1 © copyright 2009 emc corporation. all rights reserved. electronic discovery & compliance:...
TRANSCRIPT
1© Copyright 2009 EMC Corporation. All rights reserved.
Electronic Discovery & Compliance:Meeting the Challenges -“Avoiding a Trial by Fire….”
Timothy WellsInformation Governance SpecialistEMC [email protected]
2© Copyright 2009 EMC Corporation. All rights reserved.
Who Are We and How Did We Get Here? – A Brief Background of e-Data, Compliance, the FRCP and eDiscovery
What's Next and Why Should I Care? – 2010 Drivers and Landscape– Costs and Risks of e-Information
What's An Enterprise To Do? – Information Management (Email, Archives, Records, etc.)– eDiscovery Process and Infrastructure
How Can We Justify Our Spend? – The Road To ROI
What's Our Next Step? – Conclusions and Next Steps
How About Some Free Advice? – Q&A
Agenda
3© Copyright 2009 EMC Corporation. All rights reserved.
EMC eDiscovery & Compliance Team
An Expert, Diverse Team of 90+ Professionals
– Industry-leader Kazeon & SourceOne Family– Focused on eDiscovery
Industry best, dedicated sales team Dedicated Legal / SME Team Product management and support
Leading-Edge Activities– The Sedona Conference– Electronic Discovery Reference Model (EDRM)– ARMA– Webcasts, Podcasts, Articles, Speaking
engagements
MA
COCA
TX
CT
NY
GA
4© Copyright 2009 EMC Corporation. All rights reserved.
0
200
400
600
800
1,000
1,200
1,400
1,600
1,800
2,000
2,200
2,400
2,600
2009 2010 2011 2012
Exabytes
5-fold Growth in 4 Years!
DVDRFID
Digital TVMP3 players
Digital camerasCamera phones, VoIP
Medical imaging, Laptops,Data center applications, Games
Satellite images, GPS, ATMs, ScannersSensors, Digital radio, DLP theaters, Telematics
Peer-to-peer, Email, Instant messaging, Videoconferencing,CAD/CAM, Toys, Industrial machines, Security systems, Appliances
Source: IDC Digital Universe White Paper, Sponsored by EMC, May 2009
Digital Information Created, Captured, Replicated Worldwide
487 exabytes487 exabytes
1,713 exabytes
2501 exabytes
5© Copyright 2009 EMC Corporation. All rights reserved.
Perfect Storm Drives the Need for Efficiency
Information explosion– 70% of information is created by individuals but enterprises are
responsible for the security, privacy, reliability, and compliance of 85% – Your “digital shadow” is larger than the digital information you actively
create about yourself
More lawsuits and regulation– Widespread belief that deregulation was a failure– Food and drug safety– Climate change, and environmental concerns and sustainability efforts– Financial meltdown– Workplace/unions
No New Budget– Do more with less
Enterprise Information Management – How do you get started?
6© Copyright 2009 EMC Corporation. All rights reserved.
Years After FRCP Amendments…
State of Readiness: Unprepared
57% of law firms: Clients are not ready to find and produce information relevant to litigation
39% of In-house: Company is not prepared for e-discovery
Errors Generate Sanctions and Headlines
Scenario 1:
Lawyers for a company produced a small batch of relevant e-mails about
10 hours before trial. U.S. District Court Judge Marilyn Hall Patel
declares “Heads will have to roll.” According to reports, the punished
company had reviewed terabytes of information for this case.
Scenario 2:
Company hit with an $8.5 million penalty for mistakes with its own discovery of e-mail relevant to a patent lawsuit. As federal courts emphasize the responsibility of
parties to conduct thorough discovery searches, more such
mishaps are likely.
“Companies Not Ready For E-Discovery”, http://www.informationweek.com/blog/main/archives/2008/09/ companies_not_r.html, posted 9/23/08 (Andrew Conry-Murray, Information Week). Survey from Oce Business Services.
7© Copyright 2009 EMC Corporation. All rights reserved.
Pension Committee CaseGuidance from the Bench
Some insight from Judge Scheindlin:
Courts cannot expect perfection. They do expect that litigants and counsel take necessary steps to ensure that relevant records are preserved when litigation is reasonably anticipated. One requirement noted by the judge is written hold notifications be issued to and acknowledged by all potential custodians.
Failure to preserve evidence, electronic or paper, resulting in the loss or destruction of relevant information is "surely negligent" and depending on the circumstances, may be "grossly negligent" or "willful."
