Storage Tip: The legal burden of inaccessible data –

Send your Storage question to David Hill today! | See other Storage tips from David

What seems to be the problem? When you start to understand the implications of what is necessary to bring your company in line with the changes of the Federal Rules of Civil Procedure (FRCP) as they impact the process of e-discovery for civil litigation in the U.S. court system, you may recognize the large gap between what your company can do now and what it needs to do. For example, your enterprise must:

* Organize and classify all data relevant for the purposes of e-discovery

* Keep track of where your data is at all times, including on backup tapes

* Put in place a comprehensive data retention policy

* Ensure both the survival (no destruction) and integrity (no alteration or mutilation) to prevent spoliation (which is the destruction, alteration, or mutilation of evidence").

And you definitely can't escape even if your company is a smaller one and you probably cannot escape even if your company is non-U.S-based. The reason is that if your company can be sued in the U.S. court system, you must follow its rules. So what are you going to do?

What do you need to know? The reality of the gap between what should be done and what can be done has been recognized by the U.S. court system. Part of Rule 26(b) states that "A party need not provide discovery of electronically stored information from sources that the party identifies as not reasonably accessible because of undue burden or cost." This is not a free pass. The party from whom discovery is sought must prove its inaccessibility.

Don't worry. If you don't have the resources or skills to prove inaccessibility yourself, you can hire a professional services organization to help you. One company calls its offering an accessibility readiness assessment service. The service helps companies to better understand their data -- not only where it is located, but also how it is mapped within data sources. The resulting plan can help you determine what data you can declare as inaccessible because of the burden or cost of producing it.

The process of determining inaccessibility is not an easy one. Take a look at the simple matrix. The cell where you know what data you have and you know where to find it is "Open Book" data. Seems simple. However, take your e-mail system. You know where all the data is, but you may not easily know which e-mails are relevant (see a previous storage tip on types of errors in determining relevancy). So "knowing" what you have may not be that simple. And that's the easy box.

Where is the data?
What data? Know Open book Needle in a haystack
Don't know Treasure hunt Terra incognito

Let's take the "you don't know what you have, but you know where to find it if you have it" Treasure Hunt" cell, i.e. you don't know what you are going to find when you open the storage "box." In many organizations, data is created, but there is no institutional memory of that data (for example, former employees may have created documents, but no one remaining at the company knows anything about them). Data classification and search capabilities are useful for exploring this box. Why would you want to do this? Let's say that the litigation has to do with a discontinued project run by former employees. You may be asked if you have done a strict electronic search on all storage attached to servers attached to your network to find all documents and information on the project.

Now let's move on to the "you know what you have, but you don't know where to find it" Needle in the Haystack cell. You know that you have old application data on an archive tape somewhere, but you don't know which one of the thousands of tapes the specific information that is being sought would be stored on. The problem is that the application data on tape as a whole was protected, but says nothing about whether a single piece of data (i.e., evidence) that is relevant for ediscovery purposes resides or even if it exists at all. And pursuing a large number of tapes can be truly burdensome.

The Terra Incognito cell is where "you don't know what data you have and you wouldn't know where to find it even if you did". For example, that may be information that a user created on a personal computer at home (outside the purview and control of an IT organization), moved the information to a memory stick, and erased the PC files. You have no knowledge that the data was created or where to find it and it could turn up in the wrong hands.

So there are valid instances where you can prove the inaccessibility of data. However, you should not feel that you can use that excuse as an escape clause to get out of doing the necessary work. Rule 26(b) goes on to state "If that showing [burden] is made, the court may nonetheless order discovery from such sources if the requesting party shows good cause

This story, "Storage Tip: The legal burden of inaccessible data" was originally published by ITworld.

Copyright © 2007 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon