So according to this recent survey by our Seattle-area neighbor Michael Osterman (via Information Governance), IT departments respond to (on average) 191 email search and discovery requests each year. That’s almost 4 per week!  No wonder firms like Forrester Research forecast it to be a $4.8 Billion market by 2011 and why all sorts of vendors and service providers are jumping into the space.  But what about the folks in IT carrying the load?

I don’t see how this is sustainable given all the other things on the IT agenda.  I continue to be amazed at how knowledgeable the IT, messaging, shared services, infrastructure, security, etc. folks are about evidence collection, preservation, and production especially around email.  This is not core to the business and backlash is brewing.  It is not a business process or competency that any company will be able to differentiate on or build shareholder value around. 

As long as people keep sending email and discovery requests continue to arrive, this is the state of affairs and I think it is a pretty safe prediction to say that both show no signs of slowing down.  At some point companies and their IT departments must realize the best defense is a good offense and implement processes and technologies that allow them to prepare for this costly part of doing business.

Symantec issued this press release today on its new "connectors" approach for third-party case management, review, analytics,
forensics
and desktop collection tools.  Enterprise Vault is widely deployed and there is pretty consistent pain around getting at the records you have so diligently saved.  We integrated to Enterprise Vault several years ago (v5.0 I believe) to provide policy-based classification and tagging as email records get archived (prior to ingestion). Adding meta-data to records as they are saved and using that additional information during retrieval now with a variety of supported third-part vendor tools is great news for EV customers.

We were included in Gartner analyst Debra Logan’s new "Choosing an E-Discovery Solution in 2007 and 2008" report.  She covers a wide range of needs and vendors with a pretty comprehensive view of the e-discovery landscape.   It is available via the Gartner website.

Although MessageGate is not a pure e-discovery company and we do not provide evidence production and review capabilities, we are seeing the need for smarter ways to sort, classify, and control email under the banner of e-discovery.  As companies begin to tally the cost of litigation, it is making more and more sense to prepare for this unfortunate business reality.  Beyond litigation preparation, we have helped companies with forensic and investigative review of high volumes of email.  Our approach is different than the standard ingest, index, review process of search-oriented solutions.  Rather, we effectively "replay" the messages through our policy engine with rules set to detect certain directions, users/user groups, documents, phrases, times, etc.

Keep an eye on what is happening at Bear Stearns and the story on Richard Marin’s "Whim of Iron" blog here and here.  This was, as I understand it, a personal blog but he discussed the pace of activity at Bear as their hedge funds teetered on collapse in addition to more mundane/personal things like movies he had seen.  All good stuff and great blogs provide a personal view of the author in addition to commentary on their respective domain of knowledge. 

That said, a securities firm like Bear Stearns is heavily regulated and as the dust settles on this latest hedge fund debacle they will be under a serious microscope with the lawyers and discovery requests close behind.

This is another case study on personal blogging and the corporate world.  In my case, this is my personal blog, I pay for it, Typepad hosts it, and it is consistent with our company policy on blogs.  Something tells me that this was not sanctioned by Bear and, as this NY Times story points out, Mr. Marin has now password protected the site.

Does using your company email address as your preferred email contact (as Mr. Marin did) no longer make it personal?  Does talking about what you do at work cause it to become a formal business record?  Assuming a blog falls under he definition of "electronic communications", should it have been properly supervised according to NASD regs?  All great questions that need further research on my part.  Posting to a blog without access controls puts it out there for anyone in the world to see and *should* factor in to any post you make.

Regardless of the outcome for Mr. Marin (he has already been replaced), I am long Bear Stearns as they are one of the best run firms on Wall Street.

UPDATED: 

Looks like someone over at Google is learning this same lesson.  Lauren Turner decided to offer a bit of advice to healthcare companies to use Google ads opposite coverage of Sicko by "I keep trying to relive Roger & Me" director Michael Moore.  She did this on her Google blog and quickly had to offer up a clarification.  Here’s some good perspective on it from Robert Scoble.

We released these results today and they are pretty interesting.  As part of our recent Law.com webcast series, we took a survey and found the following consistent and somewhat eye-opening trends:

Why are you interested in email governance?

Who sets email policy in your organization?

More from our Reshaping Information Security MarketInsight study.  This section deals with the pain and confusion surrounding e-discovery and how those responsible for information security get in the middle of e-discovery projects.

e-Discovery

One thing became very clear during the course of our discussions – information security and IT professionals are becoming very adept at e-discovery and their time is being filled with requests to produce emails.  In many cases, the infrastructure is simply not in place to provide relatively easy access to the mountain of email produced by a company on any given day.

