Brett Franklin:KPMG - Electronic Data And Litigation : Are You Ready?

2018-04-26

Brett Franklin, Associate Director at Forensic KPMG, South Africa

Large data volumes, distributed data sources and multiple stakeholders characterise typical business in today’s digital world. Mobile and wireless technologies have further increased data volumes and data sources, while permitting access to data anywhere. Coupled with the ever increasing data volumes is the inability to keep up with effectively managing the storage, security and transfer of this Electronically Stored Information (ESI).

ESI has become invaluable in litigation today and in many countries its disclosure is a requirement. The costs associated with it are significant, posing a major challenge for companies faced with litigation and regulatory investigations requiring extensive data collection and review. The need for businesses being prepared to adequately respond to requests is a priority.

Unlike collecting boxes filled with lever arch files from an office, ESI requires a different approach due to the sheer volume of information (e-mails, documents and databases) that are potentially relevant. ESI can be easily altered (intentionally or not) and data thought to be deleted can often be recovered.

Therefore, specialised tools are required to collect, preserve and process this information. This process can be time consuming and costly if not planned and managed correctly. With the promulgation of the Protection of Personal Information Act (POPI), this places an added responsibility on both private and public bodies to comply with certain conditions when dealing with the collection and storage of information.

Being prepared for electronic disclosure starts with an executive e-disclosure policy, governed by internal procedures and government regulations concerning storage of data and should not be developed in isolation of a company’s technical infrastructure. Challenges such as complex system architectures, remotely archived data and system availability need to be considered as policies are meaningless if they cannot be practically implemented.

These should differ in language (technical as opposed to legal) but need to be aimed at aligning the Information Technology (IT) and Legal functions.

Once these policies and procedures are in place and all sources of available data have been documented, a ‘dry run’ based on a ‘mock’ regulatory matter is recommended.

To save time and costs, ideally in-house lawyers should be educated up-front regarding the internal IT infrastructure and in the use of various e-disclosure tools and processes.

By combining sound e-disclosure policies and procedures with effective data management as well as collaboration between IT and Legal departments, companies can respond timeously to requests and reduce  he amount of data collected, processed and reviewed in a cost-effective manner. 

www..kpmg.com/za