Tips for using technology to navigate ESI preservation and collection. 

Duty of Technological Competence Begins Earlier Than You Think

Under amended Comment 8 to ABA Model Rule of Professional Conduct 1.1 (Lawyers Duty of Competence) professional competence requires that attorneys keep “abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” 

CA Formal Opinion No. 2015-193, makes it clear that “in today’s technological world, almost every litigation matter potentially” involves e-discovery. In other words, every litigation attorney needs to have a basic understanding of relevant technology to provide the client with competent representation. While much of the discussion around e-discovery is commonly focused on the review and production stages of the process, California Formal Opinion No. 2015-193 makes it clear that attorneys also have an obligation at the very earliest stages of a matter to ensure that their client’s electronically stored information (ESI) is properly preserved, identified, and collected. CA Formal Opinion No. 2015-193 states, in part, that technological competence means that an attorney should be able to:  

  • Implement/cause to be implemented appropriate ESI preservation procedures.
  • Analyze and understand a client’s ESI systems and storage.
  • Advise the client on available options for the collection and preservation of ESI.
  • Collect responsive ESI in a manner that preserves its integrity.

Beware of potential collection pitfalls

The start of every legal matter involves collection—that is, the acquisition of potentially relevant ESI from native sources into an e-discovery platform for investigation or review. Collection is often considered the most technically rigorous and complex phase of e-discovery. It is also the stage at which large and unexpected risks, time delays, and unnecessary costs can quickly spiral out of control.  

The collection process can raise many questions. Was data under-collected—perhaps because IT applied basic keywords, date ranges, and file types and thus missed potentially important information obfuscated by code words? Were custodians and entire data sources missed altogether? Or did your client’s IT team “grab everything” because they were operating under tight deadlines—leading them to spend unnecessary costs on downstream tasks? Did an employee who has information that may be responsive to litigation have their laptop wiped because they didn’t follow a regular backup schedule? Or did an employee seek to hide evidence through the willful destruction of files? 

In all these scenarios, collection is rife with risk and unforeseen costs. And the pandemic exposed and exacerbated some of the most salient ones. There’s a sharp increase in data volumes, new sources of data such as chat, and other cloud-based sources of data. There are increasingly frequent requests for information. And now we have a decentralized and largely remote workforce using both work and personal devices. 

To help you fulfill your duty of professional competence and assist your clients in avoiding the landmines commonly associated with the preservation and collection of ESI, here are best practices approaches and tips.  

ESI Preservation and Collection Tips

1. Proactively secure and protect data—while preserving data and collecting from endpoints.

Best practices dictate that your clients should proactively secure and protect data at its source—especially for more vulnerable remote endpoints such as desktops and laptops. As referenced above, CA Formal Opinion No. 2015-193 explicitly mentions the need for a competent attorney to “implement/cause to implement appropriate ESI preservation procedures” and “advise the client on available options for collection and preservation of ESI.” Fortunately, automated workflows make preservation and collection easier and minimize downstream issues. Proactive collection can also provide earlier insights and near-instant availability of the data so the review can begin earlier. 

Just because data wasn’t backed up, a laptop was misplaced or stolen, or documents were willfully or inadvertently destroyed, it doesn’t mean that data residing on that device isn’t discoverable. Organizations that are caught empty-handed might not find the information they need to remediate signs of employee misconduct and can risk sanctions if data is spoliated. 

A cloud-based backup solution can help your clients proactively safeguard sensitive and potentially relevant information on endpoints against data loss. Ideally the technology should incrementally back up data on desktops and laptops and, when preservation is required, integrate with cloud-based legal hold tools that enforce preservation. For further efficiency, the chosen legal hold platform should enable clients to seamlessly transfer data to an advanced eDiscovery review platform for cost-effective investigation or review. 

2. Collect on demand for e-discovery and requests for information

Whether on-premises or cloud-based, you should seek solutions to accelerate collection efforts at the time of a request through to review and enable earlier insight into your clients’ data collections. When advising clients on available options for collection, savvy counsel will advise that the process can be made more efficient with solutions that do not require IT teams to pull from data sources, store in a repository, then upload into a review platform. In that way, legal teams will no longer need to worry about delayed access or the risks of moving data. Once collected, data can automatically be uploaded to e-discovery platforms for near-immediate review. 

Tools that can collect from endpoints—including desktops and laptops, file shares, ECM, email, and cloud sources—enable culling at the point of collection for more targeted data sets and preserving documents for future use cases. Preview capabilities assist legal teams in determining if agreed-upon search terms are too broad or too restrictive and help them understand the relevance of any given custodian to the matter at hand before collection takes place. 

3. Collect remotely and discreetly

Remote collection technology has existed for a decade, allowing IT teams to search for and collect ESI remotely and defensibly. The need for remote, targeted and often discreet collection has increased as more employees work from home. Look for solutions that support comprehensive yet targeted remote collection from endpoints on or off the corporate network—which can be done in the background—along with seamless upload of data requiring review to eDiscovery platforms. 

4. Augment with expertise when and where you need it

You need not go it alone if specialized collection expertise is necessary for a particular matter. Rule 3-100 (c) of the Rules of Professional Conduct of the State Bar of California specifically allows that if a member does not have sufficient learning and skill when the legal service is undertaken, the member may nonetheless perform such services competently by associating or consulting with someone with expertise to assist.  

There are many reasons that you and your client may want to seek external assistance with collection. Their internal resources may be over-taxed, they may not have the tools at hand to do the job, or they may not have the knowledge and/or resources to defensibly collect the data, particularly where data is spread across disparate remote endpoints. Engaging the right experts can help clients manage risk and cost, avoid unforeseen pitfalls, and balance collection requirements with data privacy requirements.  

In situations involving the recovery of deleted files or suspicion of file tampering, it is advisable to call in forensic specialists. A forensic bit-by-bit copy of a drive requires specific tools and expertise that IT teams are not equipped to handle. 

5. Execute a defensible process

One of the requirements specifically set out in CA Formal Opinion No. 2015-193 is that competent counsel must be able to “collect responsive ESI in a manner that preserves the integrity of that ESI.” Chain of custody is an important part of preserving data integrity. The Sedona Conference defines chain of custody as the “documentation regarding the possession, movement, handling and location of evidence from the time it is identified to the time it is presented in court or otherwise transferred or submitted.” Regardless of who collects client data for litigation or investigation matters it is critical that a comprehensive track record and chain of custody be maintained from collection through review processes, to ensure defensibility throughout the process. 

The continuous evolution and expansion of technology means that the practice of law continues to become more complex. The key to success is, as always, being proactive and acquiring the necessary knowledge to competently advise your clients. It is not necessary for every litigator to become an expert in the collection and preservation of electronic data. But you do need to know the right questions to ask to guide your clients in the right direction and when to call in additional expertise. 

About the Authors

Rachel Teisch, senior director of Legal Tech product marketing at OpenText, has 20 years of experience in e-discovery. She brings passion to marketing solutions that help organizations reduce costs and risk across the legal information lifecycle. She can be reached at 

Wendy Cole, director of Legal Tech product marketing at OpenText is a lawyer turned product marketing professional with 15 years of experience in e-discovery and legal technology. She can be reached at 

Check Also

The Importance and Value of Lead Disposition

By Vince Wingerter, CEO and founder of  Johnny Mercer famously wrote, “You’ve got to …