- Practice Groups
- About TLS
The Dangers of Self-Collection
By Gary Hunt
When faced with a costly litigation, companies may view self-collection of ESI as an easy way to keep costs in check. On its face, it may seem like a logical choice—who better to locate and collect electronic data than the internal employees and IT teams who work with this data every day? Unfortunately, this well-intentioned attempt to reduce costs can come with significant risks. There are numerous cases where self-collections were challenged in court, resulting in substantial fines for the production party.
With so much at stake, companies should weigh all potential risks when determining how to approach the collection process. If you self-collect with no assistance or support from a third-party vendor, your data may be compromised in the following ways:
It is important to know with confidence what data a custodian has access to. This means knowing key information such as what PCs they use, what shares they have access to on a network, and what external devices they have used, to name a few. By allowing self-collection, you are trusting not only that your client knows each of these repositories exist, but that they are able to properly collect from them in a manner that maintains the data’s integrity.
“The Fox Guarding the Hen House”
Like it or not, some of your client’s employees may not be acting with the best of intentions. Maybe they are trying to hide their own culpability in the matter, or maybe they are trying to prevent other potentially incriminating or embarrassing information—unrelated to the case—from getting out. If one rogue employee deletes or tampers with evidence, the results could be catastrophic for the litigation. The only way to avoid this is to completely cut employees out of the collection process.
Furthermore, your custodians are not qualified to make decisions about which data is relevant to the case. Even if efforts to comprehensively collect data are well-intentioned, the other side can argue that data important to the matter was intentionally skipped or tampered with.
Improperly Collected Data
The most critical factor in a data collection is ensuring that the data is not altered in any way. This is especially problematic when it comes to collecting email. If handled improperly, not only can the date stamps be changed, but attachments can be lost and content altered. Furthermore, if collection tools are used improperly, the original date/time stamps in the messages can be changed to the date/time of the collection. The very act of opening or forwarding ESI documents changes the metadata and makes for an improper collection. These factors make filtering during review more difficult, can negatively impact the environment the data was collected from, and may invalidate the entire collection.
Risk of Re-Collection
When all is said and done, the self-collection may be done incorrectly or questioned by the courts, and you will need to re-collect using a forensic vendor. This is now doubling the collection efforts, making it more expensive for the client and ultimately slowing down the case.
There is no right or wrong answer when it comes to self-collection. There are certain situations when self-collection may be an appropriate choice (for example, small batches of scanned documents and PDFs can be acceptable to self-collect). What should be avoided, however, is choosing a particular collection strategy without properly evaluating the risks and benefits.
Collection is not a black-and-white choice between hiring a third-party vendor and handling the collection in-house. The amount and type of support you receive from a vendor can be customized in a variety of ways depending on your budget, timelines, and the capabilities of your internal resources. The important thing is to consult an experienced third party early in the process, before a single byte of data is touched, so you can develop the most forensically sound process given the specifics of your data landscape. This will reduce overall costs and help avoid delays, while decreasing the potential for quality or defensibility problems downstream in the e-discovery process and insuring your company against potentially catastrophic sanctions.