Upload
khangminh22
View
0
Download
0
Embed Size (px)
Citation preview
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 2
When you’re handling an ediscovery matter or a compliance
investigation, your goal is to get to the bottom of whatever
happened (or, perhaps, didn’t happen). To develop a clear
picture of the incident, you need more than guesswork,
hunches, or general impressions of the people event—you
need cold, hard facts. Those individual facts are like puzzle
pieces; each one alone may not tell much of a story, but when
you assemble enough of them and put them together in the
right way, a compelling picture emerges.
Of course, ediscovery and compliance investigations don’t come neatly
packaged in a box with a helpful picture on the front so you know how
they’re going to turn out. The challenge is to find relevant facts, wherever
they may be, and figure out how they fit together. For 20 years or more,
organizations have looked almost exclusively to email to establish who
said what to whom. After all, email has been the primary method of
business communication in the digital era—until recently.
But email is falling out of favor in today’s collaborative workplaces.
Now, teams communicate more through collaboration and project
management applications like Slack, Microsoft Teams, Ryver, Flock,
Yammer, Confluence, Asana, Basecamp, Trello, and many others. This shift
has given rise to new digital “paper trails” of potentially useful facts, from
project notes and comments on document drafts to expense reports and
team conversations. Imagine having access to information like:
• project discussions in Jira demonstrating that a particular employee—
who has since left the company to work for a competitor—was not
involved in the creation of a product or concept that she now claims to
own the intellectual rights to;
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 3
• workflow assignments in Asana showing that one employee—who
happened to be a person of a minority race—was consistently passed
over for challenging assignments in favor of another equally situated
employee—who happened to be white; or
• conversations in Slack wherein a manager consistently condescended
to and belittled his only female report—who has now accused him of
discrimination and harassment.
Unfortunately, organizations are losing these interesting and useful facts
in the plethora of business systems people use on a daily basis. They
may not ever think about collaboration apps for fact-finding missions—
or if they do, they don’t know how to find those helpful facts and can’t
properly protect them if they do happen to stumble across them.
There’s another reason that organizations may need collaboration app
data for regulatory compliance, particularly in the financial services
industry: if they communicate with clients using non-email platforms like
Slack, they need a way to retain records of those conversations.
So, how can you start effectively collecting and preserving the data in
collaboration apps both to establish facts for ediscovery and compliance
investigations and to ensure you maintain complete books and records?
Let’s start by dissecting the obstacles standing in your way.
The next time you’re skimming through a discussion in Slack, Jira, or Basecamp, ask yourself whether any of the comments in that conversation could serve as valuable evidence in the right kind of investigation.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 4
There are three main reasons why organizations aren’t already
effectively dealing with collaboration application data in ediscovery
and compliance:
• the sheer number of collaboration apps and their variability,
• the dissimilarity of collaboration app data with familiar types of
electronically stored information (ESI), and
• the reality that collaboration apps haven’t been designed for
ediscovery and compliance.
1. THERE ARE HUNDREDS OF COLLABORATION APPS, AND THEY’RE ALL DIFFERENT
The sheer variety of collaboration apps—and the variety of their uses—
poses a problem. Collaboration apps include anything that teams can use
to communicate about their work, such as:
• chat programs that allow teams to discuss their work without using
email, most of which allow other file types to be embedded or referred
in the conversation and integrate their data with information from
other apps;
• document management systems that allow users to comment on
changes or otherwise discuss the progress of their documents;
• project management programs that show how workflows, projects,
and individual tasks are proceeding and that allow users to give
feedback, ask questions, and brainstorm about assignments;
• calendar applications that allow users to ask questions and add details
about meetings and upcoming events;
• expense management programs that provide space for back-and-forth
discussion of individual expenditures and receipts; and more.
THE PROBLEM
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 5
Three additional subproblems spring from this variety of apps. First,
these different types of apps will obviously all produce somewhat
different types of data, meaning that there can’t be a one-size-fits-all
solution for managing collaboration apps (though web-based capture
comes close; we’ll get to that in a moment!). Even the answers to basic
questions like “Who owns this data?,” “Where does the data reside?,” and
“How long will this data be available?” are variable, depending on the
individual application.
