What is eDiscovery?

Before a criminal or civil trial, both sides of the court engage in discovery, the process of sharing information about witnesses and evidence. The goal of discovery is to prevent one side from surprising or ambushing the other during the court proceedings. Discovery allows each side to prepare counter-evidence based on what the opponent will present.

Discovery takes multiple forms. It can consist of depositions, during which lawyers for both sides interview witnesses or others involved in the case. Attorneys might also issue subpoenas during discovery. A subpoena is a request that requires a person to provide a particular document, such as a contract or records. A subpoena can also require a person to testify during a case.

Discovery traditionally involved physical documents and in-person interviews. When the discovery process takes place online or electronically, it's known as eDiscovery.

eDiscovery, also known as electronic discovery, is the process of collecting, producing, and identifying electronically stored information (ESI)

What is eDiscovery?

eDiscovery, also known as electronic discovery, is the process of collecting, producing, and identifying electronically stored information (ESI). The process takes place after a request for the production of ESI for an investigation or lawsuit.

ESI can be in the following forms:

  • Emails
  • Websites
  • Video files
  • Audio files
  • Voicemails
  • Databases
  • Presentations
  • PDF and other document files
  • Social media posts and profiles

The list above is just a small sample of the type of content that can fall under the ESI umbrella.

Terms used in the eDiscovery process

Along with ESI, a few other specialized terms are used throughout the eDiscovery process. It's essential to become familiar with what these terms mean.

  • Spoliation is the destruction or loss of data
  • Native format refers to data's original format
  • Filtering lets you narrow down a search of the data
  • Preservation means to keep data in its original, unaltered form
  • The hash value is the unique signature or fingerprint found in a file
  • Keywords are the terms you use to search ESI during the review process
  • De-duplication is the process of identifying and separating duplicate files
  • De-NISTing refers to the removal of application and system files from ESI
  • Metadata is information contained within the content and is also known as "data about data"
  • A personal storage table (.pst) is a file that stores copies of emails and other electronic messages

Cloud content management allows you to streamline your firm's eDiscovery process

How does eDiscovery Work?

eDiscovery is a multi-faceted process that starts as soon as a lawsuit is on the horizon. The process continues until the various documents are presented to the court — if the case goes through to trial.

If it seems likely that a court proceeding will take place, anyone who might be involved in the lawsuit is legally obligated to preserve any relevant ESI. The prosecution and defense in a criminal case and the plaintiff and defense attorneys in a civil case are required to identify the appropriate ESI, determine the scope of eDiscovery, and issue requests to the other side. Likewise, the attorneys can challenge eDiscovery requests made by the other side.

While eDiscovery can look pretty simple on the surface, the process can be rather complicated and often involves multiple steps and procedures. It can take some effort to wrangle the content needed during the eDiscovery process, but many in the legal profession would agree that it's much better than having to shift through boxes and boxes of physical documentation. Cloud content management allows you to streamline your firm's eDiscovery process, ensuring you have the information required and that you can respond to requests for information quickly.

Having all the facts and documentation about a case at your fingertips allows you and your legal team to uncover relevant and pertinent information that can make or break your court case

Why should you care about eDiscovery?

Attorneys use the information uncovered during the discovery process to put together their arguments in a case and to prepare to examine or cross-examine witnesses. In some instances, a case can hinge on the information found in a single email or a text message exchange between two parties.

Having all the facts and documentation about a case at your fingertips allows you and your legal team to uncover relevant and pertinent information that can make or break your court case. As communication and content creation has primarily shifted to electronic formats, eDiscovery has become ever more critical.

You also need to care about eDiscovery because you can be legally obligated to act on it. In the United States, the Federal Rules of Civil Procedure contain amendments that govern the process of producing, requesting, and responding to requests for ESI. Outside of the U.S., other countries have rules that govern the production and response to documentation during a legal proceeding. 

Attorneys are ethically required to care about eDiscovery and need to have a certain level of competency concerning technology. You can't fulfill your duties to your client if you don't know how to track down ESI, such as an email or social media posts.

The first part of the Model Rules of Professional Conduct for attorneys requires lawyers to provide competent representation to a client. Competently representing a client means that you have adequate legal knowledge and skill and are thoroughly prepared for their case. It also means knowing how to use technology to best meet your clients' needs, including understanding how to access and use ESI.

The eDiscovery process

As soon as a lawsuit is imminent, the eDiscovery process can get underway. It's up to the attorneys on both sides of a case to determine the scope of eDiscovery. No matter the scope of the process, it will follow the same basic steps. Additionally, eDiscovery is governed by a framework known as the Electronic Discovery Reference Model.

