The Case for In-House eDiscovery

Litigation Growth Moves Organizations to Develop Skills Internally

By Upasana Gupta, December 23, 2011.
The Case for In-House eDiscovery

In mid-2011, Canada's Scotia Bank set up an internal eDiscovery team of three full-time professionals to tackle litigation issues for the institution in 50 countries.

See Also: The Evolution of Advanced Malware

The goal: to preserve, collect, review, manage and produce any electronic evidence relevant to a court case. For Greg Thompson, vice president of enterprise security services at Scotia Bank, Canada's third-largest institution, eDiscovery has become a top concern because of the rising litigation caseload. Failure to comply with an eDiscovery request could result in fines or other penalties.

The main reasons for establishing an internal eDiscovery team, versus outsourcing it: huge cost savings, increased control of data and a better understanding of the litigation process.

"Satisfying a court order is heavy lifting," Thompson says. "The cost and risks of outsourcing this service with regards to the number of litigations we are dealing with has skyrocketed. If you send your data to an external party for investigations, you can expect to pay somewhere around $2,000 per day compared to internal expertise, where we spend around $800 per day."

Scotia Bank's choice is increasingly common among private and public sector organizations worldwide. The expansion of litigations, electronically stored information and the risk of sending data to third parties are pushing these organizations to develop their own eDiscovery capabilities.

"eDiscovery is becoming a big deal," says David Matthews, deputy chief information security officer for the City of Seattle in the U.S., and author of a forthcoming book called "Electronically Stored Information: The Complete Guide to Management, Understanding, Acquisition, Storage, Search, and Retrieval." "Every bit of infrastructure and activity generates electronic data, so organizations and individuals are expected to understand by law where their electronic evidence is and how it's accessed and produced in court."

In Australia, a growing number of forensics and IT security practitioners are moving in-house into eDiscovery roles with larger firms, says Jill Slay, professor of forensic computing at the University of South Australia. "It is more cost-effective today for companies to purchase eDiscovery software and do it in-house rather than outsource it as they used to in the past, and as a result save hundreds of thousands in litigation costs."

Dr. George Weir, a forensics professor at the University of Strathclyde, Glasgow, Scotland, finds large financial institutions and big consultancies in the U.K. tasking their IT security and forensics team with eDiscovery requirements. "The push to the cloud has raised a lot of concerns and confusion in this area," he says. "Organizations now want to have direct access and jurisdiction of their data and are creating their own specialized expertise to address these issues."

The eDiscovery Team

But developing an internal eDiscovery capability is challenging. Organizations need to establish a cross-functional team of legal, IT security and forensics professionals who know where the data is, understand how to handle investigations, maintain data integrity and analyze information that is important - and be familiar with the eDiscovery workflow.

"Information security practitioners are uniquely qualified to assist in eDiscovery because of their perspective and subject matter expertise in managing and protecting data," Matthews says. "They are the ones that come with the background of confidentiality, integrity and availability- that's really how you get to the eDiscovery process."

In most cases, the data for an eDiscovery matter needs to be collected in a forensically sound manner, so forensics practitioners are typically involved with the collection, processing and retrieval of data and handling of evidence.

Legal personnel understand the eDiscovery workflow and law requirements, so they collaborate with IT security and forensics to accomplish the work from a broader perspective.

"Jobs in eDiscovery are growing as a lot of people are beginning to think it's important, well understood and relevant in their broader job responsibilities," Matthews says. "eDiscovery is becoming an interesting career choice for professionals grounded in IT security, forensics and law enforcement."

Moving forward, more information security and forensics professionals will get absorbed in eDiscovery as organizations address their policies on data mapping, collection, record management, storage and retention.

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE How to Properly Vet Your Cloud Provider

Too often enterprises fail to adequately vet their cloud service providers, which can create...

Latest Tweets and Mentions

ARTICLE How to Properly Vet Your Cloud Provider

Too often enterprises fail to adequately vet their cloud service providers, which can create...

The ISMG Network