True North.

Back to Blog

5 Things Legal Should eDiscover about IT

Today’s IT department has morphed from service provider to corporate data hub. With the keys to the data kingdom in IT’s hands, their role in the eDiscovery process is crucial. For many companies, especially those involved in complex or serial litigation, the relationship between IT and legal is probably mature. But for others there’s still a divide, and it’s often because legal has no “big picture” context for an IT conversation, let alone an effective eDiscovery strategy.

The technical aspects of IT can seem so overwhelmingly complex that it may be difficult for legal to know to know what to ask to formulate that big picture view. So here are some tickler questions legal can ask IT (along with the beginnings of the big picture answer) to help set the stage. This would make good fodder for a lunchtime conversation (hint, hint).

Q1. There are systems and data everywhere. How do you keep track of it all?

Most IT departments maintain a “data map” showing the locations of company systems and storage devices. For large corporations, these maps have been known to induce legal and executive agita as the extent of the company’s systems and data complexity is made manifest. (We’ve seen it happen.)

From legal’s perspective, the benefit of knowing about the data map—aside from its C-suite shock value—is to understand (and help others understand) that:  a) IT is a complex organism with its own vocabulary; b) systems management requires a technical expertise whose intricacies you probably can’t fathom; and c) the benefits of having a knowledgeable ally—or better yet, team—at the ready for any eDiscovery effort cannot be underestimated. In case you haven’t guessed, the latter is the main point here.

Q2. How is the company currently deciding what to keep and what to dispose of? 

Alas, one of the major enterprise questions of our time. As we have come to learn, companies seem to be disposing of less and less as they accumulate more and more. Often, legal has a hand in this as they strive to safeguard potentially relevant information. Knowing how IT manages this at your company can be enlightening—it can inform eDiscovery scope as well as the dangers of a delayed legal hold (especially in regard to email and enterprise data sources).

Data disposition efforts should be policy driven, and legal should know what policies are in effect and whether they’re routinely followed. Policies that are routinely ignored presents a bigger problem than no policies at all.

Although companies should try to dispose of what they don’t need—it’s more cost-effective and less risky—this is a burdensome effort due to the sheer volume and velocity of data creation these days and most companies have other priorities. Email disposition policies (e.g., auto-delete after 30 days) can surely help, but IT would probably know about employee habits such as routinely creating their own PST’s to circumvent disposal, which could be important in litigation. In any case, the answer IT provides is a clue to potential eDiscovery pitfalls, and it’s best to know that in advance.

Q3. What is the actual IT behavior when it comes to company backups and archives?

Although backups are generally seen as being “not readily accessible” and therefore not eDiscovery targets, you never know. As counsel, you should at least have a sense of what kind of backups and archives the company maintains, especially when it comes to email. Legacy backups are a notorious eDiscovery thorn. Perhaps IT can give you some idea how many shelves at Iron Mountain are holding tapes or drives from older systems. (Heads up: you’ll be surprised at the answer.) Thoughtful companies are chipping away at such older inventories; if legal can move an effort of this kind forward, it will probably pay off.

Q4. What do you do with the assets of departed employees?

There’s nothing worse than finding that the laptops of a group of departed employees crucial to a litigation have been trashed or that material on litigation hold has now gone (suspiciously?) missing. Companies should have in place an employee exit strategy that includes (when possible) face-to-face interviews using a pre-formulated template in which the employees provide information regarding the systems, mobile devices, and social media they used in the course of their employment. If they had data on a litigation hold, their assets should be retained or potentially responsive data extracted before destruction or reallocation of the asset.

Q5. What do think is the best way for us to work together to be prepared for an eDiscovery challenge? 

The truth is, the better the relationship between IT and legal in general, the less risk there is for the company. Much of what legal needs to address today has an IT component. Cyber threats, data privacy, complex IT contractual obligations and eDiscovery are all better served by an ongoing dialogue between departments. Get to know each other. Prepare a contact list with responsibilities for eDiscovery events. Both parties—and the company—will benefit by establishing working relationship before a crisis descends.

Visit our website:


Thank you for subscribing to the H5 blog, True North.

We strive to provide quality content on a variety of topics related to search, eDiscovery and the legal realm.

Please check your email inbox for your subscription confirmation!