Data

Who’s Clogging Up Your Enterprise Data Stores? Not Who You Think

In a Harris Poll survey recently commissioned by kCura, we asked office workers about their understanding of data privacy and their digital habits. Many entry-level employees admit to at least sometimes engaging in behaviors that cause unnecessary corporate data proliferation—things like spreading office gossip over work email (14%), using work devices for online chats with friends (16%), and emailing large groups of people (39%).

Around twice as many “higher-ups” (i.e., office workers at a director level or above) confess to engaging in the same behaviors—at least sometimes using work email or messaging apps to share office gossip (30%), using work devices for online chats with friends (38%), and emailing large groups of people (67%).

Should this surprise us?

Let’s take a closer look at the data, revisit the trusted employee handbook, ask a business psychologist about why our survey respondents may have answered the way they did, and see how e-discovery professionals deal with the reality of data proliferation. They’re the ones, after all, who feel the effects most acutely.

A Little Background on the Findings

The research, conducted online between December 28, 2016 and January 18, 2017, included 1,013 US adults age 18 and over who were employed full-time or part-time, working in a traditional office setting for at least 50% of the time. The majority of respondents (92%) were full-time employees, and freelancers were not included in the poll.

In categorizing respondents’ positions, “entry level” is anyone who told us they were entry level, administrative, or clerical workers. “Director level or above” are supervisors, team leaders, managers, directors, vice presidents, and senior management such as CEOs, CFOs, and senior VPs. There’s also a category called “professional level” for those who responded that they were professional or technical staff members.

Here’s how these groups responded when asked, “How often do you do each of the following while you are at work?” regarding some familiar behaviors:

The fact that directors and other leaders email large groups of people more often than less senior employees seems to make sense. It’s entire departments that they often need to send information to, after all. But using work email to send or receive personal communications? Using work devices for messaging apps to talk with friends?

Gail Golden, a performance coach and management psychologist, suggests that senior leaders feel freer to move back and forth between work and personal time than many lower-level employees.

“Senior leaders have fewer people monitoring how they spend their time. They have fewer deliverables with short-term deadlines,” says Gail. “As a result, they have more flexibility over how they utilize their time. It’s not that they work less, but they work differently. And since business and personal relationships are often blurred at senior levels, setting up a lunch date or engaging in friendly chat may serve a business goal as well as a personal one.”

As for the positive correlation between seniority and the motivation to “reply all” to an email when it needs only to be sent to the sender, it’s less clear (and taking off our data analysis hat for a minute, as employees with clogged inboxes ourselves, also harder to forgive).

Dusting Off the Employee Handbook

Aren’t there generally policies restricting these kinds of behaviors at most companies? Aren’t employees aware of these, and shouldn’t that stop them? The survey asked about that, too.

63% of office workers report their companies either have no written policy on checking personal email or other personal accounts while at work or if the company does, they don’t know about them.

Directors and above are less likely to be unsure about these policies. 54% of them said there was no written policy, while 36% of entry-level employees gave us that answer. Meanwhile, far more entry-level employees plea ignorance: 31% don’t know if their companies have a written policy on checking personal email or other personal accounts while at work, while only 7% of directors and above don’t know.

How frustrating for someone like Marvel CEO Isaac Perlmutter, who learned on March 16 in Peerenboom v. Marvel Entertainment, LLC that he couldn’t claim attorney-client privilege for emails with his attorneys (or marital privilege for correspondence with his wife) because he sent those personal messages over company email, and his company’s email policy asserted that Marvel “reserve[d] the right to access, review, copy and delete any messages or content,” and “to disclose such messages to any party (inside or outside the Company).”

According to Bloomberg BNA, “the decision highlights the riskiness of using an employer’s email system for personal communications, as many employees—and apparently even top executives—often do.”

Yup.

And how frustrating for in-house counsel. It takes a while to write those policies. Of course, as with information governance policies or any other policy, what lends them credence is the ability to prove they’re communicated, acknowledged, and enforced.