Second, there’s a tremendous amount of overlap between different
types of collaboration programs, which means that one type of data or
information might exist in any of several different locations (or in all of
them). Notes about an upcoming project meeting might, for example, be
in a chat application like Slack, in a comment on the document setting
forth the meeting agenda within a document management system, in
the project management app under tasks related to that meeting, in the
calendar or video conferencing application where the meeting is actually
set up, or in the expense reports about that meeting, if expenses were
incurred in the process of setting up or running the meeting.
Don’t panic: this abundance of options can be somewhat overwhelming,
but it also represents an abundance of facts—the very facts you need to
establish in an ediscovery or compliance investigation.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 6
Third, due to the variety of possible collaboration apps and the variety
of structures and formats they assume, organizations frequently aren’t
aware of all the apps they’re using or all the ways that collaboration and
communication are happening within their workforce. Many of these
applications can be run from a web browser window without any local
installation, meaning that employees can easily do an end-run around IT,
either intentionally or inadvertently. Collaboration apps can also generally
be launched from smartphones, so organizations that have a BYOD
policy may not be aware of what their employees are using to complete
business tasks on their personal phones.
Make sure you have a way to stay informed about what apps are in use
in your organization. This means having a current list of apps as well as a
broader appreciation for where people are collaborating and what they’re
communicating about across your organization.
Periodically survey at least a segment of your employees to determine
what apps they’re using for business and which ones they would like to
be using. You might use a truncated version of your ediscovery custodian
questionnaire to gather information about app use. Consider limiting this
survey to those employees who self-identify as “early adopters” of new
technology, as they’re more likely to seek out new technologies.
While you should develop a policy about app use that outlines the
permissions employees must obtain to begin using a new collaboration
app, you probably shouldn’t try to “policy” your way out of using
collaboration apps altogether. After all, these apps are popular because
they’re useful. Instead, establish notification hierarchies so that
employees know who to talk to about new apps they’d like to adopt.
But if all of these different collaboration tools basically generated the
types of ESI that ediscovery and compliance professionals were already
familiar with, none of these challenges would be so difficult. The second
problem, of course, is that they don’t.
TIP
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 7
2. COLLABORATION APP DATA ISN’T LIKE MORE FAMILIAR FORMS OF ESI
The data that ediscovery and compliance professionals are accustomed
to is what we call “structured” data from a relational database: data
whose elements are addressable for effective analysis. Email, however,
is semi-structured data that contains semantic tags and the mail boxes
which are organized in a database such as Microsoft Exchange or other
database, are associated with specific people or custodians.
That structure makes it easy to establish a legal hold for specific
custodians’ emails: anyone who sent or received an email is a custodian.
It also means that the scope of an inquiry can easily be delineated by
applying those custodian names along with date ranges and keywords.
Collaboration apps aren’t organized in the same way. While they’re all
unique, they generally operate as unstructured “bulletin boards” for
information rather than mailboxes. They unfold chronologically, not
necessarily topically, and anyone in a community may have read—or
not read—their content. This makes it difficult to understand who the
“custodians” are for messages in, say, Slack. Anyone who belongs to a
channel where a message appears could be a recipient of that message,
meaning that organizations trying to implement legal holds may need to
place entire channels on hold.
Moreover, the chronological presentation of collaboration apps poses
another problem, in that conversations unfold slowly, over the course of
many messages, often interrupted by irrelevant or unrelated messages.
Instead of self-contained emails that present a single conversation in a
somewhat-organized fashion, unstructured conversations in collaboration
apps usually need to be read in their full context—often spanning multiple
screens—to be truly understood. That means you can’t just preserve or
produce the individual messages that contain keywords; you need to also
capture everything around them so that they make sense.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 8
These differences mean that collaboration app data can’t be preserved,
collected, or archived using traditional ediscovery tools. And while there’s
arguably value in collaboration data regardless of the format it’s captured
in—at a minimum, it can serve to guide your investigation or provide
fodder for cross-examination during depositions—its value is radically
enhanced if the data is captured in its original format. After all, it’s more
compelling to read through a conversation the way it actually unfolded in
Slack or Jira than it is to try to reconstruct that conversation using a series
of screenshots. And if the matter ends in litigation, wouldn’t you prefer to
have admissible evidence to establish facts in the deciding tribunal? Sure
you would.