Preservation of backup tapes can be required if they are the sole source of relevant information related to the matter.
Pension Committee provides guidance related to litigation holds, preservation and search methods, and appropriate behavior by organizations charged with delivering relevant data as part of a civil litigation matter.
8© Copyright 2009 EMC Corporation. All rights reserved.
What is eDiscovery?
8
State and federal regulators, IRS, OSHA, SEC, NASD, FINRA, HIPAA, Data Privacy & Protection
InvestigationInternal and external audits of books and records, Defense Contractor Audit, Govt Contract Audits,etc.
Audit
Current and reasonably anticipated state and federal litigation
LitigationPublic
DisclosureFederal, State and Local - Freedom of Information Act, Open/Public Records Acts
Electronic discovery (eDiscovery) is the process in which electronically stored information (“ESI”) is searched,
collected, preserved, analyzed, and reviewed for legal and regulatory proceedings.
9© Copyright 2009 EMC Corporation. All rights reserved.
Who Are You and How Did We Get Here? – A Brief History
What's Next and Why Should I Care? – 2010 Drivers and Landscape– Costs and Risks of e-Information
What's An Enterprise To Do? – Recommendations and Initiatives– eDiscovery Process and Infrastructure
How Do We Justify That? – The Road To ROI
What's Our Next Step? – Conclusions and Next Steps
How About Some Free Advice? – Q&A
Agenda
10© Copyright 2009 EMC Corporation. All rights reserved.
2009 OutlookHint: It hasn’t changed much for 2010….
Regulatory investigations– Fallout from the financial crisis = enhanced regulation
Employee Litigation – Layoffs generate lawsuits and investigations
Shareholder derivative actions– Reporting, drop in stock, financial crisis
Aggressive IP Practices– Seeking additional revenue sources
CFO Oversight– Weaker economy results in pressure on expenses - including legal
Sources: Forrester: “Trends 2009: eDiscovery”, Brian Hill, 1/15/2009“As companies increase layoffs, lawsuits are likely to follow”, Carol Williams, Los Angeles Times, 12/28/08
Forrester: “As one outcome of the current macro-economic environment… expect more litigation and regulation in 2009.”
11© Copyright 2009 EMC Corporation. All rights reserved.
10xIncreased Costs
To Outsource
$1.5MAverage CostPer Incident
The Costs of eDiscovery
$34MAverage Annual
Legal Costs
89%Of CompaniesFace Litigation
$18M+Cost to Review
1 TB of Info
12© Copyright 2009 EMC Corporation. All rights reserved.
E-mail Is Most Requested Content in Legal Proceedings and Regulatory Investigations…But Not the Only Electronic Information requested
To the best of your knowledge, which of the following record types has your organization been asked to produce in a legal proceeding or regulatory inquiry?
Source: ESG Research Report: 2007 E-mail Archiving Survey, November 2007; based on 107 respondents
E-mail and attachments
General office productivity
Database records
Invoices and other customer records
Financial statements
Phone call recordings and other
Digital images
Instant messages
Video files
Other
E-mail residing on:
File servers
Desktops
E-mail servers
Laptops
80%
60%
49%
41%
25%
21%
16%
5%
36%
29%
80%70%60%50%40%30%20%10% 90%0%
13© Copyright 2009 EMC Corporation. All rights reserved.
Web 2.0 On the Horizon
Blogs: 48% for industry, 33% in government
Wikis: 44% industry; 38% in government.
Facebook: 44% industry; 28% government
YouTube: 26% of government responders; 25% of industry
Virtual World / Second Life (typically used for recruitment or web conferences): 13% of industry responders and 10% of government responders.
IDC, Survey Shows Glimmers of Hope for Government Web 2.0, Adelaide O'Brien, August 26, 2009
14© Copyright 2009 EMC Corporation. All rights reserved.
Who Are You and How Did We Get Here? – A Brief History
What's Next and Why Should I Care? – 2009 Drivers and Landscape– Costs and Risks of e-Information
What's An Enterprise To Do? – Recommendations and Initiatives– eDiscovery Process and Infrastructure
How Do We Justify That? – The Road To ROI
What's Our Next Step? – Conclusions and Next Steps
How About Some Free Advice? – Q&A
Agenda
15© Copyright 2009 EMC Corporation. All rights reserved.
