Collection is often considered the most technically rigorous and complex phase of eDiscovery—it involves the acquisition of potentially relevant electronically stored information (ESI) from native sources into an eDiscovery platform for investigation or review. Collection is also the stage at which large and unexpected risks, time delays and unnecessary costs can quickly spiral out of control.
Collection must also provide earlier insights and near-instant availability of the data so review can begin earlier, and it should intuitively display new forms of data (like chat) for rapid review and analysis.
Team Opentext™
This process can raise many questions. Was data under-collected—perhaps because IT applied basic keywords, date ranges and file types and thus missed potentially important information obfuscated by code words? Were custodians and entire data sources missed altogether? Or did your IT team “grab everything” because you were operating under tight deadlines—leading you to spend unnecessary costs on downstream tasks? Did an employee subject to a litigation have their laptop wiped because they didn’t follow a regular backup schedule? Or did an employee seek to hide evidence through willful destruction of files?
In all these scenarios, collection is rife with risk and unforeseen costs. And the pandemic has exposed and exacerbated some of the most salient ones. There’s the rise in data volumes and cloud-based sources of data. There are the increasingly frequent requests for information. There’s the rapid adoption of chat as the preferred way to communicate. And now we have a decentralized and largely remote workforce using both work and personal devices.
Getting collection “just right” minimizes risk and unnecessary costs. But we shouldn’t view collection as a purely reactive function that’s based on responding to information requests. Today’s approach to collection looks dramatically different than it did before.
Collection is now a process that requires far more than a reactive approach. Yes, you need a defensible process, and you need to collect data from endpoints, cloud sources and more. But collection must also secure and protect data at its source—especially for more vulnerable remote endpoints such as desktops and laptops. It must automate workflows to make collection, well, simply easier. Collection must also provide earlier insights and near-instant availability of the data so review can begin earlier, and it should intuitively display new forms of data (like chat) for rapid review and analysis.