Therefore, organizations must learn how to work with data from
collaboration applications in a format that is functional, accessible, and
admissible as evidence. That means capturing it, storing it, and reviewing
it without losing any of its context—including embedded GIFs, reactions,
and other dynamic or interactive content. Ediscovery and compliance
professionals also need any data they preserve or archive to meet the
standards of defensibility within their industry. For litigation, that means
it needs to be readily authenticated and admissible in court; for financial
industry compliance, records need to be available for supervisory review
and maintained in a non-rewritable format.
Financial industry records must be kept in a particular way to satisfy the
requirements of the Securities Exchange Commission (SEC). Its Rule 17a-4(f)
states that any “records required to be maintained and preserved” can be
stored electronically—but only if they’re preserved “exclusively in a non-
rewrit[]able, non-erasable format.” In the industry, that’s known as “write
once, read many,” or WORM, storage.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 9
The bottom line is that data from collaboration apps should be addressed
like every other type of evidence—but because it’s not like any other
evidence, it requires new tools and techniques.
One final point: most organizations simply haven’t caught on to the
important data lurking in collaboration apps yet. That means that those
organizations that have are necessarily serving as trailblazers—and that
can be a difficult, sometimes lonely road to walk. It’s made worse by the
third problem, which is that collaboration app developers aren’t in the
business of ediscovery or regulatory compliance.
3. COLLABORATION APPS AREN’T DESIGNED FOR EDISCOVERY OR COMPLIANCE
We’re not saying that collaboration apps are designed to frustrate
ediscovery or compliance—simply that they aren’t built to focus on
those goals. Questions about data archives, legal holds, and defensible
deletion aren’t top of mind for the teams building these apps; open
communication, clear workflows, and straightforward integrations are.
For example, Slack has added an option for organizations to set a
message retention period, after which messages are automatically
deleted. While this can protect discoverable information and prevent
spoliation by preserving entire channels so that messages in those
channels aren’t deleted, it’s not a legal hold solution and lacks the
granular controls legal departments need.(Note that if you’re using the
free version of Slack, you’ve only got access to the most recent 10,000
messages anyway—so anything older than that is no longer available to
you with each new message you type.) Sounds good enough, right?
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 10
Not really. Slack’s retention capability is entirely binary, either on or off,
with no ability to specify particular dates or custodians (which, again,
is already a fraught concept). If you’re in a typical organization, where
you issue legal holds, it is likely that you’ll have overlapping legal holds
for different custodians. You’ll quickly discover that you require the
control to be able to release a hold without losing information that
might be discoverable under other legal holds. This is why dealing with
collaboration systems that were not designed for preservation is so
tricky. You need the discrete control so that you only preserve what
you need for the time these data are actually subject to a legal hold.
Additionally, this control records an audit trail that demonstrates your
process for defensibility, should there ever be any question of spoliation.
Another common problem for ediscovery review and compliance
supervision is the lack of export ability from many collaboration tools.
Slack at least has an export function, but it’s not as functional as
ediscovery and compliance professionals would like. Rather, it creates
JSON files that are unwieldy and difficult to manage. Each day of activity
in each separate channel creates a separate JSON file, so if you’re tracking
a conversation that spans multiple days, you’ll have to toggle between
numerous files to review it or make any sense of it.
The fact that collaboration apps don’t make ediscovery or compliance
easier can seem like it’s the end of the world, especially if you’re in the
trenches trying to manage it all. Don’t despair, it’s worth keeping in mind
when you find yourself struggling to complete ediscovery and compliance
tasks that there are solutions that support ediscovery and compliance
workflows when dealing with data from enterprise collaboration
applications.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 11
Organizations in the financial services industry should pay particular
attention: any online communications that they have with customers—
wherever they occur—may be books and records that they’re obligated to
retain under the rules and regulations of the Financial Industry Regulatory
Authority (FINRA) and the SEC.