Establish Boundaries Around Information Management…Use the appropriate process for cost & risk management
Enterprise Content Subject to Compliance Control
Unstructured Content
Structured Content
Unmanaged Unstructured Content
Network File Shares
Desktops & Laptops
Manage In-place Fixed Content
LegacySystems
Physical Records
Structured Content
Page-Oriented Data
Database Content
Line-oriented Data
Managed Unstructured Content
Custom
?
Custom
?
Custom
?Collaboration
Content Management
Custom
Common Services
Classify/ArchiveeDiscovery
Policy EnforcementDisposition
Email Archive
Email Systems
16© Copyright 2009 EMC Corporation. All rights reserved.
Electronic Discovery Reference Model (EDRM)
eDiscovery ProcessBring eDiscovery in-house
InformationManagement
Retain or delete based
on value
Collection
Preservation
Review Production Presentation
Processing
Analysis
IdentificationInformation
Management
“IT organizations that have an electronic
information inventory, active policy management and archiving
solutions, and a repeatable process in place for e-discovery will spend up to 50% less on e-discovery … than those that do
not.” ~ Gartner
17© Copyright 2009 EMC Corporation. All rights reserved.
Segment Data by Business Value
Business records
(e.g., automated message capture
of strategic departments/users)
Business important e-mails/docs
(e.g., automated message capture of strategic departments/users or
as part of a Discovery Manager search)
Large-volume e-mails / docs(e.g., routine business e-mail archived as part of
good information governance and regulatory compliance)
Compliance Archive
Compliance orNative Archive
Native Archive
Referential Modest retention Required for discovery
Official business record Long-term retention
Non-record Compliance-driven Enforced deletion
18© Copyright 2009 EMC Corporation. All rights reserved.
Potential ESI
Enterprise Email Server(s)
Local Email stores (pst, etc.)
Relational databases– CRM– Accounting / Financial Data
Fileshares
Content Management
Instant Messaging
Video and voice captures
Backup / DR tapes
Wikis & Blogs
Legacy data
User desktops
CDs, DVDs
PDAs / Wireless phones
Flash drives
Home offices
Legacy / stray tapes
Decommissioned servers
Computer graveyard
Stray drives
Archives
19© Copyright 2009 EMC Corporation. All rights reserved.
Common Questions for IT Infrastructure
What content do I have on my storage? Microsoft SharePoint, file shares, laptops? Is it appropriate? Is it where it should be?
What kind of resources is unmanaged content consuming?
What does it cost me? Is it on the right tier? Should I archive it?
What business records are out there that I don’t know about?
What kind of risk are we carrying? What if there is confidential or private content or content
subject to regulation out there?
How can I clean up my storage? Can I safely delete content that doesn’t have business value? What information do I need to archive and retain?
20© Copyright 2009 EMC Corporation. All rights reserved.
Contracts, Invoices, PII, etcMove to RM System
Mkt. PowerPoint, Meeting Notices, etc.Short RetentionReferential Record
AttributesActionClassification
Lunch, Gym, emails, MP3s, etcDeleteNon Record
Infrastructure
File Remediation / Classification
Record
21© Copyright 2009 EMC Corporation. All rights reserved.
MicrosoftSharePoint
Documentum
Intelligent Information Governance with EMC
Enables educated decision-making and policy creation
EMC Celerra,Data Domain,
Centera
The cloud
Copy/move to archive storage
Identify content to migrate to
Copy/move to cloud storage
EMC SourceOne File Intelligence
Copy/move to enable records
File systems
E-mail servers
Laptops and desktops
Documentum
Microsoft SharePoint
Third-party archives
22© Copyright 2009 EMC Corporation. All rights reserved.
SourceOne File Intelligence: How It Works
Crawl data sources
Build index– Metadata basic– Metadata with
document type– Metadata with
hash– Deep crawl full
text– Deep crawl with
classification
Catalog Analyze Act
Classify files based on metadata, keyword content, and pattern matching
Age, owner, location, file type, etc.
Business value, security risk, intellectual property, PII, PCI
Analyze data with search and report tools– Semantic search with Boolean, proximity, stemming,
phrase support– More than 30 pre-built reports out of the box– Custom reports as needed
Robust action set
– Move, copy, delete, retain, export, tag
Policy-based actions
– One-time– Scheduled– Recurring
Classify Search Report
23© Copyright 2009 EMC Corporation. All rights reserved.
