January 06, 2014
After issuing the litigation hold, the next step is to identify potentially responsive ESI. The starting point for this discussion could be the preservation notice issued by the requesting party.
However the preservation notice is not the universe of items that could be covered. Nonetheless, just as a party is not required to preserve every scrap of paper, it is not required to preserve every electronic document. Indeed, it is only required to preserve those relevant to the dispute.
The purpose for the identification is twofold. First, it is to identify the types of computerized systems used by the responding party so that the two parties can devise the best and most efficient manner for searching and producing the potentially relevant ESI contained on those systems. In fact, in the Advisory Committee Notes to Rule 26(f) there is even guidance that the parties may want to have individuals with special knowledge about these systems participate in these discussions.
The second purpose is to determine whether the potentially relevant ESI has been properly preserved. This purpose is expressly mentioned in Rule 26(f)(2) and in the Advisory Committee
Notes to the 2006 amendments.
The identification of ESI is critical. Appendix A provides a questionnaire that can be used to interview client personnel to determine the sources of ESI that could contain information related to the case as well as understanding which data still needs to be preserved.
The first step in preserving electronic data is to identify the various data sources. The data sources are typically many as there are methods for handling them and should actually begin with the identification of people, places and issues that likely will be relevant to the case. Once those people, places and issues are identified it becomes a simpler matter to identify the associated sources for ESI.
Just some of the items that should be considered are those immediately accessible to the individuals involved such as personal computers and related accessories. Next, other data storage locations that should be considered are those located on shared devices and network resources. Finally, the data held in specialty devices and applications like e-mail servers, content and records management systems, and applications databases should be preserved. Each of these data sources and the methods for preserving their data are discussed in the following sections.
Author: Gregory L. Fordham, Fordham Forensics
- Founded Fordham Forensics in 2012
- Experienced computer forensic expert in trade secrets matters and accepted expert in numerous courts
- Live investigator and certified steganography investigator
- B.B.S. degree, Emory University in Atlanta; certified computer examiner, Security+; Microsoft® certified professional
- Can be contacted at 770-777-2090 or [email protected]
About Lorman: Lorman Education Services is a leading provider of continuing education since 1987. From continuing legal education to training the human resource professionals, Lorman seminars and live webinars are an easy choice. Visit www.lorman.com for all of your business training needs.