Let’s circle back to the bottom line: what you need, in an ediscovery
or compliance investigation, are facts that will help you assemble a
clear image of what happened in a dispute. Much of the information in
collaboration apps can be used to establish those facts. They may be
small or seemingly trivial on their own, but don’t be discouraged by the
significance of individual facts; you’re looking for cumulative impact—the
assembly of numerous small facts, like puzzle pieces, into a logical picture
of an entire event.
That means that in fact-driven matters such as workplace, personal
injury, intellectual property, and insurance claims, ediscovery and
compliance professionals alike should actively consider what facts they
might be able to establish using collaboration apps.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 12
Under Federal Rule of Civil Procedure 26(b)(1), the scope of discovery
includes “any nonprivileged matter that is relevant to any party’s claim
or defense and proportional to the needs of the case.” Rule 34(a)(1)(A)
requires the production of “any designated documents or electronically
stored information—including writings, … photographs, sound recordings,
images, and other data or data compilations—stored in any medium from
which information can be obtained either directly or, if necessary, after
translation by the responding party into a reasonably usable form.”
See what’s not there? There’s no exception for data from collaboration
apps—and once courts and litigants pick up on the rich data source these
apps represent, they’re likely to be expressly added to discovery orders.
EDISCOVERY RULES
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 13
To be clear, the case of Paisley Park Enterprises, Inc. v. Boxill, No. 17-
cv-1212 (WMW/TNL) (D. Minn. Mar. 4, 2019), concerns text messages
rather than evidence from collaboration apps—but it invites a broader
consideration of novel sources of ESI. The court explicitly extended its
logic to social media, and its arguments speak equally clearly to the
data in collaboration apps. It noted that the rules of discovery “do[] not
require that the requesting party issue a document preservation letter
identifying all types of ESI that it might seek in the future.” Instead, “in the
contemporary world of communications,” there exists both “the potential
and reality of finding the modern-day litigation equivalent of a ‘smoking
gun’ in text messages, emails, and possibly other social media”—not
to mention in collaboration apps. In light of that potential information,
litigants “do not get to select what evidence they want to produce, or from
what sources. They must produce all responsive documents or seek relief
from the court.” In other words, if data from collaboration apps is relevant
and discoverable, parties must be producing it or, at the very least, asking
the court about it.
A FUTURE DIRECTION? EDISCOVERY CASE LAW
Convinced about the value of collaboration app data for ediscovery and compliance? Great—now it’s time to actually get into using it. But given that
it’s not like traditional forms of ESI, how can organizations identify useful
collaboration app data and then preserve, collect, or archive it?
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 14
THE SOLUTION: Native-Format Capture of Collaboration App Data
These five steps can help you identify—and capture—potentially
relevant data in your collaboration apps for your next ediscovery or
compliance matter.
1. MAP THE APPS IN USE ACROSS YOUR ORGANIZATION AND THE DATA IN EACH.
What collaboration apps does your organization use? How confident are
you that no one is communicating with customers or their team on an
app that you don’t know about? Survey your employees regarding every
type of collaboration app that they use for business, whether they access
those apps from their work or personal computer or smartphone and
whether they use an installed app or a browser-based version.
When you’ve made a complete list of the collaboration apps in use
at your organization, determine what sorts of conversations occur in
each and create a data map with that information. You may find, for
example, that expense reports in Expensify contain detailed notes
about who participated in an event that generated a receipt or that Slack
conversations tend to be about office administration matters, while
Confluence contains the bulk of your employees’ project discussions.
When faced with a specific ediscovery or compliance investigation,
interrogate each data source to determine what potentially relevant
facts it might contain. This is a fact-driven and fact-specific inquiry that
you’ll need to repeat for each new matter, but it will go faster as you grow
accustomed to the collaboration apps in your organization—especially if
you keep your data map up to date as you use it.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 15
Establishing Ownership of Intellectual Property on Confluence
Has a competitor claimed that your brilliant new product design was
actually created by their engineer after she worked for you? Now is the time
to break out the product plans from Confluence, showing that your product
was already halfway complete before that engineer joined the team.
