Dell WP CIO Strategies Retention & Deletion of...

W HI T EPA P ER

CIO STRATEGIES FOR THE RETENTION AND DELETION OF EMAIL

2008

This White Paper discusses the changes in Federal laws that are requiring more and more companies to search for an off-premises solution for their email archive needs.1 DuBois, Bryant, and Campbell, LLP is an Austin based business law fi rm that offers its clients premier legal services at highly competitive hourly rates. In addition to advising clients on issues of corporate formation and governance, DuBois Bryant services its clients’ IP and litigation needs with a highly skilled and select group of lawyers. This White Paper is sponsored by Dell which offers two different Software-as-a-Service (SaaS) solutions for archiving email: Dell EMS Enterprise Archive and Dell EMS Rapid Archive. Both are described at the end of this White Paper.

1The legal issues discussed in this White Paper are for informational purposes only and should not be relied upon as legal advice. Each company’s situation is unique, and any company that has questions about its legal responsibilities should consult with its own attorney(s). DuBois, Bryant, and Campbell, LLP is available to consult on an individual basis with companies who wish to follow up, but this White Paper is not legal advice.

J. David Rowe and Howard Nirken, Du Bois, Bryant and Campbell, L.L.P.

2CIO Strategies for the Retention and Deletion of Email

Introduction

With new regulations and the recent changes to the Federal Rules of Civil Procedure (FRCP), legal departments are turning to IT leadership to manage the retention, deletion, and search and recovery of email in addition to other forms of Electronically Stored Information (ESI). Chief Information Officers (CIOs) must track billions of email messages, database records and desktop files, know where they are, ensure they are secure, delete them on schedule, and be able to produce them as may be required in litigation.

How does an organization ensure a successful retention strategy that accomplishes all of these (sometimes competing) goals? This White Paper provides CIOs with useful information about litigation issues surrounding ESI, as well as information on how to define and implement a retention and deletion strategy. Also included is an overview of Dell’s on-demand Dell EMS email archiving services, two Software-as-a-Service (SaaS) archiving solutions capable of painlessly solving email retention, deletion, search and e-Discovery challenges.

Retention Requirements forEmail & Electronically Stored InformationOver the past 20 years, there has been a major change in the way organizations not only communicate, but also manage electronic information. Email and other forms of electronically stored information (ESI) have replaced paper as the predominant way to capture and store information for most organizations around the world.

Today, businesses rapidly generate and store digital information; only 0.01% of new information created is on paper.2 The projected growth in email traffic is estimated to be 68% from 2008 and 2012,3 and 75% of most companies’ intellectual property is contained in messages and attachments transmitted via email.4

The Burden on CIOsThis increase in ESI and reliance on email creates a tremendous burden for CIOs and senior IT executives, who are the ultimate protectors of email and ESI. Why? Because changes in the law mean that:

• CIOs must know where and how all of their company’s ESI is stored. This can be problematic, because a large company’s ESI can include billions of pieces of information stored in thousands of places around the world.

• CIOs must also ensure that retention and deletion policies are applied and automated to properly retain and delete business records.

• CIOs must prevent the unlawful destruction of ESI that could be evidence when litigation is pending.

• Lastly, CIOs must provide for search, discovery, and production of information to meet everyday business needs, and the needs of litigation teams and regulatory compliance departments. This may include helping opposing counsel to track changes to any document, and giving access to document metadata.

Litigation & Regulatory ComplianceIn the United States, litigation and regulatory compliance are driving requirements for the protection of ESI. The new Federal Rules of Civil Procedure (FRCP) have set high standards for the discovery of ESI. As a starting point, as soon as litigation is even threatened, an organization must protect its ESI from willful and/ or accidental destruction. And soon after litigation is filed, an organization will need to inventory its ESI and be able to produce it quickly.

But are litigation and regulatory compliance merely theoretical concerns? Actually, no.

