February 14, 2012
The age of technology has brought about many good things. The ability to search, find, save and retrieve information in a flash has made us more efficient in many ways.
But, it has also opened us up to risks we may not have anticipated.
For years, businesses have dealt with the necessity of record retention. There are rules and regulations in many fields about how long certain types of information should be kept.
You don’t necessarily even have to be the main parties named in the dispute. Your records could be subpoenaed if you have any relevant connection to a third party’s dispute.
This concept presents several serious issues that bear consideration:
Quantity of data available. Because electronic records are so easy and inexpensive to keep, many companies never purge their electronic libraries of files. This means that years and years of data could be accessible if requested for a legal purpose. If it is accessible, you’ll most likely be required to make it available. For instance, a litigant might subpoena all electronic documents dealing with a certain customer or transaction file that covered several years. The task of locating and retrieving that data would be cumbersome and expensive.
Type of data available. Technology changes over time, and our ability to retrieve information from old programs is sometimes difficult. However, if we have kept the data, on a backup tape for instance, we may have to make it available to the party requesting it. That means finding a way to retrieve it and make it readable for the other party. This could be time-consuming and expensive.
Informality of data available. Many of the electronic files that may be requested are informal files like emails, text messages, IM’s and so on. Often, the language used in those communications is less precise and sometimes lax. Because the “conversations” are documented as electronic files, they are discoverable and can be damaging in many cases.
Permanence of data available. Electronic files are difficult to destroy. Even deleting a file doesn’t completely destroy it and make it inaccessible in e-discovery. A computer forensics expert can access deleted files from hard drives with relative ease. If the data was also stored on a server, it can be accessed from there. Messages that were sent to others, like emails, are available from their computers. The metadata also can be problematic. (Metadata consists of the tags, dates, change notations, etc., that a computer records about the files it stores.) Even without opening a specific file, much can be learned about it.
Another complicating factor in this e-discovery puzzle is that this data becomes relevant as soon as a dispute arises. The knee-jerk reaction of many people, when alerted to a problem, is to start deleting electronic files, thinking them to be private and untraceable. This is unwise because you have a duty to preserve such data if you are aware of the dispute.
In fact, particular steps should be taken to be sure the data is preserved, like changing automatic record-deletion settings on computers or scheduled destruction of backup tapes that contain relevant data.
Even turning on a computer that has relevant information can change the metadata related to the dispute. In some cases, that could be considered tampering with evidence. Of course, if any legal issue arises, you should contact your attorney at once for specific counsel on the matter at hand.
Failure to preserve data can be a very serious matter. In some cases, a judge may instruct the jury to assume you destroyed data on purpose because it would have been damning in nature. This is referred to as “spoliation” and can do serious damage to an individual’s case.
In other instances, failure to preserve data could result in dismissal of a case to the detriment of the party that compromised the data. In short, it is unwise to do anything that would delete evidence, once an issue has been made known.
And that brings us back to the initial advice of this article. Companies should have a well-documented and well-implemented record retention policy that includes all of the electronic data produced. This is a complex issue that should be well-thought out and rigorously enforced.
Failure to address this issue could cost your company time, money, reputation and more.
This article was originally posted on February 14, 2012 and the information may no longer be current. For questions, please contact GRF CPAs & Advisors at marketing@grfcpa.com.