2. IDENTIFY POTENTIALLY RELEVANT DATA USING CUSTODIAN
OR SUBJECT NAMES, DATES, AND KEYWORDS.
Once you’ve got an idea of what you’re looking for—and what you might
expect to find—start searching across your collaboration apps for
potentially relevant data. Narrow the field of that information by only
considering messages or comments that your custodian or data subject
was a party to, but remember that custodians are more broadly defined for
collaboration apps than they are for communications like email. Anyone on
a Slack channel, anyone with access rights to a given document, or anyone
associated with a project might have been able to see communications
within that data source, regardless of whether they actively participated in
the conversation.
Watch Video
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 16
When using dates and keywords to search for data, remember that
it will usually take more than a single message to capture the context
of a conversation within a collaboration app. While emails can be
readily threaded into a conversation view to maintain their context, the
unstructured data in collaboration apps isn’t neatly bound together in
the same way. Be sure you’re looking far enough both before and after
keywords to identify all of the related conversations.
Showing Your Response to Consumer Complaints
Is the Federal Communications Commission (FCC) concerned about how
your organization is handling a particular type of customer complaint? If
you’re tracking your complaint tickets—along with your representatives’
responses and corrective actions—if you can provide that information to
the FCC to demonstrate your compliance.
3. CAPTURE DATA AND STORE IT EXTERNALLY.
There are two main ways to capture data from collaboration apps: using a
web crawler or using an application programming interface, or API.
Web-based collaboration apps can be archived using WARC, or Web
ARChive, files. This process begins with a web crawl, in which software
“crawls” through every link and component on the collaboration app’s
webpage, capturing the full source code and downloading content with its
full native structure. Each component on a webpage is captured in its own
WARC file, which specifies not only what the content should include but also
what it should look like and how it should respond to user interactions.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 17
The magical part is what happens next: WARC files can be reassembled
to create a replica website that looks and operates exactly like the
original site did. That allows users to explore the collaboration app’s data
exactly as it existed at the time of capture, including navigation through
expandable projects and comment histories. These WARC files create a
rich, interactive archive experience that has nothing in common with “flat”
capture methods like screenshots.
With some types of collaboration apps—particularly Slack—it’s possible
to use APIs to access and extract data for ediscovery preservation and
compliance archiving. APIs provide essentially a “back door” into the
application’s data, allowing users to export it into secure storage or an
ediscovery review tool (more on that in a moment).
What’s Wrong With Using Screenshots?
Why go to all this trouble to create specific capture files for collaboration
app data? Can’t you just snap screenshots and call it good? Not exactly.
Screenshots have three significant flaws. First, they’re time-consuming
to obtain, especially when you’re trying to capture every element in a
collaboration app’s operation. Second, they’re easy to manipulate, which
contributes to courts rejecting them as a reliable and admissible source
of evidence. Third, and most importantly, they’re simply not all that
compelling. Would you rather flip through a bunch of flat pages to try to
reconstruct a conversation—or navigate through that conversation in real
time as the original team did?
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 18
4. ESTABLISH AND FOLLOW A RECORDS RETENTION SCHEDULE FOR THE REST OF YOUR DATA.
While keeping all of your data forever mitigates the risk of inadvertent
spoliation, the truth is that unnecessary, outdated, and useless data can
be every bit as risky. Imagine if you had accumulated three years of Slack
data by the time you were served with a hostile workplace claim. Practically
every message in your extensive archives could, theoretically, be relevant
to such a case. Do you really want to have to collect, process, review, and
produce years of data and millions of messages, all with sufficient context
for it to be understood? Risks like these are why data that is no longer
useful for the business has no business hanging around.
So, once you’ve identified and captured the data you need for an
ediscovery or compliance matter and stored it in an external system,
get rid of everything else. Decide on a reasonable length of time to
maintain data—likely no more than 90 days—and implement a records
retention schedule whereby you delete data that isn’t subject to a legal or
regulatory obligation or that doesn’t serve a legitimate business purpose
at the end of that period.