How Common Are Lawsuits?According to Fulbright’s 2007 Litigation Trends Survey, 60% of the average company with more than $1 billion in annual revenue is currently facing at least one law suit with more than $20 million at stake. Even one in three of the average mid-sized companies, with $100-$999 million in revenue, are currently facing at least one lawsuit of that magnitude. Nearly 40% of the largest companies spend over $5 million annually on litigation. As data volumes continue to double every few years, the proportion of legal costs allocated to discovery continues to rise at an alarming rate.5

2University of California, Berkeley, 2003, “How Much Information?” http://www2.sims.berkeley.edu/research/projects/how-much-info-2003/ 3Michael D. Osterman, Osterman Research, 20084ESG; “Unlocking the True Power of Enterprise Message Management,” September 2005.5Fulbright & Jaworski, 2007 Litigation Trends Survey


CIOs need to understand that they are at the sharp end of litigation: if an organization manages its ESI poorly, a lawsuit can be lost on procedural grounds, regardless of the merits. Figure 1 lists some recent cases where an organization’s fate depended not on the merits of the underlying case, but on the way in which it managed and produced its ESI.

Figure 1: Example Cases and Penalties for FRCP Non-Compliance

ComplianceThere are myriad city, state, and federal rules that require the retention of email and other ESI. Compliance

regulations vary greatly from industry to industry, among departments, and even among businesses within a

given industry. Perhaps the two best known are Sarbanes-Oxley (SOX) and the Health Insurance Portability and

Accountability Act (HIPAA).

Litigation: The Driving Force behind Records RetentionOver the last decade or so, trial lawyers have learned the benefits of seeking out hidden nuggets in email that

tend to be more candid than formal letters and memos. The trial bar has responded by asking federal and state

courts to adopt uniform rules and procedures for dealing with the discovery of ESI. Those new policies are

going into effect all over the country, and include a revised set of procedures adopted by the federal courts by

way of an amendment to the Federal Rules of Civil Procedure. While the new rules have taken different forms,

they all tend to have at least one thing in common: they require companies to have a complete and accurate

handle on their ESI. No matter how complex the business, courts consistently place the onus—and the cost—of

inventorying and producing ESI on that organization. This is sometimes true even when a company is not a party

to a lawsuit, but receives a subpoena for records anyway.

As a result, CIOs must take the FRCP (and similar state law rules) very seriously in order to protect themselves

from costly litigation, substantial penalties, sanctions, and onerous and expensive efforts to produce electronic

evidence. Indeed, as Figure 1 illustrates, the fate of the company can literally lie in the CIOs hands.

So what do the revised Federal Rules of Civil Procedure say, exactly?

Amendments to the Federal Rules of Civil ProcedureOn December 1, 2006, the amendments to the FRCP took effect and drastically changed how ESI is treated in

the courts. The FRCP is a set of rules proposed and approved by the U.S. Supreme Court, Congress, and the

Judicial Conference, which govern procedures in federal courts. The new amendments clarify procedures for the

discovery of electronic information.

Failure to produce tens of thousands of relevant electronic documents associated with one of its corporate witnesses, warranted monetary sanctions ($8.5 million). Qualcomm, Inc. v. Broadcom Corporation, 306 F.3d 99, 110 (S.D. Cal. January 7, 2008).

Willful destruction of potentially relevant evidence led to sanctions, an adverse inference instruction, and $29 million in damages. Zubulake v. UBS Warburg LLC, 231 F.R.D. 159 (SDNY 2005).

An initial conviction hinged on whether document destruction was part of an established policy or obstruction of justice. United States v. Arthur Andersen LLP, 374 F.3d 281, 293 (5th Cir. 2004).6

An ineffective method of communicating a preservation order (i.e., bulk email) requiring preservation of certain sales data led to widespread destruction of evidence and sanctions, including a $1 million fine, attorneys’ fees award, and an adverse inference instruction. In re Prudential Insurance, 169 F.R.D. 598 (D.N.J. 1997)

6Following the demise of Arthur Anderson, the ruling was later overturned by the Supreme Court of the United States on the grounds that Andersen did not violate 18 U.S.C. § 1512(b)(2)(A) and (B), which made it a crime to “knowingly … corruptly persuad[e] another person … with intent to … cause” that person to “withhold” documents from, or “alter” documents for use in an “official proceeding.”


The amendments to the FRCP created new requirements for organizations, including the following:

• Know what ESI exists

• Know where that ESI is stored

• Be able to produce that ESI rapidly in the case of litigation

If organizations do not adhere to these rules, the sanctions are severe. A case can be lost on procedural issues

alone, regardless of the merits. Figure 2 below shows four key provisions of the FRCP that organizations must be

able to meet. Many organizations today—both big and small—do not have the capabilities or technology to satisfy

these requirements.

