- Security TWENTY
- Women in Security
For edisclosure providers and their clients, there are two critical themes which underscore how the ediscovery landscape is expected to change this year, writes Hitesh Chowdhry, Electronic Evidence Consultant at Kroll Ontrack: developments in regulation and enforcement, and advances in technology. He identifies below how these issues are emerging in five key trends for 2015; all of which he argues are symptomatic of a shift in the direction of a more integrated approach towards corporate information governance and management.
Edisclosure without borders
As international corporate expansion continues, there is an increasing emphasis on global co-operation between state regulators, to stamp out unwelcome commercial practices such as anti-competitive behaviour and corruption. The banking industry is a pertinent example of an environment wherein large volumes of communications which could be subject to regulatory scrutiny move across borders on a second-by-second basis. Given the substantial fines that have been paid out by international banks in the past few years, it is incumbent upon them to monitor intra-company activities on a pre-emptive and global basis to avoid potential regulatory breaches in the future. Such supervision requires the proficient collection, processing, hosting, and review of data – services which edisclosure vendors can best provide.
We have seen similar levels of regulatory enquiry in other industries, including pharmaceuticals and consumer electronics. Over the coming year we expect to see an increasing number of global entities seeking to achieve efficient organisation over their data, so that relevant communications can be easily identified and reviewed on an international scale.
As well as more stringent regulatory enforcement, corporations will need to address various legal developments that have implications for electronic data management. One pressing example is the recent member state ratification of the European Directive on antitrust damages, which opens the floodgates to injured parties claiming a right to obtain the disclosure of evidence in order to support private law actions. The Directive provides that national courts shall have the power to order parties to the proceedings, as well as third parties, to disclose relevant evidence in their control. This could have profound implications on the disclosure obligations of companies involved in antitrust investigations, and we consider that this will lead to such companies engaging edisclosure providers on a pre-emptive basis to look at internal data strategically, in order to see if there is anything they need to be concerned about.
In addition, the newly-formed UK Competition and Markets Authority (CMA) (born out of a merger between the Office of Fair Trading and the Competition Commission) made its intentions clear with its announcement in November 2014 that it is to launch a competition inquiry into the banking industry. This inquiry may well be symptomatic of a more hard-nosed approach to anti-competitive investigations, which would put a greater emphasis on the need for companies in the UK to use edisclosure technology and consultancy. This could be both proactively to detect problems and reactively to respond to regulatory scrutiny.
Data breaches are becoming bigger, more prevalent, and are causing more damage than before. According to The Economist, in 2013 over 800 million records were lost, in the main through so-called cyber-attacks. It seems that no enterprise is too big to fail in this regard, as recent high-profile incidents have involved Sony, Adobe, Apple, eBay, and Target. It would not be imprudent to say that this is one of the biggest threats to organisations in the digital age. At risk are sensitive client and employee data, as well as trade secrets, both of which can be critical to a company’s success. Gartner estimates that the worldwide spend on information security will reach $76.9 billion by 2015, which indicates the level of investment by organisations in order to protect themselves.
Edisclosure tools allow companies to identify where sensitive data is, and how it can be accessed. That visibility enables companies to set up early warning systems to highlight potential breaches. We anticipate an increase in demand for edisclosure platforms to act as holistic data management tools to safeguard against security violations.
Data on demand
Whilst companies are only just beginning to get to grips with the vast volumes of data caused by the prevalence of email, new technological habits are throwing up further challenges. The seemingly-infinite usage of mobile data and social media gives rise to a plethora of new sources of relevant data, which will need to be collected and analysed to meet disclosure and investigatory obligations. In a recent US case, the court awarded hefty sanctions against a party who failed to produce potentially-relevant social media data. This action is symptomatic of the new challenges which edisclosure providers will be asked to assist in addressing.
More for less
As corporations give more attention to information management, they look for more cost-effective methods of handling that process. Two factors are relevant in this regard – the advance in technology allowing tasks to be carried out more efficiently, and the ‘unbundling’ of legal services both of which are likely to continue developing in 2015.
Advances in edisclosure technology have been rapidly adopted – today’s lawyers are far more adept at using keyword searches and other priority electronic documentation identification tools than they were five years ago. The latest in such advanced technology – predictive coding – enables an IT system to learn the basis upon which a lawyer would identify a document as being relevant. This type of machine-learning opens the doors for companies to implement systems that automatically detect relevant data, based on a ‘smart’ understanding of the context of information flows.
Meanwhile, the growth in alternative providers of legal services allows companies to employ third parties that specialise in providing document review services. These “managed review” providers employ experienced lawyers to review documents, at a fraction of the cost that law firms would charge. Companies are thus able to break up the elements of their total spend on litigation and investigations into distinctive chunks, which can be handled by various parties in a more cost-efficient manner.