Collection is often considered the most technically rigorous and complex phase of e-discovery—it involves the acquisition of potentially relevant electronically stored information (ESI) from native sources into an e-discovery platform for investigation or review. Collection is also the stage at which large and unexpected risks, time delays and unnecessary costs can quickly spiral out of control.
This process can raise many questions. Was data under-collected—perhaps because IT applied basic keywords, date ranges and file types and thus missed potentially important information obfuscated by code words? Were custodians and entire data sources missed altogether? Or did your IT team “grab everything” because you were operating under tight deadlines—leading you to spend unnecessary costs on downstream tasks? Did an employee subject to a litigation have their laptop wiped because they didn’t follow a regular backup schedule? Or did an employee seek to hide evidence through willful destruction of files?
In all these scenarios, collection is rife with risk and unforeseen costs. And the pandemic has exposed and exacerbated some of the most salient ones. There’s the rise in data volumes and cloud-based sources of data. There are the increasingly frequent requests for information. There’s the rapid adoption of chat as the preferred way to communicate. And now we have a decentralized and largely remote workforce using both work and personal devices.
Getting collection “just right” minimizes risk and unnecessary costs. But we shouldn’t view collection as a purely reactive function that’s based on responding to information requests.
Today’s approach to collection looks dramatically different than it did before.
Collection is now a process that requires far more than a reactive approach. Yes, you need a defensible process, and you need to collect data from endpoints, cloud sources and more. But collection must also secure and protect data at its source—especially for more vulnerable remote endpoints such as desktops and laptops. It must automate workflows to make collection, well, simply easier. Collection must also provide earlier insights and near-instant availability of the data so review can begin earlier, and it should intuitively display new forms of data (like chat) for rapid review and analysis.
What is today’s approach to collection? Consider these 6 key factors.
Seamless collection solutions can measurably improve processes, mitigate risks, lower downstream review costs and help legal teams gain insight into data faster. At the same time, approaches should recognize the reality that organizations have unique collection requirements, and that some systems simply require more than one tool for collection.
Whether your organization needs just collection alone, or is looking at collection as part of a comprehensive, start-to-finish program for e-discovery and regulatory compliance, here are six key factors to consider.
1. Proactively secure and protect data—while preserving data and collecting from endpoints
Just because data wasn’t backed up, a laptop was misplaced or stolen, or documents were willfully or inadvertently destroyed, it doesn’t mean that data residing on that device isn’t discoverable. Organizations that are caught empty-handed might not find the information they need to remediate signs of employee misconduct, and can risk sanctions if data is spoliated.
Cloud-based backup solutions proactively safeguards sensitive and potentially relevant information on endpoints against data loss. The technology incrementally backs up data on desktops and laptops and, when preservation is required, integrates with cloud-based legal hold tools to enforce preservation. Potentially relevant data preserved in the backup cloud can be collected remotely and automatically uploaded for investigation or review in e-discovery platforms.
2. Collect on demand for e-discovery and requests for information
Collection software, whether on-premises or cloud-based, should accelerate collection efforts at the time of a request through to review and enable earlier insight into data collections. Once collected, data should automatically be uploaded to e-discovery platforms for near-immediate review. This eliminates the need for IT teams to pull from data sources, store in a repository, then upload into a review platform. Simultaneously, reviewers no longer need to worry about delayed access to document collections, especially when under tight deadlines.
On demand tools should be able to collect from endpoints—including desktops and laptops, file shares, ECM, email and cloud sources—culling at the point of collection for more targeted data sets and preserving documents for future use cases. Preview capabilities assist legal teams in determining if agreed-upon search terms are too broad or too restrictive, and help them understand the relevance of any given custodian to the matter at hand before collection takes place.
3. Collect and review chat with end-to-end support
With the rise of chat as a preferred communication platform among employees, the need to ingest, investigate, review, redact and produce chat—including from Microsoft Teams, Slack and Bloomberg—has never been greater. Chat data should reside alongside all other collected data, and can be analyzed using predictive search, concept grouping, smart filters, communication hypergraph visualization and other analytics to home in on relevant chats. Single-message “loose chat” that is not part of larger threads should also be included so reviewers do not miss potentially significant information, and all chat data should be broken into multi-hour blocks to batch chat data for review.
4. Collect remotely and discreetly
Remote collection technology has existed for a decade, allowing IT teams to search for and collect ESI remotely and defensibly. The need for remote, targeted and often discreet collection has increased as more employees work from home. Collection tools should support comprehensive yet targeted remote collection from endpoints on or off the corporate network—which can be done discreetly in the background—along with seamless upload of data requiring review to eDiscovery platforms.
5. Augment with expertise when and where you need it
You need not go it alone if specialized collection expertise is necessary for a particular matter.
Many legal teams are worried about over-taxed internal resources or tools at hand that might not do the job, and rely on certified collection experts to defensibly collect what you need, from whomever has it (if your employees are remote and have no VPN, no problem!) and from any data source. A team of experts can help you manage risk and cost, avoid unforeseen pitfalls and balance collection requirements with data privacy requirements.
6. Execute a defensible process
Regardless of technology or service deployed, remember that having a comprehensive track record and chain of custody, from collection through review processes, to ensure defensibility throughout the process is critical, should future questions arise.
What does the not-too-distant future of collection hold?
The industry and its needs continue to change, and collection solutions need to address the challenges of legal teams: ever-growing data volumes and sources, more regulatory and compliance pressures amid stringent timelines, cybersecurity risks and a remote workforce that might be here to stay.
Collection capabilities will continually improve to expand their reach into new sources of data for evidence collection—from increasingly complex mobile device systems and social media apps to new ephemeral data sources such as wearables. Legal teams will also continue to benefit from more intuitive presentation of data types in our products (such as chat), enhanced workflow automation, collaboration and security at the source.
The future of collection is faster, easier and more intuitive than ever.
Learn more
OpenText brings decades of experience in collecting data from all types of data sources—including hundreds of thousands of endpoints. Learn more about our solutions: OpenText Axcelerate; OpenText Information Assurance; Carbonite Endpoint, an OpenText company; and
Published April 6, 2021.
