Creating a Digital Evidence Policy

By John Wagley

01 December 2012

Print Issue: December 2012

DIGITAL EVIDENCE is playing an increasing role when companies must defend themselves in court. “It’s almost impossible to have a case these days without digital evidence being involved,” says Steven Teppler, counsel at the firm Edelson McGuire.

For that reason, organizations need an information policy that details the types of electronic records that must be preserved, how long they must be retained, how they are secured against tampering, how they can be retrieved and provided upon request in the case of a trial, and how and when records will be routinely destroyed.

Organizations should take steps now to preserve data that could be important in a future lawsuit, Teppler says. The types of information that can be important to preserve may include information on starting the business, future business plans, sales receipts, or any documentation relating to intellectual property. Lawyers also recommend that companies preserve relevant communications from all of their top executives.

Such documentation can help a company prove “where my assets are and who owes me money.” They can also help protect the enterprise from illegitimate claims and help determine the company’s legal position in many other areas, he says.

In addition to preserving documentation, a company must be able to show that the electronic records have not been tampered with, Teppler says. It can be relatively simple to show information, including the date of creation and other metadata, when it comes to programs such as e-mail or Microsoft Word documents, for example. Such documents and information are also relatively simple to back up.

It can be more challenging to preserve evidence when it comes from proprietary software or programs, however, says Jill McIntyre, an attorney at Jackson Kelly. “It’s a hard environment to collect from and to make [evidence] accountable in a way that makes sense to people.”

There are creative ways to authenticate electronic records, however. For example, Teppler tells clients to consider using a Web camera to document when someone signs a document on their computer or as another means of showing that they received a text message relating to a large transaction. Teppler says that people can speak into the Web camera and state that they’re in the process of signing a particular document. They can also capture the image of a text message, for example. Clients may also want to go through additional steps, he explains, such as sending a receipt via text message and also showing it to the camera.

One of the biggest challenges surrounding digital evidence is simply the enormous amount of information that must sometimes be uncovered in litigation, says McIntyre. With storage space cheaper than ever, people may be tempted to save more than they need, she says, but examining documents during litigation can be very expensive. Sometimes organizations will settle matters simply to avoid the cost of finding all relevant e-mails and other documents, says Teppler.

One way to address the issue of data volume is to have a well-thought-out routine data destruction policy, says McIntyre. It’s also important to have good archiving so that it’s not hard to find where data is located, she says. These provisions should be part of an overall information security plan. Sometimes people intend to create such a plan, she says, but “don’t implement it.”

Organizations should conduct a survey to assess what data should be kept and for how long. To make such an assessment, McIntyre says people should consider looking to trade organizations in one’s industry for best practices; she also says that a company may want to get legal advice to ensure that policies comply with all state and federal laws that may apply.

Certain documents, including those related to areas such as the creation of the business or to insurance, she says, may need to be kept indefinitely in some cases. However, McIntyre says “very little else typically needs to be kept forever.” Much of how long certain information should be kept will likely relate to the statute of limitations on litigation in certain jurisdictions, she says. If litigation arises, organizations should be sure to let employees know to begin retaining certain kinds of data.

Some programs, such as Microsoft Outlook, can be set to automatically delete or store data after a certain time period, she notes. If a case arises after relevant data has been routinely deleted, it can be acceptable to rely on people’s memory during litigation, she says. The company should, however, always endeavor to remove from routine destruction any data that might be subject to discovery as part of any ongoing or anticipated lawsuit. Destroying data once litigation is underway can result in hefty fines.

Organizations may want to audit certain computers or databases to ensure that they do not contain information they aren’t supposed to. Some companies use technological tools, for example, to search employees’ computers to look for information that shouldn’t be stored there, McIntyre says. Employees should be reprimanded if they repeatedly fail to comply with an organization’s data destruction and storage policy, she says.