Following a normal program of deletion is deemed best practices, but even if you anticipate an inquiry and don’t save the email records, you could be in hot water.  One company’s lawyer offered a definition of “transitory” email as one that is not for business purposes, however this created even more confusion.  In some cases, companies manage separate environments to accommodate legal hold requests and to ensure there is no spoilage of possible email evidence going as far in one case to have a separate mail server where certain mailboxes are moved.

More and more, the participants viewed being able to assist counsel with litigation discovery as a component of their jobs and were actively working to develop cost models for an investigation to ensure legal wanted to bear the costs when a request is made.  Of most concern to them was the “period of exposure” in a discovery request – figuring out what had and what they could produce within what time frame.

One participant cited 22 separate discovery requests he had to manage last year and another quoted over 40% of the employees at his company were on some type of legal hold.  As for other media and ways to communicate, Instant Messaging (IM) was deemed to be “like a phone call” so there was no need to archive it as they don’t record calls and if thumb drives are permitted and advocated as a way to move files and save data, they now become discoverable.

Had breakfast yesterday morning with a good friend that works for one of the major eDiscovery companies around.  I always enjoy catching up with him because we can talk through pretty much the entire lifecycle of a message from point of origination (send) to point of accountability (courtroom).  So over a great breakfast at Oriel Cafe in Kirkland (try the pancakes with the berry compote..mmmmm), we talked about the pain and problems of electronic discovery. 

There are obviously many types of electronic records reviewed during litigation so I was curious what percentage was made up by email from his perspective.  His answer was over 80% with the balance made up of MS Office type files from personal or shared folders – many of which are duplicated in the email corpus because that is how they are shared.  Of course there are some additional formats in any sample, but on the whole email is the 800lb gorilla in electronic discovery.

There is quite a bit of coverage and confusion about what these new rules mean to companies on a variety of levels – from retention to legal exposure. Most pertinent to us is what they mean for corporate email and how companies must prepare for the unsavory business reality of litigation.

To address this topic, we did a short webcast with our partner Onsite (who provides e-discovery services) in an attempt to have a practical discussion about what these changes mean and how to make sense out of them. Here’s the link via Law.com.

Yes, I know that webcasts can be a bit dull and this is certainly a promotional piece. However, we tried something a little different starting with an interview style Q&A discussion at the beginning and saving the standard Powerpoint sales pitch slides for the end.

Feel free to bail out as we get into our respective sales pitches, but take a few minutes to listen to the discussion on the front end. Terry, who leads consulting for Onsite, is very knowledgeable and in about four short slides boils this down pretty well.

Also, see if you can figure out where I lost my audio connection and had to scramble to dial back in…

There is a lot of rhetoric flying around about scandal, cover-up, Hatch Act violations, etc. in the most recent firestorm in our 24 hour news cycle society – the White House is having trouble getting their hands on emails requested by Congress.

Let’s put aside any discussion of political cover-up/opportunism, Presidential power privilege/abuse, or even if something illegal was done for a second and understand that what the White House is experiencing is the same thing corporate America is dealing with every day.

Just ask Morgan Stanley how easy it is to ensure you can quickly and readily get your hands on archived emails even when you are suppose to be able to do so by law:

Morgan Stanley Muddles Through An E-Mail Mess

Court overturns $1.6 billion ruling against Morgan Stanley

Regulator Says Morgan Stanley Withheld E-Mail in Cases

Morgan has a pretty clear standard to meet spelled out by SEC 17a-4 requirements. The situation with the RNC emails is a little less clear. As this story from the LA Times points out, the RNC has an established policy of automatically erasing most email after 30 days.

Now, I’m not expert on the Presidential Records Act so we’re going to have to leave that to the really smart clever lawyers on the Republican and Democrat side of the aisle to slug out and claim respective victory when the dust settles on this one.

What’s playing out in the headlines is what we see everyday within the four walls of companies where, even in the absence of an official inquiry or investigation, there is a significant challenge in getting at sent/received emails. This is due in part to a lack of understanding from those that are asking for them and significant technical challenges on those that are charged with getting them.

It may be easy for you to go to your inbox and find an email, but until you try sifting through months and years of emails for thousands of employees stored in various locations and formats that include everything from vacation pictures to system alerts to newsletters you will not truly appreciate the nature of this problem.