Electronic Discovery Reference Model (EDRM)

The EDRM framework was created in the early 21st century in response to the limited standards governing eDiscovery. EDRM illustrates the eDiscovery process by walking people through nine stages.

Some people say that EDRM is two-sided, focusing on both process and data.

If you decide to use EDRM, it's essential to remember that the framework is just that. It's not a hard and fast way of moving through the eDiscovery process. You might find that you can use some of the steps but not all of them. You might also discover that you need to rearrange the order of the steps to meet your needs best and uncover any relevant data.

Take a closer look at the stages the EDRM uses.

Information government determines how long an organization retains a particular piece of content, such as for six months, two years, or indefinitely

1. Information governance

Information governance refers to the metrics, standards, policies, and processes an organization employs to ensure they use information effectively and efficiently. It also refers to the accountability framework and decisions rights the organization uses when deciding how to create, store, use, archive, or delete content.

Another way to understand information governance is as a process that oversees the lifecycle of content. Information governance determines how long an organization retains a particular piece of content, such as for six months, two years, or indefinitely.

It also determines what happens to a piece of content when it becomes inactive. The content might be archived for a set period, such as one or five years. After that, it might be permanently deleted.

Information governance also dictates how an organization protects data. It defines the security systems and measures used to keep content safe from bad actors. You should also determine who can access content through your information governance policy and how an individual can get access. Finally, information governance should comply with any regulatory requirements, such as the Health Insurance Portability and Accountability Act (HIPAA) or other privacy protection measures.

One notable benefit of information governance is that it can streamline the eDiscovery process. It allows you and your team access to the content you need when you need it.

You can use a range of techniques and tools to identify relevant and useful ESI, such as: interviewing clients and witnesses, reviewing the facts, analyzing the data

2. Identification

In the past, opposing legal teams occasionally responded to a request for information with a "document dump." Attorneys would bring over boxes of documents containing information that the opponent might or might not find useful. A document dump was generally considered a hostile action, as it would take the other team a considerable amount of time to sift through the documents to identify anything relevant.

Identification is also part of the eDiscovery process. Your team needs to sift through ESI to identify the information that's relevant to your case and that supports any arguments you want to make. In the identification phase, you can request information from the other side and sift through your own ESI to find relevant content.

While the other side isn't likely to send over a truckload of paper files anymore, it can do the electronic equivalent, the "data dump." With a data dump, the opposing side sends over massive amounts of data, which might or might be usable, and essentially tells their opponent to figure it out.

You can use a range of techniques and tools to identify relevant and useful ESI, such as:

  • Interviewing clients and witnesses
  • Reviewing the facts
  • Analyzing the data

3. Preservation and collection

Any data that could potentially be relevant for a lawsuit needs to be preserved. The instant there's the slightest hint or rumor of litigation, any parties involved have a legal obligation to preserve relevant ESI, protecting it from spoliation.

A legal hold is a common way to preserve ESI but is far from the only preservation method. Your company can place a legal hold on ESI by having your legal team send a notification to employees, telling them not to delete any content that could be relevant to a new or anticipated case.

Another way of preserving ESI is to collect it and store it in another location. For example, you can copy any relevant ESI and keep the copies in a centralized location, such as the Content Cloud. Collection ensures you have a backup copy if the original document gets destroyed or lost.

You can also preserve ESI by locking it down. ESI that's locked down can't be deleted permanently. The file is either impossible to delete or produces a backup copy of itself when a user attempts to remove it.

After preserving data, you need to collect it and store it in a centralized location so it's accessible to those who need it. You also need to ensure that the data doesn't become corrupted during collection.

Processing typically involves deleting meaningless data, moving files from folders, and converting file formats as needed

4. Processing, review, and analysis

During processing, ESI is prepared for attorneys to review and analyze. It's usually not performed manually but by a software platform. Processing typically involves deleting meaningless data, moving files from folders, and converting file formats as needed.

After processing, the ESI is ready for review. The review stage often consists of multiple parts. The first review phase might see an attorney briefly skim over content to determine if it's relevant or not. ESI that falls into the relevant category moves on to the next phase of review and gets examined more closely.

Key to the review and analysis process is understanding what to look for. Anyone reviewing content needs to know the basics of the case and the strategy. They should also have a list of tags to use to sort files based on relevancy and content.