Rich Data Classification
Classify files by attributes– High business value
Files created or modified in the last 30 days Files owned by company executives
– Medium business value Files not accessed in the last 90 days and not modified in the last 180 days .PST files
– Low business value Files not accessed in the last 180 days MP3/MP4, JPEG, MOV files
Classify selected files based on file content and metadata– Files with “Confidential” content
e.g., source code files, patents, product manuals, contracts, etc.
– Files containing non-public information e.g., Social Security numbers, credit card numbers etc.
Classify files based on IT or business input– Administrator tags– Line-of-business tags– User tags
24© Copyright 2009 EMC Corporation. All rights reserved.
File Visibility and Remediation
Reduce risk, lower costs, and improve efficiency
Gain insight into unmanaged file content through granular file-level visibility and reporting
Identify opportunities to optimize storage environments where static data is consuming valuable IT resources
Locate and safely delete content to reduce risk, reduce data volume, and improve operational performance
Reduce risk by migrating content to a secure archive or repository for ongoing policy management
Migrate content to virtualized, deduplicated, and cloud platforms to improve performance and reduce costs
25© Copyright 2009 EMC Corporation. All rights reserved.
Litigation Hold / Collection Spectrum
Tape
Last resort
Pull daily / weekly monthly tapes
Deceptively easy and simple (it’s not!)
Cons: (Not enough room)
Forensics
Focused Use As Needed
Take images of all targeted devices
Very complete Expensive Significant over-
collection Scalability Good tool to have –
not in all cases
Custodian–Driven Holds & Collection
Moderate risk / lowESI Complexity
Custodians do hold/collection of own items
Cheap, simple Shifts burden of work Risk of “Faux
eDiscovery” Can be difficult to do
correctly(e.g. Cache La Poudre)
Loss of metadata
Enterprise / Automation
Best practice
System-based collection of main repositories
Fast, efficient Great ECA Justify initial
investment
26© Copyright 2009 EMC Corporation. All rights reserved.
EMC eDiscovery - Data Flow
Knowledge workers create electronically stored information (ESI) on data sources as usual; this solution requires no changes to data creation processes and no agents to be deployed on data sources
The solution indexes (harvests) the ESI on the data sources to gather intelligence about the stored data
Investigative users search the indexes to determine what ESI is relevant
Relevant ESI is secured and placed on legal hold on immutable storage
Investigator culls through held data and generates production sets for use in legal review by outside counsel or hosted review vendor
Step 2
Fileshares
Exchange Server
Desktops
Microsoft SharePoint
EMC Documentum
Step 1 Step 3 Step 5Step 4
27© Copyright 2009 EMC Corporation. All rights reserved.
EMC SourceOne eDiscovery Kazeon
•Legal Hold reporting dashboard•Legal Hold workflow management•Segregate data and cases by role•Built-in and custom reports
Case Management
•Agent-based & agent-less collection•Full and incremental collections•Laptop / Desktop Collection•Single-step targeted collection•Multiple target repositories
Preservationand Collection
•Distributed and collaborative review•Email analytics and threading•Concept search and analysis•Interactive tagging and review•Highly scalable for multiple case support
Analysis and Review
28© Copyright 2009 EMC Corporation. All rights reserved.
Enterprise Information Governance Solution
Desktops, Remote Offices, and Laptops
TargetLegal Hold
Legal Hold /Legal Store or
Preservation Store – Celerra, Centera, Data Domain &
others
PreservationServer
CollectLegal Store
In-place Legal Hold
FileShares
Avamar BackupsSnapshots
DocumentRepositoriesSharePoint
Documentum
MS Exchange 2003 / 2007 / 2010Lotus Notes / Domino Messaging Servers
SourceOneArchive
S1 Supervisor Regulatory Compliance
Review Sampled Messages
S1 eDiscovery – KazeonIncludes Connectors for:
File SharesHome Drives (laptops & desktops)Exchange & Notes / PSTs & NSFs
DocumentumSharePoint
S1 Email Archive
Other Content RepositoriesCurrently two step collection and unified matter management for:
FileNet, Content Manager, GroupWise and other sources
Email & IMMS SharePointFile Archiving
29© Copyright 2009 EMC Corporation. All rights reserved.