Figure 2: Four Key Provisions to the FRCP

Do Not rely on the “Safe Harbor” ProvisionSometimes, courts will not require the inventorying and production of information stored on backup tapes, or

information stored in legacy systems that are no longer active for business purposes. But this “Safe Harbor”

provision only applies when electronic evidence is lost as result of the routine, good-faith operation of an

electronic information system.7

In other words, if an organization does not have a retention policy, and information is deleted from backup tapes or

legacy systems, it is possible that a court will order the organization to provide ESI regardless of the burden or cost.

Also, an organization must stop destroying ESI, even as part of a routine process, if that organization has reason

to believe it may be involved in litigation (see “Litigation Holds” section, below).

26(f)(1-4) Meet & Confer The parties must confer before the scheduling conference regarding any issues relating to disclosure or discovery of

electronically stored information - ESI.

26(b)(2)(B) Reasonably AccessibleA party need not provide ESI from sources that are not

reasonably accessible because of undue burden or cost. Court may specify cost-shifting or conditions of such discovery.

34(b)(2)(E) Format The request should specify the form(s) in which ESI is to

be produced – or a party must produce it in the format in which it is ordinarily maintained.

37(f) Safe Harbor Court may not sanction a party for failing to produce ESI

which was lost due to routine, good-faith operation of its document management system.

An organization must know at the beginning of a case what relevant ESI exists, where it is, and how hard it is to access.

An organization must quickly produce all relevant electronic information from accessible systems.

Opposing litigants want to track changes to documents and view metadata, and the producing party has to provide the

means to do it.

As long as litigation is not pending or threatened, an organization can implement a document retention policy and

not be penalized for having purged information routinely in accordance with that policy.

Legal Rule Plain English

7 Fed. R. Civ. P. 37 (f).


Four Steps to a Successful Retention Strategy for Email & ESIHow does an organization create a successful retention strategy? To do so, it must:

1. Understand where ESI is stored2. Create written retention policies and a legal hold mechanism3. Implement those retention policies 4. Implement search and discovery capabilities that can efficiently retrieve ESI

Step 1: Understand Where Electronic Information is StoredThe first step in implementing a successful retention strategy is to understand what data constitutes ESI, and know where it is stored. Figure 3 below shows just a sample of what is included in ESI:

Figure 3: Four Key Provisions to the FRCP

As this chart shows, ESI is typically stored in numerous locations within the organization as well as off site. It includes every desktop in the organization, every flash drive used by an employee, every notebook carried out of the office, and even smart phones. To make matters even more complex, multiple copies of email for disaster recovery, archiving, and compliance reside in discrete systems. And because these various copies tend not to be identical, an organization may find itself having to search each one for potentially responsive information.

Locating ESI involves assessing backup processes and procedures (probably with the help of IT and disaster recovery (DR) teams). It also requires the CIO to understand how the business units use their computers to create and store ESI on a daily basis.

To refine the process, a CIO should consult with legal counsel, preferably someone with actual experience in searching for ESI in the context of an actual lawsuit. Practical experience in this area—like so many others—is worth years of theoretical training. Smart CIOs will be well counseled to create a comprehensive data map before they are hit with an actual subpoena. But if a CIO finds herself having to respond to a subpoena before she has been able to create a data map, she absolutely must consult with the lawyer representing the company.

Electronic format of any data

Email (corporate and personal)

All email attachments

Business contracts

Metadata

All data inside your contact management system

Flash video

Tape backups

Smart phones & PDAs

Digital signatures and time stamps on records

System-generated reports

Scanned images

Digital photograph

.WAV files

Data in your sales system

Documents stored on your personal hard drive

Flash drives

Faxes

Signed contracts

Spreadsheets, Microsoft Word® documents

Microsoft PowerPoint® and .PDF files

Web browser cache

Instant Message conversations

CD-ROMS

Digitally stored voice mail

Examples of Electronically Stored Information


In addition, an organization should review its current practices – do end users tend to create .pst files that are stored locally on their desktop? Does the organization experience frequent outages that encourage users to rely on personal email accounts such as Gmail or Hotmail for business related tasks? Do the outside sales force use text messages to communicate with customers? Do users tend to save documents as attachments to email instead of saving them elsewhere?

