Dean Gonsowski, eDiscovery attorney for Symantec (, says:

Symantec recently issued the findings of its second annual Information Retention and eDiscovery Survey, fielded by Applied Research, which examined how enterprises are coping with the tsunami of electronically stored information (ESI) that we see expanding by the minute. Perhaps counter intuitively, the survey of legal and IT personnel at 2,000 enterprises found that email is no longer the primary source of ESI companies produced in response to eDiscovery requests. Email came in third place (58 percent) to files/documents (67 percent) and database/application data (61 percent). The primary takeaway should be less about the relative descent of email’s importance, but instead should be seen as the ascendency of other data types (including social media), which now have an unquestioned seat at the table.

To cope with this new reality, organizations need to prepare for eDiscovery and governmental inquires by casting a wider ESI net, expressly including social media, cloud data, instant messaging and structured data systems. Forward-thinking companies should map out where all electronically stored information resides company-wide so that these important sources do not go unrecognized. Once these sources of potentially responsive ESI are accounted for, the right eDiscovery tools need to be deployed so that these disparate types of ESI can be defensibly collected and processed for review in a singular, efficient and auditable environment.

In another survey, corporate boards were increasingly concerned about risk management with more than half of respondents identifying it as the topic they should be spending more time on, and 61 percent saying that their liability risk has increased during the financial downturn. Despite the numerous risks associated with bad eDiscovery hygiene, the Symantec survey found nearly half of the respondents did not have an information retention plan in place and of this group only 30 percent were discussing how to do so.
Treating eDiscovery as a repeatable business process isn’t a Herculean task, but it is one that can’t be accomplished without good information governance hygiene and the profound recognition that email isn’t the only game in town.