[EDRM Editor’s Note: The opinions and positions are those of Aaron Patton.]
Why IT pushback on data collection isn’t just problematic, it’s a legal risk you can’t afford to ignore.
Welcome to the first post in a five-part series based on my educational email course, The eDiscovery Data Collection Survival Guide.
Over the next five posts, we’ll walk through five of the most common mistakes I’ve seen in the eDiscovery trenches, as well as how to avoid them. Let’s kick things off with Mistake #1: Assuming your client’s IT team will be ready, willing, and able to help with data collection. [Spoiler: they often aren’t, and it’s not their fault.
The Mistake: Expecting IT to Welcome You with Open Arms
In 2014, my colleague Sean and I traveled to a small investment fund in Washington, DC for a data collection. We coordinated travel, schedules, and building access. We’d researched the client’s systems, lined up collection tools, and confirmed the custodian was ready.
But no one told IT we were coming.
We walked in, looking professional and prepared—Sean with his Pelican case of gear, me with my briefcase—only to be stopped cold by the IT director:
“Who the hell are you guys?!”
Risks of Not Involving IT in Data Collection
Assuming you can just show up and start collecting is a classic mistake, and it sets off a chain reaction:
- Unnecessary Conflict
If you’re responsible for an organization’s digital security, strangers asking for access without warning is a non-starter. Tensions flare, urgent calls begin, and no one’s happy.
If you’re responsible for an organization’s digital security, strangers asking for access without warning is a non-starter. Tensions flare, urgent calls begin, and no one’s happy.
Aaron Patton.
- Delays and Extra Costs
When trust breaks down, so does the schedule. That means rescheduling everyone (legal, forensic, IT) and racking up more hours and travel. - Missed Deadlines
If the collection is late, everything else is late: processing, review, and production. Courts aren’t sympathetic. Opposing counsel won’t miss the chance to exploit delays.
Bottom line: IT pushback isn’t a minor inconvenience; it’s a case risk.
Why IT Pushes Back
To be clear, your client’s IT team isn’t the enemy. They’re professionals with a demanding job: keeping the business’s systems online, secure, and running smoothly. When they’re left out of data collection plans, it’s a problem for them and for you.
Here’s why they often hesitate:
- Case Velocity
Fast-moving cases (think EDVA’s Rocket Docket) put pressure on legal teams to move quickly. That often means IT doesn’t get looped in early enough. - Poor Coordination and Ownership Gaps
There’s rarely a clear process for involving IT. Each group assumes someone else is handling it. With no clear owner for IT communication, steps get skipped.
How to Get IT on Board
The solution is simple: early communication and clear expectations.
Whenever a collection is coming, I set up a pre-collection call with:
- The client’s IT,
- Someone from the client’s legal team,
- Outside counsel,
- The forensic examiner, and
- Me (as the eDiscovery consultant)
This call puts everyone on the same page. IT’s biggest worry? That this will be another poorly scoped, high-pressure task dumped in their lap.
Broad asks like “Any and All Documents” make IT nervous. Narrow the focus and determine what’s “out of scope,” then get to specific questions:
Aaron Patton.
Here’s how we keep things on track:
- Use a Checklist
A good checklist shows preparedness and prevents misunderstandings. I use one I developed over years—it covers data sources, access needs, and roles.
(If you want a copy, click here: Pre-Collection Call Checklist.) - Limit the Scope
Broad asks like “Any and All Documents” make IT nervous. Narrow the focus and determine what’s “out of scope,” then get to specific questions:
- Who are the custodians with access to these data?
- What other tools/platforms can custodians access that are in scope per the ESI protocol?
When the ask is clear and contained, IT relaxes.
- Set Expectations About Their Role
IT should help identify and provide access to systems, but they shouldn’t be tasked with forensic duties. Most IT professionals aren’t trained to preserve chain of custody or testify about collection methods. Let the experts handle that part.
Wrapping Up
We covered a lot in this first post: why IT might not roll out the red carpet, how that can derail a case, and what to do about it.
In the next post, we’ll look at Mistake #2: Speeding Through Custodian Interviews—and the mess that can create.
Assisted by GAI and LLM Technologies per EDRM GAI and LLM Policy.