Start with EmailIn crafting retention policies, organizations should start where the lawyers start: with email. Email is the most important type of ESI and one of the most difficult applications to manage. Email has become the key focus for litigation for several reasons. Email is the corporate system of record. Email is used by customers, employees, and partners and includes key documents such as contracts, P.O.s and proposals sent as attachments.

More importantly, for litigation, email uniquely captures context and intent. Winning a court case is often about showing what people are thinking at a particular time. Employees are often off-guard when they send email, and email usually includes a narrative that shows both thought process and intent.

As the legal landscape evolves over the next few years, organizations will need to closely track evolving best practices in e-Discovery and find ways to defend themselves against unreasonable discovery requests.

Step 2: Defining a Retention StrategyHow does an organization determine a retention strategy? Often there will be internal conflict, with some wanting to destroy messages as quickly as possible, and others wanting to retain them for as long as possible.

Users, for example, typically want to keep messages for as long as possible for business purposes or for convenience. Compliance departments may want to keep messages as long as possible to ensure compliance with regulations. The CIO and the IT staff, on the other hand, often want to delete messages as quickly as possible. Deleting messages reduces the cost and complexity of managing and keeping email up and running.

Legal departments can have differing views. Some legal teams prefer deleting messages as soon as possible to eliminate “smoking guns,” while other legal teams want to keep messages as long as possible because they believe the defense value of the context provided by email is more important than the damage of the potential “smoking guns” in email data. Often it is assumed, and correctly, that the damaging email is already in the hands of opposing counsel; after all, when an organization deletes email, it does not impact the recipient’s retention of that email.

Approaches to Retention / Deletion PoliciesWhat policies should be adopted? Unfortunately, there is no single answer to this question. Discussions with many CIOs have revealed three typical approaches for determining retention policies. These include:

Universal Retention Policy: An organization saves all messages sent and received by all employees, regardless of user or content, forever. This policy may be the easiest to implement, but it is the most expensive to maintain.

Retention Based on User Role: This approach provides a specific user in a particular department or role with a unique retention policy. A simple example of this would be keeping messages for anyone in the finance department for seven years, whereas users’ messages in other departments are only kept for one year.

Retention Based on Message Content: Basing retention on specific content or key words is probably the most difficult type of retention policy to implement for it carries risks of deleting messages that need to be kept.


Sample Acceptable Policies:Here are some acceptable and questionable policy examples seen in practice:

Delete everything after 30-days. While this policy may be in violation of some industry compliance regulations, it would be unlikely to violate the FRCP, simply because it is clearly stated and applies to all records in a reasonable, consistent manner.

Keep email for finance, HR, and procurement users for seven years; all other mail for one year. This policy is also an acceptable policy as it defines a clear standard applied consistently to all messages.

Keep all messages forever. This policy would be in full compliance with just about any regulation in existence today, including the FRCP. However, even without litigation it is a costly and complex policy to manage. And should the organization be involved in litigation, it would become unwieldy in the extreme, and ESI management and retrieval costs would be massive.

Here are some acceptable and questionable policy examples seen in practice:

Sample Questionable Policies:Users determine how long to keep documents. This is not a retention policy. If an organization abdicates responsibility for message retention and deletion to users, a company risks spoliation problems and will be unlikely to find a berth in the FRCP’s safe harbor provision.

Save all messages with certain keywords for five years and delete everything else. Many people, especially those in the records management field, advocate a content-specific approach to retention of electronic information. However, this policy can be very risky. First, it is nearly impossible to identify all of the key words for information that an organization might want to retain. Conversely, if the key word list is too comprehensive, then few items will get

deleted, effectively becoming a keep everything approach.

Tell employees what to save and delete, but do not enforce the policy. There is little difference between not having a policy at all and putting a policy in place but not enforcing it. In fact, the existence of an ignored policy is fodder for opposing counsel in litigation and will subject an organization to spoliation problems and a refusal by the court to apply the FRCP’s safe harbor provision.

