Menu

Why the CSO/CISO Should Care About eDiscovery Part -3-

Part -3- The Evolving Landscape of eDiscovery 

There are three forces that are having an increasingly important influence in the ongoing evolution of eDiscovery processes. The first is the overwhelming predominance of corporate information generated and stored electronically. The second force is the December 2006 amendments to the Federal Rules of Civil Procedure (FRCP) which for the first time in American legal history greatly expanded the scope of discoverable information to address the special issues of ESI. The third force is the rapid pace of recent landmark court decisions and opinions indicating emerging requirements to the authentication of electronic information offered as evidence. 

The CISO will be familiar with the first force, but typically in a manner that is orthogonal to eDiscovery. This is no longer the case. Not only is it becoming necessary for the CISO to familiarize himself or herself with the proliferation of computer generated information, but he or she will now have to view this information forever after as potential evidence in litigation. Familiarity with the second and third forces will also be foisted on the CISO, typically with little time provided to either adequately prepare or to fashion a legally adequate response to the deadlines imposed by the rules, thereby exposing the enterprise to potential discovery sanctions. It is therfore important not to take a retrospective view of legal discovery modes in the paper-and-ink realm, as what has sufficed in the past is no longer sufficient. 

The 2006 amendments to the FRCP greatly expanded the scope of information that is discoverable and required to be produced to an adversary in a legal proceeding. ESI may be required to be produced in original, native and searchable format, which may in turn require the production of system and application metadata. One of the more signigicant additions to the FRCP is the requirement that the varies parties to a lawsuit collaborate, and to the extent possible, agree on the specific form and nature of the ESI to be requested and produced. This occurs very early early in litigation, and within a short period of time after a complain has been filed and answered by the opposing party or parties. This is known to attorneys as the "meet and confer" requirement, and it bear repeating that this event takes place well in advance of trial.

Litigation counsel (whether internal or retained will typically then marshall information about potential enterprise ESI that may be considered evidence. Information about information...sounds familiar? This information may include data mapping, storage, access, retention, backup and archival information. What other information might this include? ESI owned by the organization but under the control of an external party may also discoverable and required to be produced. Since corporate information is now created and maintained in many forms and formats (i.e., structured and unstructured, IM, VOIP and even volatile data such as cache (RAM) memory) production of this electronic information, where reasonably accessible, may be required, irrespective of its location or mode of storage. 

Accordingly, it is critical for the CISO to understand that under the new FRCP, virtually any instance of electronic information created in the normal course of business is discoverable.

For most enterprise, the potential for eDiscovery is ever present, and should be handled in the same manner as an IT risk, or threat. IT risks and threats are naturally the province of the CISO. When eDiscovery looms, therefore, both the participation as well as the province of the CISO should be automatically invoked. and the CISO should be prepared to participate in the initial pre-discovery process, and directly in consultation with counsel.

Next: The Courts are Determining the Nature and Scope of eDiscovery Obligations

← View more Blogs

This document was retrieved from http://www.rsaconference.com/blogs/why-the-cso-ciso-should-care-about-ediscovery-part-3 on Mon, 22 Dec 2014 12:00:13 -0500.
© 2014 EMC Corporation. All rights reserved.