Who Are You and How Did We Get Here? – A Brief History
What's Next and Why Should I Care? – 2009 Drivers and Landscape– Costs and Risks of e-Information
What's An Enterprise To Do? – Recommendations and Initiatives– eDiscovery Process and Infrastructure
How Do We Justify Purchases in 2010? – The Road To ROI
What's Our Next Step? – Conclusions and Next Steps
How About Some Free Advice? – Q&A
Agenda
30© Copyright 2009 EMC Corporation. All rights reserved.
Challenges
IT• FTEs spending time on restores of historic
data based on vague requests by Legal• No ability to delete because of a lack of
insight into data, and unrealistic policies from Legal
Legal• Massive over-collection (“screw drivers and
wheel barrels”), leads to huge legal review and processing costs by outsourcers (1 gig = 50,000 files for review)
• Risk of sanctions for deleting the wrong thing leads to over-preservation (“save everything”)
*“Global purchases of IT goods and services … will equal $1.66 trillion in 2009, declining by 3%
after an 8% rise in 2008.” Global IT Market Outlook: 2009, Forrester Research, 1/12/2009
In 2010 IT Budgets are flat or declining *, but eDiscovery is not discretionary and the money is already being spent
31© Copyright 2009 EMC Corporation. All rights reserved.
eDiscovery and RIM ROI
“Organizations unprepared for e-discovery in 2009 will be at a disadvantage … open to potential sanctions from an increasingly technically literate U.S. judiciary. As defendants, organizations need to respond quickly and effectively ... As plaintiffs, organizations must have their ESI house in order and be prepared for reciprocal discovery requests…”Gartner, “Reduce the Cost and Risk of E-Discovery in 2009”, D.Logan & J. Bace, 1/9/09
“Between 10% and 90% of what [clients] have does not need to be retained for any reason.”
Budget roughly $500,000 on IT
support for cases involving 10 or
more custodians and/or more than
three different systems
One terabyte of data can
result in $18.75M in
legal review costs
Unprepared companies will spend 1/3 more on e-discovery than those with content archiv-ing solutions.
RO
I Fa
ctors
32© Copyright 2009 EMC Corporation. All rights reserved.
The Cost of eDiscovery
Produce
Notice
Collection
Hold
Inspect/Review
* Source: Enterprise Strategy Group, 2007
Cost of holding massive volumes Unanticipated legal risk Spoliation risk
Percentage of discovery costs when proceedingsor investigations involve the discovery of ESI:*
28%
20%
35%
17%
Costs associated with document collection from inaccessible locations
Cost directly related to number of documents to review
Cost of delivering ESI to various recipients on various media (e.g., CD, DVD, or paper)
33© Copyright 2009 EMC Corporation. All rights reserved.
Straightforward ROI
[1] “MarketScope for E-Discovery Software Product Vendors”, Gartner, Inc., 12/17/08.
“T]he payback period for an e-discovery investment is very short, on the order of three to six months after implementation takes place.” [1]
34© Copyright 2009 EMC Corporation. All rights reserved.
Who Are You and How Did We Get Here? – A Brief History
What's Next and Why Should I Care? – 2009 Drivers and Landscape– Costs and Risks of e-Information
What's An Enterprise To Do? – Recommendations and Initiatives– eDiscovery Process and Infrastructure
How Do We Justify That? – The Road To ROI
What's Our Next Step? – Conclusions and Next Steps
How About Some Free Advice? – Q&A
Agenda
35© Copyright 2009 EMC Corporation. All rights reserved.
Get Cross-Functional– IT Meet Legal; Legal Meet IT
Assemble Your Case– Collect data, anecdotes, research
Top-Down– Focus initial work on high impact areas
Let EMC Help– We know your information– Our team can facilitate next steps
Knowledge Is Power– EMC eDiscovery and Compliance (www.emc.com/ediscovery)– Bringing eDiscovery In-House (For Dummies): (www.emc.com/ediscovery4dummies)– The Sedona Conference (www.SedonaConference.net)– EDRM (www.edrm.net)
Next Steps
36© Copyright 2009 EMC Corporation. All rights reserved.
Who Are You and How Did We Get Here? – A Brief History
What's Next and Why Should I Care? – 2009 Drivers and Landscape– Costs and Risks of e-Information
What's An Enterprise To Do? – Recommendations and Initiatives– eDiscovery Process and Infrastructure
How Do We Justify That? – The Road To ROI
What's Our Next Step? – Conclusions and Next Steps
How About Some Free Advice? – Q&A
Agenda
37© Copyright 2009 EMC Corporation. All rights reserved.