In short, whichever policy is adopted, it must be applied consistently and involve the entire organization. As a minimum a retention and deletion policy should be:

• Developed through a consensus of key stakeholders

• Written down

• Applicable to specific individuals, groups, and teams

• Clearly explained to employees through repeated, ongoing training

• Part of new hire training

• Audited to ensure that policies are being followed

• Responded to immediately when anomalies are found

• Automated, and provide mechanisms for litigation holds


Additional Retention Policy ConsiderationsAs problematic as email can be, it may still have some management advantages over other forms of electronic communication. Some organizations may want to consider prohibiting IM or text messages in an effort to funnel more communications through the email server. At least this way, all of the communications are (sort of) in one place.

Another common issue that organizations encounter in litigation is the frequency with which attachments are stored with email, oftentimes with multiple versions of the same or identical document. A potential strategy to reduce the number of documents is to prohibit original attachments in replies. Or a company might prohibit (or severely) attachments altogether and require emails to include hyperlinks instead.

Yet another common issue that creates heartburn when trying to locate ESI is when users store *.pst files in folders on their desktops. These files are beyond the reach of most centrally operated software applications, and require a computer-to-computer search. In a 10-user office, it’s a headache. In a 10,000 user organization, it’s a nightmare. One potential solution to consider is the adoption of a document management system that allows users to drag and drop emails into folders that look like a typical Microsoft Outlook folder, but which actually store the emails on a server instead of a desktop.

Litigation HoldsWhile the FRCP rules do allow flexibility in defining policies to meet the needs of individual businesses, there is one policy that cannot be ignored – the legal or litigation hold. A litigation hold is a communication within an organization that orders all information relating to a dispute that is the subject of current or “reasonably anticipated” litigation be preserved for possible production. When an organization is anticipating or involved in litigation, legal holds are mandatory.

Litigation holds may occur before an initial court filing. If an organization has a business dispute that may lead to litigation, the litigation threat alone is enough to require a litigation-hold mechanism. The organization must “turn off” their standard deletion policies to ensure the retention of potential evidence related to the dispute or risk a spoliation finding and sanction.

Why is an effective litigation hold policy crucial?

“Omnia Presumuntur Contra Spoliatorem” – in a courtroom, all things are presumed against those who destroy evidence, even if that evidence is destroyed accidentally. This is known as “spoliation.”

Spoliation can destroy a court case and, in extreme examples, a business. The elements of spoliation vary from court to court but generally include:

1. Pending or probable litigation involving the plaintiff,

2. Knowledge on the part of defendant that litigation exists or is probable,

3. Willful destruction of evidence by defendant designed to disrupt the plaintiff’s case,

4. Disruption of the plaintiff’s case, and

5. Damages caused by the defendant’s acts.8

Penalties for destroying evidence also vary, but can include:

• Monetary sanctions

• Legal fees

• Adverse inference instructions, that tell the jurors to presume damaging information was indeed included

in the evidence destroyed, and to consider that information during deliberation

• “Death penalty” sanctions, where a party’s entire pleadings are stricken9

• Criminal charges for obstruction of justice

8Smith v. Howard Johnson Co., 615 N.E.2d 1037, 1038 (Ohio 1993).9See, e.g., Kamatani v. BenQ Corp., 2005 WL 2455825 (E.D. Tex. Oct. 4, 2005) (Refraining from entering “death penalty” sanction though f inding it to be warranted, court struck certain aff irmative defenses as sanction for defendant’s “blatant and extensive” discovery violations which included a deliberate failure to search its own records for relevant documents; court fur ther awarded plaintiff its attorneys’ fees and imposed a monetary sanction of $500,000 to be paid to the court within 30 days of the order.


Step 3: Implementing Retention & Deletion PoliciesImplementing retention and deletion policies involves more than just writing policies down and giving them to employees. As noted previously, a policy that exists on paper but not in practice is worse than useless. Experience shows that successful implementation requires a combination of effective processes and technology.The initial task involves working with DR and the IT team to synchronize the organization’s backup policies with the retention policy. If an organization uses tape for backup and DR, it must ensure that the retention period for backup tape is shorter than all other retention periods. This step ensures that, in case of litigation, older backup tapes are not subject to a litigation hold.

