No one should be surprised, least of all government managers responsible for data, that legal discovery is getting more rigorous when it comes to electronically stored information.

The number of requests for production, or discovery, has been increasing for years. Some old-timers can remember when the Department of Justice launched the historic antitrust case against IBM on the last day of the Lyndon B. Johnson administration. IBM, like many other companies' regulatory-compliance responses, delivered trailer loads of paper files to the department.

Electronic records have garnered more attention as government relies more on electronic records and electronic communication (which is now designated as an electronic record). Also, attention has increased as the rules on these electronic communications expand. For example, rules on e-mails designated as public records specify that a record comprises more than just the e-mail's text. The format, editing history, forwarding history and other metadata are all considered part of that electronic record and must be accounted for.

Indeed, electronic records alone are not the only fair game for legal e-discovery. Everything a government department or agency creates is, for legal purposes, "discoverable." Photos, instant messages, voicemail messages, documents (all hard copy and electronic versions, no matter who edited them and when) and e-mail -- regardless of how trivial -- are considered "enterprise content" and must all be presentable in an e-discovery process.

There is no getting around an e-discovery process. It is in an agency's best interests to address e-discovery needs sooner rather than later. Case in point: As part of e-discovery laws, the judiciary is directed to ascertain whether an organization has adequately managed its electronic information. Organizations that can demonstrate good information management practices are granted leniency, or a "safe harbor"; those that do not are subject to direct access to their information systems.

Compliance is now law. And the consequences for not complying -- for not being prepared in an e-discovery situation -- can be devastating.


Understanding E-Discovery
The first step to understanding the e-discovery process is to define the terms.

E-discovery is the U.S. legal process through which attorneys obtain information in electronic form in response to litigation or regulatory action. The e-discovery process involves full disclosure of all electronic information relating to the matter at hand. That electronic information includes ordinary office documents, e-mails, Web sites, voicemail messages, employee cell-phone records and instant messages.

That also means every mobile device -- every notebook PC, BlackBerry, PDA, cell phone, thumb drive and flash memory card -- is considered a repository of discoverable data.

You may be asking: Why now? What has changed?

Good questions.

• In September 2006, civil procedure rules regarding discovery were revised to explicitly cover electronic records. The rules were put forth by the Committee of Rules of Practice and Procedure of the U.S. Judicial Conference. These rules aren't just for companies. They apply to government agencies as well.
• Federal IT and information managers now operate under guidelines in the Federal Enterprise Architecture Records Management Profile. These, plus other recent rules from the National Archives and Records Administration, rule out any investments in new IT systems until an agency can clearly specify its record management procedures.

In other words, it is no longer merely good information practice to create and store records so that they are retrievable. The ability to respond to an e-discovery court order requires more than a good records management system because e-discovery applies to all electronic content.


Meeting Demands
So how do government CIOs and IT staffs deal with it all? In three essential steps: assess, plan and implement. Within each step, you'll need to address the question of policies and products.