What’s coming in the year ahead, from data security to new professional roles
It’s that time of year — the time when each of us says goodbye to last year’s priorities and projects, clears the decks, and makes bold plans for how we believe (or hope) the new year will unfold.
In terms of in-house ediscovery, here are our predictions for 2019:
1. Corporate security and privacy concerns will get worse before they get better
The tide has yet to turn on effecting true change in how we deal with data security and data privacy. Every day we hear new stories about failures in data management: the Marriott data breach, Facebook’s breach (and its slow response that likely violated the EU’s General Data Protection Regulation), and the malicious hacking of the Quora website are recent examples.
The good news is that a change is coming; the bad news is that there will be more, and worse, reported breaches before they finally start to diminish. Why? It’s simple: there’s a lag time between making changes and seeing the results from those changes.
Action item: Make 2019 the year your organization rethinks data security. This is an opportunity for forward-thinking businesses to differentiate themselves from the competition. If you haven’t already, consider moving your data to the cloud rather than trying to manage security in house.
2. Corporations will be more diligent about data deletion
Two factors will drive an increased focus on defensible data deletion in 2019. The first is the continued news about data breaches, especially those involving data that no longer served any viable business purpose. If your organization no longer has sensitive data because it’s been deleted, that data can’t be breached.
The second is the proportionality emphasis of the amended Federal Rules of Civil Procedure. As cases have made their way through the judicial system in 2018, we’ve seen courts enforcing limits on discovery in accordance with reasonable limits on proportionality. Increasingly, corporations will be more diligent about creating and enforcing shorter record-retention periods and defensible deletion protocols as proportionality takes root.
Action item: Revisit your own organization’s records policies. Evaluate whether you are keeping data for longer than it is useful, thereby creating unnecessary risks.
3. Corporations will continue to move more of their ediscovery tasks in house
Again, two forces are moving corporations toward in-house ediscovery, particularly for data processing and small-scale or early case review. First, the stick: budgets continue to hold or shrink as legal departments are more often treated as business units rather than as special exceptions. Ediscovery has become a major cost — one that corporations are losing their tolerance for. The pressure to reduce costs has led many legal departments to look for ways to reduce the volume of data involved in ediscovery and, consequently, to reduce the cost of managing that data.
And then there’s the carrot: as ediscovery technology improves, corporations find that they can bring more of their data culling and early review tasks in house. Note that this may require an expansion of in-house technical capabilities — which leads to our next prediction.
Action item: Take a fresh look at how your organization manages ediscovery. While new tools require an up-front investment, the return on that investment may pay for itself surprisingly quickly.
4. There will be more crossover between legal and technical proficiency in ediscovery roles
The ediscovery profession already demands a blend of legal expertise, technical proficiency, and a strategic business mindset. While specialists will remain in each of these areas, expect to see the rise of generalists who can capably manage all three areas as role “silos” break down.
This tracks with both the move toward in-house ediscovery, and the attendant need to have ediscovery staff who can manage that technology, as well as with a greater emphasis on legal operations. Ediscovery professionals who attain reasonable mastery of all three areas, whether through on-the-job training or specific education, will be in high demand.
Action item: Assess your current ediscovery staffing and your needs in 2019. Do you need more diversity in roles and areas of expertise? You may find that you can expand your existing staff’s expertise — and your own — by encouraging development through certification or continuing education, including attendance at specialized conferences.
5. As a profession, ediscovery will start to develop a common vocabulary and rethink its models
This process has already begun, but it will truly blossom in 2019. The International Organization for Standardization (ISO) has created a global standard for ediscovery that opens the door for the development of a common global vocabulary.
Additionally, ediscovery professionals are starting to strategically rethink, and rebuild from the ground up, a model of how ediscovery should work. While the original Electronic Discovery Reference Model (EDRM) was helpful in visualizing the flow of data across ediscovery processes, improvements in technology have rendered parts of it obsolete. For our part, we’ve already proposed new models, including the Electronic Discovery Management Model (EDMM), to emphasize the role of information governance and the expanded process of data identification in ediscovery. This reimagining of the overall workflow can guide us to make better decisions in both individual cases and the overarching selection of appropriate tools, processes, and people.
Action item: This is a good opportunity to “think globally and act locally.” Consider attending ediscovery conferences where you can discuss the overall direction of the field or joining a professional organization to help steer those discussions. Meanwhile, take a fresh look at your own ediscovery process, freed from the constraints of how you’ve always done things. New technologies may afford you an opportunity to reimagine your process, improving your results.