Proving Knowledge of Security Flaws With Jira
Trying to prove that a corporation was aware of vulnerabilities in its app
that subjected your client’s data to a harmful security breach? You’d
certainly want to read any conversations the engineers had in their Jira
issue-tracking tickets about the app’s security.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 19
TIP
5. REVIEW AND USE YOUR CAPTURED DATA.
The point of this whole process is to be able to use the facts you find in
your collaboration apps during ediscovery and compliance investigations
and, if it comes down to it, in any ensuing litigation. That means you
need to be able to submit evidence—including facts from collaboration
apps—for attorney review. You may also need to eventually present
that evidence to a judge or jury. Native-format capture of collaboration
app data allows for what we call “natural review,” where data is available
for playback as it appeared when it was live, as accessed through the
app or its web browser. This allows a reviewing attorney to search using
keywords and metadata, export records to standard review platforms
like Relativity, and navigate through the source material as it originally
appeared.
In compliance, your archives should be accessible for supervisory
review to ensure that any customer communications occurring within
collaboration apps comport with your policies and rules as well as with
any applicable laws and regulations. With WARC files, your supervisors
can browse through a replica website that’s indistinguishable from the
original—so they can spot noncompliance and correct it promptly.
Make sure there’s a human running QA checks on your captures.
Don’t just assume that you can “set it and forget it” when it comes to
recordkeeping compliance. Make sure there’s someone confirming your
data captures—or you may find that you’ve archived six months of a login
screen and nothing more.
Enterprise Collaboration Essentials for eDiscovery and Compliance
BEST PRACTICES FOREDISCOVERY
Preserve relevant and discoverable data from your collaboration apps but don’t rely on their internal ediscovery tools to do it.
If your organization uses collaboration apps, you need to incorporate
them into your data identification and preservation playbooks—even if
your opponents aren’t asking about them yet. As the court said in Paisley
Park, the rules of discovery don’t require the requesting party to explain
in its preservation letter exactly what types of information it may ask for
in the future. It’s on litigants to identify and preserve any evidence that is
likely to be discoverable. In this, remember the principles of relevance and
proportionality; the goal is reasonableness, not perfection.
Also, remember that collaboration apps aren’t designed by—or, really,
for—ediscovery and compliance professionals, so any internal tools
they offer are bound to be incomplete solutions. Instead of using the
internal legal hold function offered by Slack or any other collaboration
app, preserve information subject to a legal hold by collecting it into an
external system. Once that data is protected, set a records retention
period and begin defensibly deleting any data that isn’t encompassed
by the hold. Be sure to document these processes, in case you’re later
accused of spoliation of evidence.
1.
Practical Guide Presented by Hanzo 20
Practical Guide Presented by Hanzo 21
BEST PRACTICES FOR EDISCOVERY
2. Request discoverable collaboration app data from your opponent.
What evidence might your opponent have in collaboration apps that
could be useful to your case? Go back and think through the elements
underlying your claim or defense. What facts would be helpful?
Remember that individual facts may not be impressive or dispositive
on their own, but they may add up to a compelling mosaic. Don’t be
dissuaded because you don’t know what apps your opponent uses; use
broad categories to refer to the types of apps that they might have used
to discuss issues related to the case.
Consider the admissibility and defensibility of online evidence at every stage.
Collaboration app evidence is subject to the same requirements of
admissibility as any other evidence. Yes, Federal Rule of Evidence
902(13) allows for self-authentication of “certified records generated by
an electronic process or system” so long as that system “produces an
accurate result, as shown by a certification of a qualified person,” but
be prepared to show your work. That means capturing metadata and
working with a neutral third party who can testify as an expert about
your collection methods.
3.
Enterprise Collaboration Essentials for eDiscovery and Compliance
BEST PRACTICES FOR COMPLIANCE WITH FINANCIAL INDUSTRY RECORDKEEPING REQUIREMENTS
Routinely assess the collaboration apps your organization uses for customer communications.
You need to keep records of all your customer communications,
regardless of the medium where they occur. If anyone at your
organization is using a collaboration app like Slack to communicate with
clients, those communications should be included in your archives.
Unfortunately, many organizations find themselves in trouble because
they aren’t aware of all the modes of discourse their brokers use.