Once DR and storage management methods are integrated, the organization should implement policies and processes to ensure that email content is not being moved to home computers, stored in .pst files, or being kept on users’ computers past the deletion date. This requires centralized email and ESI management and is necessary to prevent further distribution of ESI beyond the control of the retention / deletion system. An organization should implement regular employee training on retention requirements, and there should be a process in place to monitor for violations, as well as a standardized enforcement process.

Archiving TechnologyWhile the FRCP rules do allow flexibility in defining policies to meet the needs of individual businesses, there is one policy that cannot be ignored – the legal or litigation hold. A litigation hold is a communication within an organization that orders all information relating to a dispute that is the subject of current or “reasonably anticipated” litigation be preserved for possible production. When an organization is anticipating or involved in litigation, legal holds are mandatory.

Effective control of retention and deletion policy management requires an archiving system. The archiving solution should have the flexibility to apply discrete retention periods to different users, groups, departments, etc. Rules concerning retention periods are evolving and the archiving solution should be able to change retention periods as needed. An organization’s core email system, whether it’s Microsoft Exchange®, Novell GroupWise®, or Lotus Notes®, will not provide this level of archiving technology. A third-party product or service must be installed to granularly manage retention and deletion policies as well as manage e-Discovery.

In addition to routine retention and deletion policy management, organizations should choose archiving technology that enables an organization to quickly implement litigation holds. Litigation holds may be ongoing for an extended period of time for specific users, groups or departments, and tape backups do not provide a compliant mechanism for litigation holds. If your organization uses backup tapes and nightly backs up email messages, and a user deletes an email before that nightly backup, this message is deleted forever and clearly violates the spirit of the litigation hold. Today, archiving technology is a requirement for organizations subject to litigation risks.

An organization also needs archiving technology to have the ability to import distributed content. The archiving solution should enable them to intelligently import messages stored in Exchange, local .PST files, and legacy systems. By centralizing distributed email into a single archive, an organization will have complete control over email retention policies, compliance, e-Discovery, and litigation holds.

Lastly, archiving technology should have strong disaster recovery (DR) capabilities for the primary environment to ensure email outages do not invalidate retention policies. Research shows that companies face a 72% probability of an email outage in any given 12 month period.10 When corporate email goes down, users start using their personal email accounts to continue to send and receive corporate email. This creates a universe of messages that the organization is still responsible for managing and potentially discovering during litigation, though is not controlled or even visible to IT. These risks make it crucial that an organization have a DR and continuity process in place to ensure messages are never lost and that archiving continues no matter what happens to the local infrastructure, hardware, software, or staff.

10Dell EMS Activation Data, 2008.


Step 4: Search, Discovery, & Recovery of Electronic Information

ESI in Litigation: What is DiscoverableOnce an organization locates and accounts for its ESI, it must determine what ESI is discoverable in litigation. Generally information that is “reasonably accessible” is discoverable. This includes any information – no matter how old or in what format – that can be produced in a timely fashion.

The new FRCP require the rapid discovery of electronic information. The rules require organizations to be able to walk into their first meeting with a litigation opponent and be able to address up-front what their plan for electronically stored evidence is going to be.

Electronic Discovery, Step-By-StepBelow, Figure 4 shows the components of ESI production, from pre-litigation management to presentation of evidence to a judge or jury. Note that as the process unfolds, the amount of ESI decreases and the relevance of the ESI identified increases.

Figure 4: Electronic Discovery Reference Model

As Figure 4 shows, during the regular course of business an organization needs to be proactively managing its information, so that should it become involved in litigation, it can work towards minimizing time spent identifying and producing irrelevant ESI.

But what is the timeline for the production of ESI in a lawsuit? There is no definitive answer to this question, simply because in any lawsuit deadlines will depend on agreements made by parties and deadlines imposed by courts. Generally speaking, however, the timeline below shows the progression of a federal court lawsuit.

10


Figure 5: Litigation Timeline

Search and e-Discovery Requirements you can have as little as 14 days to produce email evidence

A CIO takes his first action even before a lawsuit is filed. As soon as an organization anticipates that litigation is imminent, he or she must activate the designated procedure for a litigation hold. This is true even if the time between anticipated litigation and the actual lawsuit turns out to be days, months, or even years away.

