Chain of Custody
Documentation regarding the identification, collection, processing, movement, and transfer/delivery of data from the time it was obtained to final delivery. This should represent verification that the final data set has not been altered during the collection process.
The study of how shareholders, directors, employees, creditors, and other stakeholders, such as consumers, the community, and the environment, interact with one another in corporate and business settings.
The process of culling down, understanding, and organizing large data sets to identify useful patterns or trends within the data.
Defines the policies of persistent data and records management for meeting legal and business data archival requirements. A data-retention policy weighs legal and privacy concerns against economics and need-to-know concerns to determine the retention time, archival rules, data formats, and the permissible means of storage, access, and encryption.
Process of comparing electronic records based on their characteristics and removing duplicate records from the data set.
The process of unveiling and interpreting Electronically Stored Information (ESI) within a system to perform an investigation, which ultimately produces findings relevant to a crime or civil action.
Early Case Assessment (ECA)
Refers to evaluating potential risk, in regards to time and money, to defend or prosecute litigation.
The identification, preservation, collection, production, and use of ESI with the intent of using it in a civil or criminal legal case.
eDiscovery Response Team (eDRT)
A team of individuals assembled to coordinate and execute a Discovery Response Plan. An eDRT is typically composed of key internal representatives from legal, IT, and management in addition to specialty legal vendors and outside counsel.
Electronic Discovery Reference Model (EDRM)
A detailed reference model considered a best practice for the discovery and recovery of digital information. EDRM is a six-step process for gathering potential evidence in legal matters. The six steps are (1) Information Management, (2) Identification, (3) Preservation & Collection, (4) Processing, Review, & Analysis, (5) Production, and (6) Presentation.
- Information Management — Putting your electronic house in order to mitigate risk and expenses should eDiscovery become an issue, from initial creation of ESI through its final disposition.
- Identification — Locating potential sources of ESI and determining its scope, breadth, and depth.
- Preservation — Ensuring that ESI is protected against inappropriate alteration or destruction.
- Collection — The process of retrieving structured and unstructured electronic data from various data sources (e.g., business applications, computers, file servers, CD/DVDs, and backup tapes).
- Processing — Reducing the volume of ESI and converting it, if necessary, to forms more suitable for review and analysis.
- Review — Evaluating ESI for relevance and privilege.
- Analysis — Evaluating ESI for content and context, including key patterns, topics, people, and discussion.
- Production — Delivering ESI to others in appropriate forms and using appropriate delivery mechanisms.
- Presentation — Displaying ESI before audiences (at depositions, hearings, trials, etc.), especially in native and near-native forms, to elicit further information, validate existing facts or positions, or persuade an audience.
A document that has been scanned and stored digitally or was originally created on a computer. Documents become more useful when stored electronically because they can be widely distributed instantly and allow searching. HTML and PDF are well-known electronic document formats.
Information recorded in a form that requires a computer or other machine to process it and that otherwise satisfies the definition of a record.
The ability to access documents in searchable electronic form and use keywords or concepts to find relevant documents for further review.
Electronically Stored Information (ESI)
Any type of information that is stored electronically, including web content, databases, email, documents, blog, instant messages, voicemail, etc.
A public authority or government agency responsible for exercising autonomous authority over some area of human activity in a regulatory or supervisory capacity.
Information Governance (IG)
The organized structures and processes that ensure an accountability framework for an IT system that simultaneously support an organization’s legal objectives and strategies.
Information Governance Reference Model (IGRM)
This is a reference model that is related to the EDRM used to promote cross-functional dialogue and collaboration among IT, Legal, Compliance, Records Management, and other stakeholder groups within organizations to implement fully compliant Information Governance procedures.
Process used to retain information relevant to litigation, which supersedes an organization’s data-retention policy. A legal hold is a written set of instructions sent to individual custodians and Application Business Owners, intended to suspend the normal disposition or processing of records. Legal holds advise custodians of the legal matter and explain their preservation responsibilities in connection with preventing the destruction of potentially relevant information, including ESI and modifications thereto, within their control.
Provides a fundamental understanding of the contents of a particular file, such as the creation date, last updated date, author, recipient, title, size, etc. Also includes hidden material, such as hidden rows/cells/formulas in an Excel spreadsheet and track changes/comments in a Word document.
The MD5 hash (also known as checksum) for a file is a 128-bit value, something like a fingerprint of the file. This feature can be useful both for file comparison and integrity control.
Predictive Coding / Technology Assisted Review
Computer-assisted document review in which attorneys train a system to categorize documents based on relevancy scores.
Planning, organizing, controlling, and directing activities that oversee the life-cycle of information.
Rule 26(f) Meet and Confer
A pre-trial phase in a lawsuit in which each party, through the Federal Rule of Civil Procedure (FRCP), seeks to agree upon scope (e.g., data custodians, key witnesses), timeframes, format, keyword search terms, de-duplication standards, etc.
Intentional or unintentional withholding of evidence as it pertains to a legal case. This includes hiding, altering, or destroying evidence.
ESI organized in a structured format using fixed fields, such as in a relational database or spreadsheet (e.g., Oracle, SQL server, Documentum).
Under the Federal Rule of Civil Procedure 30(b)(6), a corporation, partnership, association, or governmental agency is subject to the deposition process and to provide one or more witnesses to testify as to matters known or reasonably available to the organization without compromising attorney-client privilege communications or work product. It is not unusual for the 30(b)(6) topics to be directed toward the discovery process, including procedures for preservation, collection, chain of custody, and processing.
ESI stored in free-form text, such as documents, emails, or web pages.