eDisclosure: The Perfect ESI Storm

April 22, 2015

Multiple factors are creating a perfect storm of challenges relating to the management of electronically stored information (ESI). Ever-increasing data volumes, the volume of cross-border litigation and increased regulatory investigation all put pressure on those tasked with managing expanding amounts of ESI which must be searched and reviewed. Savvy companies are recognising the need to engage with an expert partner to administer the eDisclosure process.

Rise of the regulators

The trend for national regulators to initiate large-scale investigations into global organisations has increased.[1] Authorities across the world work individually and cooperatively to interrogate corporate information and expose regulatory breach, resulting in the imposition of fines and sanctions against global organisations.

Each regulatory authority can request categories of evidence to satisfy its particular requirements and may seek information at any time either during or at some time after the initial investigation or enforcement action. The extensive preparation undertaken when responding to an initial regulatory or internal investigation may uncover information which may also be useful for future litigation and investigation.

Growth of data volume

Mobile media (such as the use of smartphones and tablet computers) has become integrated into day-to-day lives, and new forms of metadata, such as tracking and location-based data, are evolving daily. Mobile media has converged with the phenomenon of social media and, in some cases, has replaced other forms of communication. Driven by the ubiquity of the smart phone, the mounting popularity of the tablet computer, and the near-continuous digital dialogue for work and play across a variety of media, important considerations are emerging in this area of eDisclosure. To prepare for and respond to legal requests, new technologies and techniques such as Technology Assisted Review (TAR) are necessary for searching and analysing large volumes and disparate types of ESI.

Rush to the cloud

Potential risks have also been exposed in the efficacy of cloud computing, which had been heralded as an answer to the mounting costs associated with managing rising ESI volumes. European corporate customers of US-based cloud providers must now rethink their cloud strategies as the US courts assert rights to extra territorial encroachment on data held in foreign data centres. The repercussions for European businesses could be significant.[2]

Where data resides and therefore who can access it is moving away from the traditional proprietary model to a mix of proprietary and public sources. Consequently, companies have decreasing control over and access to their own data, increasingly storing it in the cloud under the management of third-party providers. Users of US cloud providers are currently taking note of the U.S. court decision in the Microsoft case. If the court succeeds in arguing that the physical location of the data hosted by Microsoft is irrelevant, European cloud users will need to consider how best to protect their data.[3]

Globalisation of business

With improvements in transportation and communication, international business has grown rapidly since the beginning of the 20th century.[4] International business arrangements have led to the formation of companies with a worldwide approach to markets and production. Most of the largest corporations operate in multiple national markets. In fact nearly a quarter of all world trade occurs within multinational corporations.[5] Consequently, data is frequently shared across borders. Advances in technology have enabled data to be moved rapidly and stored indefinitely in numerous locations. As data is moved, security breaches become a tangible risk, bringing with them the potential to violate national and international data transfer regulations and privacy laws. These risks are becoming more common as more countries implement privacy laws that regulate cross-border data transfers. These laws typically forbid cross-border transfers unless certain conditions are met or impose regulatory obligations upon the transferring companies.[6]

A combination of these factors puts pressure on businesses to establish comprehensive, up-to-date eDisclosure strategies, because as corporate requirements become more complex, so too do the required responses. Predictably there will be winners and losers in this storm. Predominant amongst the winners will be those companies which partner with eDisclosure experts who are agile and able to deploy appropriate technologies and solutions. The losers will be those who fail to innovate and prepare for change.

Deborah Blaxell is International Marketing Manager at Epiq Systems

 



[1] For example, The Serious Fraud Office (SFO) is now focusing on fewer but larger and more complex investigations. See, Who’s Who Legal, http://whoswholegal.com/news/features/article/31746/business-regulation-uk-changing-landscape September 2014

[2]Channel Register, http://www.channelregister.co.uk/2014/09/23/microsoft_vs_the_long_arm_of_us_law/, September 2014

[3] http://www.scl.org/site.aspx?i=ed38846

[4] For example, the growth in volume of world trade grew from 0.90% between 1913 and 1950 to 7.66% between 1950 and 1973, see Our World in Data, http://ourworldindata.org/data/global-interconnections/international-trade/, Max Roser 2014

[5] ‘Globalization’ the encyclopaedia of informal education http://infed.org/mobi/globalization-theory-and-experience/ 2002

[6] Global Legal Post, http://www.globallegalpost.com/commentary/data-across-borders-96787229/, 6th September 2013