Once the lawsuit is filed, the defendant has twenty days to respond. After that, the lawyers will schedule the initial “Rule 26(f)” conference, which can be anywhere from two weeks to three months after the answer is filed. This is relevant to you as a CIO, because just fourteen days after that 26(f) conference, both sides must submit a discovery plan to the court. This plan will almost certainly include dates for the production of ESI. It is therefore crucial for the CIO to, before the conference, communicate with the organization’s lawyers so the CIO and the lawyers understand what and how much ESI is at issue, and how long it might take to gather it.

Similarly, just 14 days after the initial conference, parties to the lawsuit are required to make certain mandatory disclosures, including relevant ESI. To be sure, a company can later supplement its initial production of ESI if it later locates additional responsive information. But the smaller the original production, the greater the risk of incurring the wrath of the court, and consequent legal or monetary penalties.

Production of ESI will likely continue throughout the case, with a party having just 30 days to produce ESI after each new request. Being able to understand, manage, and access the organization’s ESI is therefore crucial at every step of a lawsuit.

The e-Discovery ChallengeSearching for messages is particularly challenging for most organizations. Storing, indexing and searching billions of messages is a mammoth technological problem.

To illustrate this point, let’s compare a typical large organization to Google. Google currently indexes about seven billion web pages from around the world. In order to support this volume it is important to note that Google has 10,000 employees, 450,000 servers, and a billion dollar technology budget.11

Must Place Litigation Hold

Must know what relevant data

exsists, propose ESI Discovery Plan

May include ESI disclosure

Must produce responsive data, including ESI in

agreed format

Litigation Timeline

Anticipation of Litigation

Lawsuit Filed

Defendant Answers

Initial 26fConference

Response to Mandatory Intial

Disclosure

Response to Written Discovery

? 20 Days 14 Days14 - 90 Days 30 Days

11Google, 2007. 11


Compare this with the challenges of a typical large corporation for e-Discovery of email. A large organization with 30,000 employees averages 95 email messages per day, per employee, which totals over 2.8 million messages per day. In a year, this becomes over 1 billion messages, and if this organization has a 7-year retention policy that equates to over 7 billion messages that this organization will be required to store manage, and search. This is a Herculean challenge. There are not very many organizations that can apply Google–like resources to the problem.

Storing and indexing the volume of email that is required for e-Discovery search is one of the primary reasons on-premise archiving solutions can be very complex and difficult to manage. Finding relevant email in a timely manner is even more difficult.

Legal discovery tends to be an iterative process with legal staff defining search criteria, and IT staff producing search results, which in turn drives the legal staff to redefine a new search, etc. This process can be streamlined considerably by allowing legal staff to execute bounded searches. Some archiving solutions now enable the delegation of search authority allowing only specified areas of the archive to be searched for specific keywords. In order to meet discovery timelines, and to gain a competitive advantage in litigation by knowing the extent of problems early in the process, the search functionality must be efficient and fast. Global search of millions of messages needs to occur in minutes, not hours (or days). Search capabilities should include searching over full text and complete metadata, all possible attachment types, and searches by user, mailbox, and keywords.

Care should be taken in evaluating archiving technologies; flexible retention policies, legal holds, and rapid search are just a few critical criteria. Additionally, deployment and maintenance complexity should also be carefully considered. An on-premise archive for a large organization can take months if not years to deploy. Once deployed, if not done perfectly, maintenance, performance and scalability problems will also ensue.

Contact DuBois, Bryant & Campbell, LLP Call 512.457.8000 or visit www.dbcllp.com to request additional information about document retention and e-discovery issues.

12


Dell™ EMS Enterprise Archive™

Email archiving service designed for e-Discovery, compliance, storage management and disaster recovery

Today, email is one of the most important business applications and one of the most difficult to manage. With changes in the Federal Rules of Civil Procedure, onerous litigation requirements, new regulations requiring compliance, and rapid data store growth, CIOs are inundated with email-related problems.

Dell EMS Enterprise Archive successfully addresses these email archiving challenges with a near maintenance-free, on-demand service. Dell EMS is a SaaS solution that securely stores email off site based on specific email retention policies. Once email is stored, Dell EMS helps companies manage email retention and deletion based on corporate policies, helps save messages to aid in the compliance with regulatory requirements, facilitates rapid discovery and production of email for legal purposes, and stubs email to reduce data stores by as much as 80%. In addition, Dell EMS provides integrated continuity and disaster recovery capabilities that can effectively eliminate Microsoft Exchange® server downtime and data loss.