5. Production and presentation

Relevant ESI gets produced when it is sent to the parties, such as the opposing attorneys, that need it. During presentation, the ESI is shown during the court proceedings, at preliminary hearings, or during depositions.

eDiscovery rules

In the U.S., several rules under the Federal Rules of Civil Procedure are key to the eDiscovery process. Some things to keep in mind to comply with the rules are:

  • There's no one set way to complete the eDiscovery process
  • Don't overburden the other side with excessive, irrelevant data
  • Agree to ground rules for the discovery process in advance
  • You have the right to request a certain format for the ESI
  • You can be sanctioned if ESI is destroyed that shouldn't have been

eDiscovery challenges - the gap between legal and tech teams, a high volume of available data, data safety and security, differing laws, cost

eDiscovery challenges

The value of eDiscovery is clear, as it provides legal teams with the information they need to create a compelling case during a trial. There are also some challenges involved in the process. Using the right content management platform can help you streamline and minimize potential eDiscovery challenges.

The gap between legal and tech teams

In the days of paper-based discovery, attorneys didn't necessarily need the help of the tech or IT team to access the information they needed. With ESI and eDiscovery, that's not necessarily the case. An attorney might need tech support to download files or otherwise gain access to them.

The legal team and the tech or IT team need to work together to help the eDiscovery process go smoothly. Both teams need to find a common language to ensure they're on the same page about ESI.

A high volume of available data

Document dumps aren't exactly new, but a paper-based document dump pales in comparison to the potential size of an electronic data dump. A high-profile legal case can involve massive amounts of data, often in the region of a few terabytes or millions of documents.

Additionally, new file formats are regularly introduced, meaning that you might not have the methods or tools required to open them.

Fortunately, AI can scan through ESI quickly, filtering out the relevant information from the useless. You also have the right to request a specific file type to minimize the chance of being sent files you can't open.

Data safety and security

Security can be a concern during eDiscovery, particularly if the shared ESI contains confidential information. Security risks take several forms. The data can be intercepted by a bad actor when it's in transit from one party to the other. There's also the risk that an unauthorized individual on the other side will access the information.

Encrypting the ESI as it's in transit will help minimize the risk of interception. The data should also be encrypted when it arrives on the other side. Anyone who needs to access it should use a password to unlock the data and decrypt it. Two or multi-factor authentication adds another layer of security.

The eDiscovery process can also put your company's other data at risk if there isn't a barrier or wall between the ESI you're sharing and the rest of your data. For that reason, your company's general data must be uncoupled from the ESI you're sharing in the eDiscovery process.

You should also have a deletion date for any data shared during eDiscovery. The opposite side shouldn't retain access to the ESI once the trial is over or the case has settled out of court.

Differing laws

You might need to share ESI across country borders, which can mean that you have different laws to consider. Some countries might have stricter privacy and compliance rules than others. As a general rule, it's a good idea to follow the regulations of the country with more stringent requirements. Using a content management platform that complies with international regulations ensures that you follow the rules, no matter what country you need to share information with.


The cost of eDiscovery can be prohibitive. If your company hires individuals to review data manually, you might have to pay in the high six figures or even seven figures based on the time spent processing the data. Using a software platform that automatically sorts ESI can help to reduce the expense.

Box lets you improve the eDiscovery process, from identification to collection and preservation

Box's approach to eDiscovery and legal holds

Box helps you improve the eDiscovery process, from identification to collection and preservation. Most importantly, Box streamlines eDiscovery without negatively affecting the end user's experience. With Box, all of your ESI is centralized, meaning you don't have to spend time and money on legal holds. Your team members don't have to travel from department to department collecting information or requesting holds.

The Content Cloud also lets you keep all the documents in a central location. You can search for the ESI you need using keywords and metadata filters. Since all of your content is in Box, you don't have to sift through multiple hard drives or file servers to find what you need.

Box also offers security features, such as watermarking and audit reports, which allow you to keep a close eye on your data and to ensure only authorized users get access to it.

Contact us for a quote and to learn more about Box today

Learn more about Box

Our eDiscovery tools are just one of the many solutions Box offers to legal teams. The Content Cloud can help your law firm or legal department streamline case management, improve compliance, and automate workflows. Moreover, Box helps enterprises in every industry ensure proper retention and governance of all their content.  Contact us for a quote and to learn more about Box today.

**While we maintain our steadfast commitment to offering products and services with best-in-class privacy, security, and compliance, the information provided in this blogpost is not intended to constitute legal advice. We strongly encourage prospective and current customers to perform their own due diligence when assessing compliance with applicable laws.