Addressing The Dark Side Of Big Data: Preservation, Legal Holds And Defensible Disposition After Rambus

Sunday, November 25, 2012 - 12:40

If there is one area of agreement between the chief legal officer and the chief information officer, it is that there is a dark side to big data – the immense amount of information that their organization is saving. From the CIO perspective, there are hard costs for storage, personnel and equipment to maintain, upgrade and make available at the speed of business, petabytes upon petabytes of disorganized information. From the CLO perspective, the dark side of big data is being formed by the consequential costs in the form of e-discovery and outside legal fees to sort through the data.

After a very expensive e-discovery exercise, one legal department requested a report on files that were a year past their retention date and that were categorized as nonresponsive to litigation. They found that more than $5 million was spent reviewing those documents – documents that could have been disposed of well in advance of litigation. Other companies, large and small, are intimidated by the file shares and SharePoint sites that have no accountable steward that grow unmonitored.  Almost all companies have at least one legal hold, and with no one accountable to ask, the file shares and SharePoint sites might be assumed to hold potentially relevant documents.

The practice of defensible disposition addresses the dark side of big data. Using both the document retention policy and the legal hold inventory as inputs, an enterprise can now design a business process to prioritize and, in a systematic and transparent way, dispose of data that otherwise would be held in perpetuity.

Guidance From The Rambus Case

The recent Rambus case (Hynix Semiconductor, Inc. v. Rambus, Inc., No. C-00-20905 RMW (N.D. Cal. Sept. 21, 2012)) provides guidance to avoid spoliation of evidence charges. The disposition should not take place as part of a litigation plan. Records and data should not be destroyed wholesale when litigation is reasonably foreseeable. The officer in charge of destruction should understand and be accountable for the enterprise’s litigation hold and preservation responsibilities. The disposition of records should be content neutral and apply to a wide variety of documents, not only documents that are frequently responsive to a certain type of litigation. The motivation should not be to dispose of potentially harmful documents. A record should be kept of what was destroyed, by whom and when, with an accounting of the retention policy, the actual practice and the monitoring of results.

E-discovery tools and processes provide a strong foundation for defensible disposal. E-discovery tools have robust tracking and reporting functionalities. They have a method to classify or tag documents. Workflow classifications can be quality controlled or approved at a higher level. There is a recording of the original location of a document, a hash to verify its integrity, sophisticated date handling and the ability to export into a records-management system or archive. Access is strictly controlled, and tasks are delegated by security level and roles.

E-discovery systems look deeply into the component parts of a document for sophisticated search and automatic classification. Personally identifiable information can be tagged or masked to avoid liability in data breach situations, according to Johannes Scholtes, chief strategy officer of ZyLAB. All e-discovery systems can handle file shares and standard email and can deduplicate. Some handle a few languages and others handle hundreds. More advanced systems handle third-party email such as Gmail and social media. A few handle audio, schematics, faxes and PDF contracts. Some provide the ability to index and tag documents resident in very unique, proprietary corporate systems.

An enterprise discovery implementation can be extended to provide a solid foundation for defensible disposition. First, it likely houses legal hold information. Second, it likely has been sized for a certain level of use, allowing non-time-sensitive activities such as classification for disposition to be scheduled at off-peak times. Third, its users are trained in the use of search, classification and quality control techniques.

Some corporate legal departments are teaming with records management and IT to purchase e-discovery software specifically for data destruction. Allied projects include compliance, privacy, data breach prevention and risk mitigation. Line-of-business executives can be allies when the corporation is self-insured and charges back its e-discovery and legal review costs.

IT inputs to determine ROI for defensible deletion include quantifying the cost of storage, including disaster recovery, replication, and the need for more capital spending. Legal inputs to determine ROI for defensible deletion include quantifying the per-document rate for review, discovery preparation and hosting. Modeling based on old cases can provide averages of the types of documents and costs per document. These costs can be fed into a model with an average number of custodians per case, an average number of cases per year and the number of documents with last-modified dates past the oldest retention period.

The records manager often manages the process by organizing meetings with the stakeholders, documenting the policy, roles and process and seeking the input and approval of the high-level officers.

It is sometimes assumed that defensible disposal needs to be perfect and that every source of data needs to be covered. Nimble enterprises are prioritizing their efforts, taking note of both data and the willingness and availability of employees or outside help to accomplish the task. Savvy organizations are applying sampling and quality control techniques developed in e-discovery process improvement or Six Sigma activities.

Five Steps To Getting Started With A Defensible Disposal Program
  1. Find one or more champions in legal, IT, compliance, risk management, privacy and/or records management.
  2. Charter a team to determine build consensus for the program and to identify high-priority areas.
  3. Assess internal resources (an existing in-house e-discovery system, enterprise search, or content management systems).
  4. Assess the document retention policy and records filing plan for simplicity.
  5. Organize the ROI information from legal (reduced review, collection), risk (reduced liability) and IT (reduced storage).

While the legal system is eventually moving toward more proportional preservation, defensible retention and disposal allows a corporation to reduce its own legal and economic exposure now.

For more information on legacy data clean-up and defensible disposition, please click here.

About ZyLAB

ZyLAB’s industry-leading, modular e-Discovery and enterprise information management solutions enable organizations to manage boundless amounts of enterprise data in any format and language, to mitigate risk, reduce costs, investigate matters and elicit business productivity and intelligence.

The ZyLAB e-discovery system is directly aligned with the Electronic Discovery Reference Model (EDRM), and the company’s products and services are used on an enterprise level by corporations, government agencies, courts, and law firms, as well as on specific projects for legal services, auditing, and accounting providers. ZyLAB systems are also available in a Software-as-a-Services (SaaS) model.

ZyLAB has received numerous industry accolades and is the only company to be positioned as a “Leader” in Gartner’s 2012 Magic Quadrant for e-Discovery Software and the Magic Quadrant for Information Access Technology, and it is also positioned in the MarketScope for Records Management.

Headquartered in Amsterdam, the Netherlands and McLean, Virginia, ZyLAB also serves local markets from regional offices in New York, Barcelona, Frankfurt, London, Paris and Singapore. To learn more about ZyLAB visit

Please email the author at with questions about this article.