On November 12th, as part of our The Inevitable 2020 series, Text IQ hosted the discussion Diffusing the Enterprise Data Explosion: From E-Discovery To E-verything.
Our panelists, coming from vantage points including e-discovery, data security and privacy, records management, and legal operations discuss how they are leveraging innovation and technology to solve data challenges from e-discovery to e-verything.
- Associate General Counsel and Director of Cardinal Health's Discovery Center of Excellence, Amy Sellars focuses exclusively on e-discovery. She is also a Steering Committee member for The Sedona Conference’s Working Group 1 on Electronic Document Retention and Production and a member of the metrics committee of the EDRM.
- Pam Schieffelin is Senior Director & Legal Counsel at Qualcomm where she oversees the e-discovery management organization. Prior to joining Qualcomm she was an associate with Greenberg Traurig. A graduate of Northeastern University School of Law, Pam Clerked for the Massachusetts Superior Court.
- Moderator Andrea L. D'Ambra is a Partner and the U.S. Head of E-discovery and Information Governance at Norton Rose Fullbright. She is a Certified Information Privacy Professional for the European Union (CIPP/E), she is also an adjunct professor of law at Temple and William and Mary Law Schools.
- Senior Manager of E-Discovery and Records Management in the AbbVie Inc. Legal Operations Department, Constance Mockaitis works on cross-functional teams that include members of Legal, Records Management, Data Privacy, Information Security and IT Technical Delivery Teams to craft Information Governance strategy, policy and procedures.
The Centrifugal Force of Data
“Rarely do businesses start out with an idea that we need to have very rigid structure about how data is kept in and how people are trained to keep it... it was very different when you had a physical structure like filing cabinets.” ―Sellars
“The default has changed,” agrees D’Ambra. “Thirty years ago, the default wasn't to keep it, it was to throw it away, right? You had a filing cabinet and you only had so much room in your filing cabinet. So, you had to be discriminating about what you would put in there.”
In a highly regulated industry says AbbVie Inc.’s Mockaitis, “you tend to make sure that you're keeping what you must. But it bleeds over into other habits of folks who create a lot of data...”
At Qualcomm, keeping everything was driven by the lifecycle of ideas says Schieffelin: “we felt it served us...to have that information at our fingertips....there's an interest in keeping hold of ideas so that maybe at a time where they're ripe [and the technology has advanced sufficiently], they can happen.”
The Centripetal Force of Data Privacy
“When you're thinking about big data and information governance you need a watershed moment. You need someone to force you to take action and rally the troops. [GDPR] was one...it's not just because we shouldn't be managing this much data and that we don't need it. We can't have it." ―Mockaitis
While data storage – particularly in the cloud – being “easy” and “cheap” enabled the data explosion, the advent of data privacy regulations like the GDPR and CCPA are changing the cost and risk calculus dramatically.
What is particularly important is the focus on unstructured data.
“The new rules seem to think more about unstructured data than structured and that it's so difficult to unwind that stuff....I can't look line by line. I can't. Some of our [client’s] systems can't even selectively purge. So how do you deal with that situation? It's kind of a lose, lose. ―Sellers
This dilemma genuinely concerns 'e-verything' from business documents and records, corporate IP and trade secrets, and data privacy concerning personally identifiable information. All of this data has to be identified – sometimes “line by line” – to ensure compliance. “Do we get rid of this? And how do I tell what is subject to hold?” Delete or purge has become a “Chinatown Moment” says Sellers.
Finding Effective and Compliant Equilibrium
Data has to be kept whether as a function of business need or legal compliance. Data has to be purged as part of a sound data management program – particularly in light of new privacy regulation. In short, “not all data is created equal,” notes moderator D’Ambra who goes on to ask, “How are you going to differentiate between those tranches of information?”
“That's you know, one of the problems that I've been attempting to tackle for the better part of seven years is how do you develop that knowledge in a more institutional or more available way... So something that we've paid a lot of attention to in the e-discovery realm [is] looking at tools way to essentially build a brain.” ― Schieffelin
A go-forward strategy is essential says Sellars. “I see so many clients who are paralyzed by all the data they have...and worry about it. And we tell them...turn off the tap first. We can bail out the bathtub later...”
And to get this right, it will take a multifaceted “brain.” “It's business technology solutions it's policy, it's privacy, it's cybersecurity, it's e-discovery, it's records management. All of those people have a piece of it and a view to it” says Mockaitis.
The technology solutions you choose will clearly need to not only provide content analysis “line by line,” but understand how the data is used, by whom, and why across the organization.
This is just a smattering of the highly insightful and engaging conversation from these four thought leaders.