Forensics Journal - Stevenson University 2012 | Page 46
STEVENSON UNIVERSITY
Analysis of Electronic Information and
Record Retention Programs
Jessica Lyons
In 2005, Morgan Stanley faced a $1.6 million judgment when the
company failed to completely turn over all electronic files pertinent
to a suit brought by Coleman Holdings, Inc. (Smaroff, 2011). The
company stated all information maintained had been provided to the
prosecution during discovery; however this was not the case as several
thousand files overlooked by management were found in various
offsite locations (Smaroff, 2011). What went wrong? What could
have prevented this costly oversight? Should electronic filing systems,
soft copies, and electronic correspondence be subject to the same
rules and regulations as paper documents, hard copies, and interoffice memorandums? What is management’s responsibility versus
the employee’s responsibility for safeguarding, purging, cataloguing,
or destroying company work products? The discovery process dictates
exchange of information between the litigants upon request. How has
the legal system modified or expanded its interpretation to include
electronically-stored information?
networking sites (Barker, Cobb, & Karcher, 2010). Each form of ESI
creates different challenges for organizations trying to capture, organize and manage the information.
An article appearing in The Information Management Journal stated
that the inability to produce e-mails repeatedly requested by the
prosecution was the “final straw” for the judge when issuing the $1.6
million judgment against Morgan Stanley (“E-mail Is Key in Judgment,” 2005). Although e-mails have been part of the normal course
of business for the past decade, they continue to be a large area of
needed improvement for an organization’s document retention policy
(Barker, Cobb, & Karcher, 2010). One reason for this is end users
who may not be fully aware of their organization’s retention policies
are often held responsible for retaining the necessary emails (Irvin,
2010).
Instant messaging programs are also a growing form of correspondence commonly used to make quick decisions in organizations.
Studies have revealed that the use of a messaging system can “improve
work efficiency and effectiveness” because it eliminates voicemails
and unanswered emails (Barker, Cobb, & Karcher, 2010). Due to this
increased use, instant messages and any files attached can be requested
by an opposing party during the litigation discovery process (Barker,
Cobb, & Karcher, 2010). Therefore, such information must be identifiable and retainable by the organization.
In order to determine the answer to these questions, four variables
must be analyzed. These include the nature of electronically produced
information, the existence of and compliance with document retention policies, the reluctance of employees to destroy documents, and
the varying regulatory requirements governing organizations.
NATURE OF ELECTRONICALLY STORED INFORMATION
Morgan Stanley’s failure to provide electronically stored information
during the discovery process resulted in a loss of company assets as
well as a change to how electronically stored information (ESI) was
viewed from a legal standpoint. With the increased use of technology
by organizations, the discovery process has moved from a hard-copy
to soft-copy review of documents, including ESI (Lipner, 2006).
Therefore, it is important for companies and end users to understand
what types of ESI are discoverable.
PDAs and smart phones have proliferated as the primary tool of
choice for business correspondence and operations. It has become
common practice for employers to allow employees to synchronize
their smart phones with their work computers to allow for increased
flexibility (FRCP Readiness: 10 Practical, n.d.). While this opportunity may improve efficiencies, it also increases the number of devices
on which ESI is retained, and therefore are liable to the discovery
process. When litigation is looming, the ability to rapidly identify
and locate relevant information contained on these myriad devices is
compromised, thus consuming time, manpower, and revenue.
The United States Federal Rules of Civil Procedure (FRCP) are regulations that dictate the procedural methods to be used in U.S. Federal
cases. In 2006, the FRCP was amended to reflect current business
practices specifically related to ESI. The amendments were created in
order to ensure that ESI generated during the normal course of business is retained by corporate litigants and is done so in a manner that
ensures it can be accessed when needed (Heer & Osterman, 2007).
One year after the amendments were introduced, a LexisNexis study
discovered that, “73 percent of companies have a document retention
policy, and one-third of those had a policy that did not cover ESI”
(LexisNexis Discovery Series, 2007). When considering the prevalence of ESI, this statistic is unacceptable.
Within the past few years, social networking has become a resource
for individuals as well as most organizations. Facebook pages and
LinkedIn groups are used to recruit talent, improve the reputation
and image of a company, and seek growth opportunities. Social networking sites are also a form of ESI full of potential evidence (Lender
& Peck, 2011). Within the past three to five years, there have been
several examples of individuals losing their jobs because of adverse
Facebook posts (“Facebook Post Gets,” 2009). Because information
created on social networking sites, as well as discussion boards and
blogs, is now part of discoverable information during a lawsuit, organizations must be able to track, organize and retain the information
as it is produced.
Until recently, ESI primarily concentrated on e-mail products. The
definition of ESI has expanded to include increasingly complex
formats. These include, but are not limited to: text messages, instant
messages, voicemails, personal digital assistants (PDA), and social
44