eDiscovery Security: Preventing Spoliation
When you think of security and law firms, the first thing that may come to mind is preventing cyberattacks and hacks — but what legal experts are actually concerned with is spoliation. Simply put, spoliation is the accidental or intentional deletion or modification of digital evidence.
Data modification can occur in many ways, from the simple act of reviewing the record or making copies for productions to background activities like a Windows update or uploading files into SharePoint or other cloud sharing platforms — even if you think they are in a “read-only” state. Even if your policy is to keep a “safe copy” of evidence that doesn’t get interacted with, security and analytics programs can touch that data, which then modifies the metadata. Before you know it, you updated the last access date, last modified date, and last modified by information which can be critical in many cases. All that speaks nothing of accidentally modifying a contract or letter because of an autosave feature.
Even though you may be able to see who viewed a document last and on what date, all other actions before the most recent one are now lost. A new creation date is produced whenever you download and save a document from a server or email. All of this is considered spoliation.
The issue of spoliation can rear its ugly head as soon as a party becomes aware of pending litigation. If data is deleted from a given timeline, that action is considered illegal – be it in a criminal or civil case. Would you have to prove some intent? Potentially, but in a criminal case spoliation can bring jail time and in a civil case, it can result in heavy fines. What’s more, judges are becoming increasingly intolerant of self-professed technical illiteracy or incompetence. Model Rule 1.1 Competence puts the responsibility on attorneys to understand enough about technology to advise their clients about where and how to preserve evidence. While there is often no malicious intent in these actions, spoliation can create problems for lawyers when introducing evidence into a case.
But of course, you need to be able to collect, access, and review this evidence — so what do you do? An eDiscovery platform can access the data without changing it.
eDiscovery platforms like Everlaw can solve this issue. Once documents are loaded into these platforms as evidence, they can be opened and interacted with without fear of spoliation. The original records within eDiscovery platforms are preserved, so the production copy remains intact and unchanged even if a copy is downloaded and modified.
The security associated with the right eDiscovery platforms is incomparable. All data is encrypted, so whether an attorney’s laptop was stolen or compromised, or a firm’s servers were hacked, evidence held in the eDiscovery tool is safely behind layers of security. A firm can fill out their client’s Security Audits with confidence knowing the client data is always going to be access controlled, monitored, and protected with multifactor authentication. Because client data is kept separate from attorney work product and the firm’s IT systems, a cyberattack or data breach may be inconvenient and slow things down, but the evidence will remain secure.
Another benefit of using eDiscovery platforms is that firms can standardize review and data handling practices across a wide geographic area. A firm can hire contract employees to help tackle large review sets without worrying about the contractor not adhering to the carefully set out rules that limit spoliation when working with evidence locally. As an added bonus, the problems with working remote or “practicing out of state” are neatly avoided. Another benefit is that firms can review and track how much time their staff is spending on these cases so that there’s no ethical or questionable billing.
A platform like Everlaw solves a whole host of problems you encounter when securing evidence and protecting it from spoliation while also minimizing risk from the human element.