From Target to Sony, Jeep, and others, high profile hacks, data breaches, and issues of cyber security have become dominant headlines in the past two years. Rightfully so, too, as a recent study found 40% of companies that maintain personal, identifiable data like credit card information, social security numbers, health information, etc., have experienced a data breach of some sort in the past year.
It’s a shocking statistic and one that shows data breaches, intellectual property theft and misappropriation of trade secret data are not going away any time soon. In fact, we expect to see them rise as corporate America struggles to keep up with the ever increasing volume of data coupled with advancements in modern technology and, more importantly, the advancements of the hacker culture.
Now, how will these ever present threats to corporate data effect eDiscovery in the modern era? Here are some of the top drivers shaping the eDiscovery marketplace as we know it today.
Not “If” But “When”
Not only do corporations have to protect themselves from potential internal data breaches by outside forces, but they also need to be cognizant of outside counsel’s security measures for protecting sensitive data during representation of an eDiscovery incident. Some eDiscovery experts believe that the risk associated with data breaches is so great that law firms should not even consider storing their clients’ sensitive electronic data themselves due to chance of outside intrusion. As such, law firms and corporations are beginning to move away from in-house solutions and towards using digital forensic and eDiscovery service providers, whose core focus is securing data and keeping up with the latest security software. Law firms and corporations should consider the following when sensitive data is going out the door during an eDiscovery incident:
- Forensic images and processed data should be collected to and stored on encrypted external devices only. Information should never be stored on internal hard drives of forensic computers. Therefore, the data can always be traced through chain-of-custody and will not be left behind or forgotten when the case is finished. The only alternative or exception to external devices could be dedicated encrypted locations on a server.
- Access to forensic images and production data should be given to authorized personnel only.
- Documents with personally identifiable information (PII) should never be produced, unless they are pertinent to the case.
- If documents with PII have to be produced, PII should be redacted, unless it is pertinent to the case.
- Upon completion of the case, all collected data should be destroyed, in accordance with laws, regulations, and policies.
Protecting Those Trade Secrets
According to the Ponemon Institute, an independent research company that focuses on privacy, data protection and information security, 50% of employees who left or lost their jobs kept confidential information. Of those departing employees, 40% planned to use confidential information from a previous job at the new organization. According to the Bureau of Labor Statistics, the average worker stays at his or her job for 4.4 years—the expected tenure of the workforce’s youngest employees is about half that number; 91% of millennials will stay in a job for less than three years according to the Future Workplace.
Given this volume of turnover, when an employee leaves the organization, look to collect, image and preserve company issued property, (e.g. desktops, laptops, cell phones, iPads, notebooks, flash memory drives/devices). Secondly, confirm no authorized information, file, document or email transfers have occurred. This can be done by reviewing computer access and print logs to determine if there has been any unusual or unauthorized activity, scanning internet history to determine whether third party storage sites were used and reviewing the employee’s work email to determine whether third party storage sites were registered for and used. Finally, it’s important to review social media accessibility and retrieve all passwords.
Play by the (New) FRCP Rule
With new rules governing litigation in an effort to limit the increasing costs for the “just, speedy, and inexpensive determination of every action and proceeding,” litigants will hopefully experience limits to discovery, narrowing the relevant subject matter to “any party’s claim or defense” rather than the subject matter “involved in the action.” By focusing on the claim and the merits, the rule change aims to limit the scope of discovery, resulting in smaller litigation budgets. In theory, these rule changes make sense, but the changes heavily rely on collaboration between parties – requiring both parties to be knowledgeable when it comes to eDiscovery. Secondly, it is yet to be seen whether the reduction in expenses will be countered by the increase in additional user devices being requested for discovery along with other digital platforms.
As you can see, it is critical to stay up to date on factors impacting eDiscovery as the need will only continue to grow.