A year and 16 days after the institution of the
The new regulations, ordered by the U.S. Supreme Court in April 2006, mandate that businesses must be able to quickly produce such data—including e-mail, digital word documents, images and digital audio and video—when required by litigation in a federal court.
To this end, a relatively new IT sector built around efficient storage and access to legacy business data has been developing, but apparently the genre still has plenty of space to grow. At the one-year milestone, it doesn’t appear as if many potential customers are paying attention—or, if they are aware of the rules, are simply ignoring them.
“The survey reveals serious legal issues for organizations that are either ignoring the new federal mandates for compliance and e-discovery or are clearly not well educated on how to meet the technical requirements,” said IT researcher Michael Osterman of Osterman Research, in Black Diamond, Wash.
Many recent court cases have shown that companies are expected to show a clear retention policy, Osterman said.
“I don’t think it’s difficult to understand the [FRCP] rules,” Osterman said. “Or that business owners don’t know about them. I just think that it sometimes takes ‘headline shock’ to make people move on some things—especially when we’re talking about ‘potential’ liabilities.
“In other words, if it hasn’t happened to them yet, it hasn’t happened.”
Osterman, a veteran storage and data center researcher, said that it often takes bad news to happen to another company before a business owner gets serious about the potential problems he or she could face in litigation.
“Let’s face it: Unless some company gets hit by a $15 million judgment, it is difficult for an IT manager or a CIO to go to his board and say, ‘We might be liable under the new laws for not keeping all our e-mails and word docs. The ‘potential’ problems often don’t get addressed,” Osterman said.
Osterman told of a company he knows in the United Kingdom—one of the larger employers in that nation—that had a sudden change of mind on this issue.
“The CIO had gone to his board in April 2005 with a 265-thousand-pound purchase order request for e-discovery and archiving software and services. He was turned down. In September of that same year, one of the company’s competitors was hit by a large court judgment.
“Three days later, the first company’s board approved the CIO’s original request,” Osterman said.
Many companies are still unclear on the concept of e-discovery in general, Osterman said.
“There really is no consensus yet on whether a company should keep all its e-mail and other docs, or whether a company should keep a finite number of years’ worth of data, or whether it should keep more than 30 days’ worth of data,” Osterman said. “As long as a company can prove it has predictable methods of storing or not storing data, it can show the court that it has some sort of policy in place.”
The uncertainty is about the nature of the policies, which can be different according to each company. Only 47 percent of companies have some kind of e-mail retention policy in place, Osterman said.
Some of the other findings from Osterman include:
If they are taken to court, these companies would likely be required to search backup tapes, desktop files and legacy systems to find information that was deleted in the absence of a good-faith retention policy, Osterman said. Manual e-discovery searches can be costly.
In addition, companies without an e-discovery policy risk being sanctioned for the illegal destruction of evidence, including courtroom penalties that can cost a company an important legal case on process grounds, Osterman said.
The survey was conducted among 111 companies in fall of 2007 by Osterman Research for MessageOne, based in Austin, Texas.
Check out eWEEK.com’s for the latest news, reviews and analysis on enterprise and small business storage hardware and software.