New committee formed to develop eDiscovery process standards
A 66-year-old governing body with 162 member nations that deal with a wide range of issues has announced that they are forming a new committee who will have the task of developing standards for eDiscovery processes. The International Standards Organisation has said that the standards, should they be passed, ‘would define procedures for technology companies, discovery providers and their clients to follow when handling digital data’. A draft of the committee charter states: “This international standard provides guidance on measures spanning from initial creation of electronically stored information through its final disposition, which an organisation can undertake to mitigate risk and expense should electronic discovery become an issue.”
ISO’s cybersecurity unit has already standardised certain aspects of digital forensics, such as identification, collection and preservation of electronic data. Whilst it has experience in legal topics, Discovery didn’t fit into any other ISO group. If Discovery products and services are ISO-compliant, then counsel and party are able to decide what to purchase more easily, and judges will be reassured that electronic data discovery has followed a set of uniform methods. Eric Hibbard at Hitachi Data Systems, co-editor of the project and an international representative on a US contingent to the organisation, said: “We’re not trying to impose requirements on lawyers or judges. That’s not the intention of the activity. It’s really intended to help them sort through some of the technology issues that are really nebulous.”
The new standards would also refer to existing ISO forensic work and product auditing aspects, citing the long-standing ISO 9001 quality control procedures and enabling eDiscovery companies achieve certification.
There are 37 corporate members of Hibbard’s cybersecurity committee including EMC Corp., Booz Allen & Hamilton Inc., Microsoft Corp., Hewlett-Packard Co., and Symantec Corp. All of these companies already have a big presence in the eDiscovery market, with HP and Symantec having the largest EDD involvement being owners of Autonomy and Clearwell Systems respectively.
Generally, the concept has been well-received; eDiscovery practice leader at Stroz Friedberg, Tom Barnett, said: “eDiscovery is not a legal process. It’s a technical and engineering problem. You need a standard. Because it is a relatively new industry, a lot of people do things their own way. I think it’ll be good for the industry to be able to separate the people who are really serious about process and quality control from the people who aren’t.”
Phil Favro, eDiscovery attorney at Symantec, said: “I find it fascinating; I think that anything that can get cross-border standards on eDiscovery is a good thing, and that having an international body with collaboration from key players in the industry establishing those standards will go a long way, hopefully, to addressing the misunderstandings that exist between different countries.” However, Favro did note that there is potential overlap with existing work from the Sedona Conference think tank, and Barnett added that a standard could become too wide and difficult to manage.
That said, both George Socha, well-known for his work on the Electronic Discovery Reference Model, and Karl Schieneman of Review Less, agree that whilst a standard will help, but fear that with eDiscovery being such a rapidly changing environment, are any standards going to be comprehensive enough. Schieneman said: “Obviously international eDiscovery is a growing problem. But the tension with standardising processes requires you to know which processes you want to standardise. You need to know what works. The big issue right now is experimentation.” He continued: “Predictive coding, cloud computing, bring-your-own-device, social networking – there are lots of problems out there. Having an international committee is not a bad thing, but the bigger challenge is trying different approaches to figure out what works.”
Jason R. Baron, who is Director of Litigation at the US National Archives, joined Hibbard in the quest to develop eDiscovery standards, having proposed a similar quality control standard last year, but without the process aspects. Baron supports the ISO part of Hibbard’s plan, commenting: “I’d like to think that the eDiscovery industry is maturing enough in terms of its capability maturity model, especially in the vendor space, to allow for the development of standards that govern what we do.”
Written by: Allie Philpin