We continue to hear from organizations that are in the midst of a revolution. A revolution in how they communicate with their customers, and how they collaborate internally. A revolution that is being led by new rich, dynamic, interactive tools that are allowing firms to build more intimate relationships with their customers, and speed internal decision making with 98 percent response rates versus the 20 percent typically achieved via email. And the revolution is being streamed — live on Microsoft Teams, Workplace by Facebook, YouTube, Instagram, and elsewhere.
Here is some key evidence that the revolution is at hand:
- 456,000 tweets are sent every minute of every business day
- The average person today spends 55 minutes per day texting
- 70% of large firms have adopted a business chat tool, while 58 percent of small firms have done the same
- Slack just surpassed 10 million daily active users (DAU) in January 2019
Of course, with the benefits of greater productivity and improved response come new risks. Sensitive information, as well as information that has value to the business, can live anywhere. Each new communication tool is different, with its own unique combination of features, distinct methods of access, and varying degrees of user control. And each can stretch existing internal processes and technologies that were designed for the world of flat, monolithic, static messaging content presented by email and documents — in some cases, beyond their usefulness. This has produced an increased strain on compliance, investigative, and litigation support staff in attempting to capture, control, preserve, and review an expanded ESI universe that includes persistent chats, shared whiteboards, voice, video, emojis, and bots where conversations can be encoded, dynamic, and jump across networks. The result has been a steady increase in court cases and regulatory actions centering on the use of social media, text messaging, and collaborative apps — with 48 court decisions in 2018 alone that mention the use of emojis.
This revolution has also drawn the attention of the e-discovery thought leaders at the Sedona Conference, who recently published the second edition of their Primer on Social Media (registration required). It emphasizes the need for firms to be proactive in thinking about how these dynamic sources can be incorporated into e-discovery playbooks.
Amongst other recommendations, Sedona advises firms to:
- Leverage methods that capture native properties where possible, stating “content produced using a social media provider’s API has routinely been admitted into evidence at trial and is considered a best practice”
- Beware of self-service download services as those features “may be periodically changed or updated by the service provider, rendering the archives unreliable for preservation purposes”
- Re-examine the on-going use of email-oriented capture and review technologies as “they are generally not programmed to mimic the interactive experience of a social media site. The difficulty in collecting metadata associated with the social media content … can make using a conventional platform to review social media content difficult or inefficient”
- Establish a central point of control and technologies that “allow these different forms of communication — all residing in different services and saved in different file types — to be reviewed together … for understanding the full context and content of such communication”
It all starts with Capture and Control
At a fundamental level, the breadth, inconsistency, and complexity of today’s communications networks should cause firms to re-evaluate decisions regarding the benefit of proactive capture of non-email sources versus the cost, hassle, and uncertainty of reactive collections when an e-discovery event, investigation, or regulatory inquiry is knocking on the door. For those choosing the proactive approach, there are a growing number of options to capture social, mobile, and collaborative content — some better than others at withstanding the rigors of e-discovery and regulatory demands. In fact, many downstream e-discovery and compliance technology providers are busy cranking out simple “connectors” to new content sources, some of which are constructed as a professional service for specific matters or cases.
However, as Sedona suggests, there are many other factors to assess in determining the most effective means to capture and control non-email sources. I will extend Sedona’s guidance with a few additional principles:
- Partner with firms who work directly with content source providers: APIs and features change with new releases, and not every firm has the scale and resources to wrestle directly with Microsoft, Cisco, IBM, AT&T, and other content source providers. Look for partners that do in order to ensure that you remain on top of the latest release to keep your processes in step.
- Treat “connectors” as products: Firms that build connectivity to content sources on-demand frequently leverage a services model that is often project/time-pressured and results in customer-specific functionality, IP ownership questions, and multiple code bases to support. Firms should instead explore providers that have established product portfolios of content sources, where each is engineered, tested, and maintained as a living code base. Those connectivity products can be properly maintained to address issues, provide regular release cadences, and work strategically with the source provider to anticipate new capabilities on the horizon.
- Don’t treat “Capture” as binary: Given the richness of each communications network, some firms may seek to use capabilities selectively. For example, technologies are available to disable a feature that you may not be comfortable with (e.g. “likes” or “shares” that could be considered an endorsement). Firms should examine the feature control, data loss, ethical wall, and monitoring capabilities available natively and through third parties to avoid an uncomfortable “all-or-nothing” decision in supporting the capture of a new network.
- It’s all about context: Finally — and also as noted by Sedona — many tools in use today are interactive and require the use of ‘snapshots’ to understand what took place at a particular point in time. Collection strategies should include approaches that allow for the capture and playback of event-based information, such as joining or leaving a chat room, or tracking of content modifications or deletions. These communication “transcripts” are key to understanding context, and are not easily reconstructed by simply threading together a string of emails. Firms with longer-tailed litigation or larger volumes of investigative work centering on internal actors should be particularly concerned about the preservation of this contextual metadata.
Ultimately, the effectiveness of e-discovery, compliance, and investigative work is highly dependent on understanding context. As organizations respond to the changes in their internal and external communications, they should quickly move their thinking beyond yesterday’s world of static “connectors,” and look toward the technologies that will allow them the rich, dynamic, interactive view into the data that defines today’s communications revolution.
Latest posts by Robert Cruz (see all)
- Smarsh Cautions FINRA on Work-From-Home Challenges & Compliance Best Practices - June 2, 2020
- Protecting Your Organization from Communications Risk - May 1, 2020
- Stay-at-Home Workforce: The Practitioner Perspective - April 9, 2020