In Marvel’s case, they were. In the words of the court: “Given, among other factors, Perlmutter’s status as Marvel’s Chair, he was, if not actually aware of Marvel’s email policy, constructively on notice of its contents.”

It Is What It Is, So Get the Lead Out with Analytics

Maybe we’re not reporting anything here that e-discovery professionals don’t know already. The questionable practice of flooding company servers and enterprise clouds with personal data and information that isn’t necessary to the business is felt most acutely when IT teams get involved in e-discovery, and by legal teams on the front lines of investigations.

And maybe there’s nothing that can be done about it. Given the roles of directors and leaders, it’s often their data that’s put on legal hold and collected in response to claims against their companies. Even with stronger and more broadly understood policies, is there any reason to think the psychology of business leaders will change, and that they’ll build a moat between the personal and the professional—assuming that’s even possible given their responsibilities? Is there any reason to think the employees rising in the ranks beneath them won’t adopt the same practices?

“Sharing a funny video or a quick story can also provide a needed brief break from the intensity of the business world,” says Gail. “Having said that, sometimes senior leaders, like everyone else, break the rules just because they can.”

Assuming our survey responses reveal immutable facts of professional life, e-discovery practitioners in the US will continue to have plenty of junk to wade through. That’s where analytics comes in.

Two years in a row, the Coalition of Technology Resources for Lawyers and the Information Governance Initiative surveyed internal legal departments about their current and anticipated adoption of analytics technology. And two years in a row the surveyors found the same thing: analytics adoption is accelerating.

Analytics helps legal and IT teams go beyond keyword searches and metadata filters to quickly sift through huge data sets. We’re seeing the brightest minds in e-discovery take advantage of analytics to get to (and through) review faster. With cluster visualization—one of many tools in the toolbox—they’re able to see documents like email messages grouped by concepts found in the text within them (think “fantasy football” vs. “fraud”). With email threading visualization, they can make decisions about entire email conversations at once (such as disregarding a whole chain about the cake in the break room rather than reviewing each message in the conversation at different times).

It may be that nothing can be done to change the behavior of the most professionally advanced of data custodians. That doesn’t mean we can’t alleviate the e-discovery pain that behavior inadvertently causes.

Method statement: This survey was conducted online in the U.S. by Harris Poll on behalf of kCura, makers of Relativity, between December 28th , 2016 and January 18th, 2017. The research was conducted among 1,013 adults age 18+ who are employed full-time or part-time, not a freelancer, and works in a traditional office setting for at least 50% of the time. Figures for age, gender, race/ethnicity, education, region, and household income were weighted where necessary to bring them into line with their actual proportions in the population. Propensity score weighting was also used to adjust for respondents’ propensity to be online.

About David Horrigan and Brendan Ryan

David Horrigan and Brendan Ryan
About David Horrigan Davis is e-Discovery Counsel and Legal Content Director at kCura. An attorney, law school guest lecturer, e-discovery industry analyst, and award-winning journalist, David has served as counsel at the Entertainment Software Association, reporter and assistant editor at The National Law Journal, and analyst and counsel at 451 Research. He serves on the Editorial Advisory Board of Legaltech News and the Data Law Board of Advisors at the Yeshiva University Cardozo Law School. David holds a Juris Doctor from the University of Florida, and he studied international law at Universiteit Leiden in the Netherlands. He is licensed to practice law in the District of Columbia. Twitter: @David Horrigan LinkedIn: David Horrigan About Brendan Ryan Brendan is a senior manager of content on the marketing communications team at kCura, where he provides editorial expertise on a wide range of publications, including the Relativity blog, and mentors a team of specialists and senior specialists. Brendan has been on the kCura team since 2014 and holds a Master’s degree in writing from DePaul University. Twitter: @bjr312 LinkedIn: Brendan Ryan

Check Also

Ransomware attack

Does a Ransomware Attack Mean There was a Data Breach?

Learn how to identify whether a ransomware attack is also a data breach that may require notification to customers, patients, and governmental agencies.