Whose Data is That Anyway?
So, how many of you were thrust into using Teams, Slack, Google Docs, etc. when your office was suddenly all work from home?
Based on the amount of requests we get in the industry to quickly figure out how to deal with collaboration tools data in eDiscovery I’m going to bet a whole lot of you found yourselves in that boat, and that your organizations rolled it out thinking they’d get to figuring out the legal and compliance side later.
Well, later is coming, and there’s a lot to consider, including a lot of stuff that isn’t just about the technical parts of Teams or Slack data. One of the conversations I’ve personally had a few times, and have seen in other posts, revolves around something we’ve long taken for granted in the eDiscovery space, custodians.
In short, when you look at a Teams or Slack channel, or a shared folder on Google Drive, Dropbox, etc. who is the custodian of that data? And, maybe more importantly, is if you are targeting certain custodians for an investigation, or litigation, how many collaborative spaces are you going to have to collect? If I’m a member of a team but haven’t posted any messages, is that data still related to me? I saw it, I read it, and I maybe even acted on it. Is it data related to me or not?
Also a consideration to that question, if there are 15 members of a team, how do I collect that channel and document that there are 15 duplicate custodians for the one copy of data that I have? If there are 15 collaborators associated with a shared document in the cloud, how do I associate that one document with all of those custodians?
Or should I not even try to assign a custodian to shared data?
These are not technical questions. Every company in this space is working on technical solutions that will collect, process, and get this data into a review platform in some reasonable format. I won’t say that this is the easy part, trust me, it’s not that easy, but it is the more straightforward part. There is an answer as to what is available and what we can do with it. Who the custodian(s) of that shared data is, might not be so clear.
On the other hand, it’s not really a brand new question either. How long have we been collecting data from network shares? Who was the custodian of that Excel spreadsheet that everyone in the Accounting Department had access to, and edited? We kind of figured that out, we’ll figure this out as well.
I am confident that we will also figure out ways to search all of this informal chat data that goes on for years in one channel with misspellings, emojis, acronyms, etc. as well, but I’m kind of glad I don’t have to figure that out personally. That’s also a topic for another post.
But as for whose data it is? There’s no clear right and wrong answer on this, so like everything else in eDiscovery, just make a good-faith effort to get it right, and be consistent I guess, but that’s really a decision for the lawyers out there, not the technical team.
Follow these topics: LitigationSupport