoubtedly circumstances where this is a sound policy, but what I’ve seen is that such a position is most often taken without enough attention to the reality of how easily electronic communications are stored in hard-to-find places, and how difficult it is to effectively enforce a “no IM / collaboration / social media records” policy when employees use various electronic communications for business purposes and may need to refer to those records the way they refer back to e-mail. The company falls into the trap of mistaking its ESI policy, what the company wants its ESI to be, with the reality of what its ESI actually is — i.e., what is actually saved, either inadvertently or surreptitiously against policy. The resulting danger is that the ESI is there, but the company doesn’t know it exists until too late.
Belbey: Any Suggestions Regarding ESI For Fellow Attorneys?
Obrien: My recommendation is usually that if IM, collaboration tools, or social media are used for business, then they will generate business records that should be maintained and be treated on par with e-mail records for e-discovery purposes.
Belbey: What Steps Should Attorneys Take To Protect Their Firms?
Obrien: To the extent that technologies such as enterprise social, social media, IMs and unified collaboration are being used for business purposes in our companies, we need to become intimately familiar with what records are being created and stored there – regardless whether we are power-users or non-users ourselves. My basic message is this: don’t ignore the big compliance and electronically stored information issues that are undoubtedly growing along with adoption and use of various communications tools in our business. It is not even that hard to address. Schedule meetings to survey the categories of use and the resulting records, then map those to your compliance and eDiscovery requirements to see if you are cleanly archiving everything required. Work closely with your third party archiving vendor that understands all the new forms of communications to make sure you are covered. After all, we may be the only ones who are helping our colleagues from some uncomfortable audits or depositions and ultimately keeping our enterprises out of trouble.