Know What Ya Got: 5 Forensic Challenges as the Pandemic Continues

In 1988, glam metal band Cinderella released the power ballad “Don’t Know What You Got (Till It’s Gone).”  Thirty-two years later, while tens of millions work from home, the relevance of that title has never been more apropos, albeit this time around it’s not about love.  While many companies have developed contingency plans in preparation for geopolitical or environmental threats, they are scrambling to adapt to the coronavirus pandemic and the decentralization of data, devices and software.  With COVID-19 mandating reliance on remote work, how will this massive shift in the workplace impact compliance, electronically stored information (“ESI”) preservation, and collection efforts moving forward?

The importance of segregating computer behavior and data storage practices from corporate versus personal hardware has always been a company challenge.  Evermore, employees, now largely working from home, will find themselves using personal devices to conduct company business, or vice versa.  Companies must now ask themselves: Do you have a clear directive on the rules around data and device usage that addresses work from home scenarios?  How does that play in reality? Well, imagine yourself as the requesting attorney on a document production, or in-house counsel issuing a litigation hold and preservation letter to 50 custodians.  What are you including in that list as devices and sources? How can anyone ensure proper preservation and collection of data when a workforce is able to utilize any device in their home?

Not a secret to many, corporate data stored on personal devices (and personal data on corporate devices) is discoverable and it is important to note forensic examiners cannot distinguish between personal versus company data.  So, before you wipe your personal hard drive, or insert that flash drive with your family photos into your corporate laptop, here are just a few suggestions to help avoid the Cinderella lyrical statement, “Don’t know what it is I did so wrong.”

1. Doc Retention Policy: Review your organization’s document retention policy and how it applies to data residing on personal devices – leaving data outside the company’s standard information systems means they may not be addressed in accordance with company policy. This is especially important when managing litigation holds.
2. Logging of BYOD: Maintain proper logging of personal bring your own device (“BYOD”) devices used for corporate business. This will ensure that any such devices can, at the very least, be considered for search or collection to the extent they might contain potentially relevant data for a matter.
3. Co-mingled Devices: Educate employees on the legal implications of co-mingled devices. Storage of certain information on personal devices could, at times, be a violation of applicable data security laws. In any case, this makes such information vulnerable in the event personal devices are lost or stolen.
4. Corporate Compliance Policies: Establish and enforce corporate policies for all communication channels while working remotely, like video chat settings/recordings (Zoom, Slack, Teams, etc.).
5. Domestic Challenges: Oftentimes, our personal devices are often passed down to children, friends and/or family. Considering the confidential nature of client or corporate information, or data potentially shared pursuant to a non-disclosure agreement (“NDA”) or confidentiality agreement, the fact that the information is, or may become, accessible to others, is a minefield!

What the future holds in terms of preservation and collection, no one knows for sure.  Without initiating draconian measures on legal professionals, it will be difficult to limit the use of personal devices and minimize an inevitable increase in the co-mingling of personal and company data.  So, before you have to ask “Who’s to blame?” companies should “take time to think it over,” communicate, establish guidelines and bring awareness to employees, cause this data “ain’t easy to get back.”  Above all, one thing is certain: the new legal area of remote workforce is here to stay, unlike 80’s glam metal bands!