E-Discovery is also known as electronic discovery and is by electronic means amassed information that can be used as electronic evidence and be able to produce as one in a court of law or legal proceedings. Electronically stored information (ESI) includes but is not limited to, emails, documents, presentations, databases, voicemail, audio and video files, social media, and websites.[1] In this article, we will learn more about the same and how we can better manage electronic evidence so as to ensure that they do not get tampered with.
Society is getting more complex and is changing ever so much. It is vital that we keep up with the times and technologies and their negative uses. Nonetheless, anything that is electronic equipment will also be very complex and unless you are a tech master, it might be a tad bit difficult to navigate yourself through the same. There are millions of data available on the internet, millions of personal information, and as such there is an ever-increasing data that is produced, stored ad transferred every single minute. Even though it is easy to maintain soft copies as compared to hard copies, you know exactly which drive they are in and they are also easy to transfer – however, it is also easy to hack such software. “Electronic documents are more dynamic and often contain metadata such as time-date stamps, author and recipient information, and file properties. Preserving the original content and metadata for electronically stored information is required in order to eliminate claims of spoliation or tampering with evidence later in the litigation.” [2]
“The demand for digital forensics is growing, with the market for such management services expected to reach $9.68 billion by 2022. This is due in part to the problems mobile and Internet of Things (IoT) technology introduced into evidence management. Mobile technology has blurred the line between what counts as physical and digital evidence. Smartphones, for example, may hold pertinent photos locally, connect to files in the cloud, and carry fingerprints or other trace evidence on the device itself. Many law enforcement agencies and private companies already have methods for managing physical evidence and digital evidence separately. Now, they need robust tools to manage them together.”[3]
You can always whenever possible, have a Computer Forensic Examiner/Analyst conduct a volatile memory (RAM) acquisition to capture the live data that may be lost when powered off.[4] Unless the servers or computers on the business network are NOT able to be properly shut down and safely moved, the examination of network servers or business networks should ONLY be attempted by a Computer Forensic Examiner/Analyst.[5]
Below mentioned are a few points that could help one in managing and protecting e-discovery:
- It’s important to engage in regular employee training and testing to help employees—across all levels of the company—recognize and avoid phishing and other cyber-attacks.[6]
- Keeping too much data in too many locations: Establish a defensible data deletion policy that allows you to dispose of outdated files.[7]
- In a court of law, “it is essential to prove the integrity of evidence. You should appropriately handle it by maintaining audit logs detailing: who has accessed it? Who modified it and how? Otherwise, it will not be admissible in court and will not stand against any legal interrogation.”[8]
- Understand Your eDiscovery Solution: Knowing the capabilities and limitations of your data collection software allows you to use it in the most efficient manner possible.[9]
- Implement Access Controls: “Only necessary personnel should have access to the data so there’s less chance of data being compromised or corrupted. In addition to this, you can also Maintain an Audit Trail – that is that any change to the data can have an impact on your litigation, so you need to know who touched what files when they accessed them, and what they did to them.”[10]
Conclusion
Millions of data (be it personal or work-related) are shared constantly through devices like emails, smartphones (social media apps), laptops and computers. It is vital that the devices that contain this vital information are also safeguarded. It is also important that only approved personnel or individuals should have access to them. In addition to this, keeping digitals isolated and not connected to other devices can also avoid data leakage. Trivial human error should be avoided when it concerns handling sensitive information (data). Accidentally copying or deleting data that contains data will also get you prosecuted.
[1] The Basics: What is e-Discovery? - Complete Discovery Source (cdslegal.com) [2] Ibid. [3] Preserving Digital Evidence the Right Way: Your 10-Step Guide (realtimenetworks.com) [4] Best Practices For Seizing Electronic Evidence, V. 4.2., A Pocket Guide for First Responders, retrieved from: Best Practices For Seizing Electronic Evidence - Version 4.2 - 2015 (cwagweb.org) [5] Ibid. [6] Ediscovery Security: How to Protect Corporate Legal Data - Zapproved [7] Ibid. [8] What Are the Best Practices For Protecting Digital Evidence? (vidizmo.com) [9] How to Maintain eDiscovery Data Integrity - CloudNine [10] Ibid.