Unlike on-premise alternatives, Dell EMS Enterprise Archive can be quickly and cost-effectively deployed for any subset of users. In as little as a day, Dell EMS can help companies eliminate their most pressing email related problems, including providing immediate e-Discovery and legal hold capabilities for pending litigation.

Dell EMS Enterprise Archive has the following benefits:

• Flexible retention policy engine – Complete administrator control over mail retention policies by user, group or message makes it easy to implement complex retention policies and to secure targeted messages with legal holds. Dell EMS can provide a complete audit trail of all activities, including permission and policy changes.

• Near sub-second e-Discovery search – Search and retrieval of email and 400 types of attachments based on any criteria or search terms. Bounded global search capability can be delegated to legal staff or managers.

• Integrated storage management – Reduce Exchange data stores by as much as 80% by replacing duplicate attachments with stubs. Set granular stubbing policies based on size, age, and type for users, mailboxes, servers or groups.

• Intuitive Outlook® integration – Users can search the archive, retrieve stored attachments, and restore lost messages directly from Outlook or any web browser.

• Store Once, Use Everywhere – Help reduce the cost and complexity of managing multiple data stores by storing each email only once and using this archive for storage management, legal discovery, continuity, recovery and compliance.

• Enterprise-class security – Dell EMS has many layers of security including integration with authentication services,AES encryption of messages, SSL encryption for transport, and is hosted within top-tier disaster recovery datacenters.

• Low TCO – Dell EMS can be fully deployed in hours, requires no dedicated staff, and can be easily administered from a single web console. Dell EMS is designed for high availability: it’s not dependent on your facilities, hardware, software, storage, infrastructure or staff.

Dell EMS Enterprise Archive

13


Dell EMS Rapid Archive™

Email archiving service providing rapid e-Discovery search and flexible retention policy management

Recent revisions to the Federal Rules of Civil Procedure and many state court rules establish new requirements for the rapid discovery and production of email messages. For many organizations, the cost of implementing archiving solutions capable of meeting these requirements have kept these solutions just out of reach. Dell EMS Rapid Archive is designed to provide the critical archiving functionality to aid in rapidly meeting FRCP legal discovery requirements in a low cost, near maintenance-free, SaaS service.

Dell EMS Rapid Archive securely stores email offsite based on specifi c email retention policies. Dell EMS helps companies manage email retention and deletion based on corporate policies, helps save messages in compliance with regulatory requirements, and facilitates rapid discovery and production of email for legal purposes – all for a fraction of the cost of most other archiving systems.

Unlike on-premise alternatives, Dell EMS can be quickly and cost-effectively deployed for any subset of users. In as little as a day, Dell EMS can provide immediate e-Discovery and legal hold capabilities for pending litigation.

Dell EMS Rapid Archive has the following benefits:

• Sub-second e-Discovery search – Search and retrieval of email and 400 types of attachments based on any criteria or search terms. Bounded global search capability can be delegated to legal staff or managers.

• Flexible retention policy engine – Complete administrator control over mail retention policies by user, group, or message makes it easy to implement complex retention policies and to secure targeted messages with legal holds. Dell EMS provides a complete audit trail of all activities, including permission and policy changes.

• Store Once, Use Everywhere – Help eliminate the cost and complexity of managing multiple data stores by storing each email only once and using this archive for legal discovery, continuity, recovery and compliance.

• Enterprise-class security – Dell EMS has many layers of security including integration with authentication services, AES encryption of messages, SSL encryption for transport, and is hosted within top-tier disaster recovery datacenters.

• Low TCO – Dell EMS can be fully deployed in as little as a day, requires no dedicated staff, and can be easily administered from a single web console. Dell EMS is designed for high availability: it’s not dependent on your facilities, hardware, software, storage, infrastructure or staff.

Dell EMS Rapid Archive

14

Contact Dell Visit www.dell.com/modularservices to request additional information or to schedule a meeting.

Dell WP CIO Strategies Retention & Deletion of...

Documents

Transcript of Dell WP CIO Strategies Retention & Deletion of...