To avoid missing out on archives, periodically survey brokers to find out
where they’re conducting business. Ask specifically about collaboration
and messaging applications, including both general categories of apps
and the names of common individual apps to shake loose as much
information as possible. Have everyone sign a form agreeing that
they’ve advised the organization about all of their methods for customer
communication.
1.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 22
Make sure your archives will last until you need them.
You may not need your archives for five or even 10 years—but when the
day comes that you do need them, they have to still work. Fortunately,
the WARC files used for native-format web capture are both future-
proof and platform-agnostic: they can be accessed from any operating
system, so they won’t stop working as computing technology evolves.
How do we know? Because the structure and function of WARC files
are memorialized in ISO standard 28500:2017 and maintained by
professional archivists. WARC is the archival format used by institutions
that are in the business of maintaining records over the truly long term,
like the Library of Congress.
Also, remember SEC Rule 17a-4(f): ensure that your archives are always
maintained in non-rewritable WORM storage to guarantee their integrity.
Ensure that your archives allow for supervisory review.
It’s not enough to create archives; you need to be able to use them too.
When you’re backing up your communications from collaboration apps,
consider how supervisors will be able to access them. Can they readily
review that content in its original, natural format? Are your archives
accessible, navigable, and easy to understand?
Also, look for technology using artificial intelligence that can scan archives
as they’re created to identify and flag potential violations, sending alert
notifications to supervisors to hasten corrective action.
BEST PRACTICES FOR COMPLIANCE WITH FINANCIAL INDUSTRY RECORDKEEPING REQUIREMENTS
2.
3.
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 23
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 24
We get it: much of the data in collaboration apps seems trivial on its own.
It’s hard for ediscovery and compliance professionals—not to mention
data custodians—to wrap their brains around. Useful information can be
hard to find and harder to capture—especially if you want it in a robustly
admissible form for litigation or a regulatory inquiry. There’s no doubt
that it would be easier to just let all that data swirl down the metaphorical
drain as your record retention periods come and go.
But as more and more business communications move away from email
and into collaboration apps, organizations are getting serious about these
apps as data sources.
Hanzo can help. Our tools were designed to help ediscovery and
compliance professionals identify relevant information—wherever it may
be—and to capture it in a form that’s accessible for supervisory review or
available for export into ediscovery review platforms like Relativity. Hanzo
Dynamic Capture collects and archives native-format data from online
sources, including web-based collaboration apps. And Hanzo Hold solves
the problem of specific collaboration apps like Slack, enabling retention of
data that’s subject to a regulatory compliance obligation or an ediscovery
hold, while allowing the remainder of your collaboration data to be
defensibly deleted in accordance with a standard records retention
schedule.
You can’t complete a puzzle—at least not very satisfactorily—without first
finding all the individual puzzle pieces; even a piece that’s nondescript
in isolation might turn out to be the one that pulls the whole picture
together. In ediscovery and compliance investigations, those pieces
are the facts of the underlying events, and many of them are hiding in
collaboration apps. How many can you find?
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 25
PRESERVE EXACTLY THE SLACK DATA YOU NEED.
NOT MORE.
Best Practice eDiscovery and Compliance for Enterprise Collaboration
Hanzo Hold empowers corporations to apply a legal hold—including silent holds—to enterprise Slack communication data, adhere to information governance policies, and
meet the duty to preserve data for litigation and compliance.
REQUEST A DEMO
Find out more: hanzo.co
Enterprise Collaboration Essentials for eDiscovery and Compliance
Practical Guide Presented by Hanzo 26
BRAD HARRISVP of Product, Hanzo
Brad Harris is the VP of Product at Hanzo, a pioneer in the contextual
capture, and preservation of dynamic web and collaboration content
for corporate legal and compliance departments. He leads product
vision and innovation for the company. Brad has more than 30 years’
experience in the high technology and enterprise software sectors,
including assisting Fortune 1000 companies enhance their e-discovery
preparedness through technology and process improvement. Brad is a
frequent author and speaker on data preservation and e-discovery issues
and is a member of The Sedona Conference WG1.
ABOUT THE AUTHOR