Let’s me take you back to 1970—an exciting year with some impactful highlights. Paul McCartney announced the Beatles were disbanding. Boeing 747 made its first commercial passenger trip to London, and The Federal Rules of Civil Procedure (FRCP) mentioned data for the first time amended to include Rule 34. In laymen’s terms, this was the first time the courts built rules around collecting data for litigation.
Of course, a lot has changed since then. Data collection has evolved rapidly over the past 50 years, with increased technology, market saturation, and growing price sensitivity to those seeking the service. Recent innovations like cloud services have brought data collection into the mainstream of legal practice. Making it easier and cheaper to store data than ever before. A few clicks and you can have your very own server storing data for you.
Now more and more in-house teams taking over the process of internet investigations. At the same time, amateurs and contractors rush to fill demand since the skillset would seem to have a lower barrier to entry. However, relinquishing the housing of data to the cloud has introduced confidentiality and security concerns.
New software programs using Technology-Assisted Review (TAR) have presented themselves as quick and inexpensive fixes. While TAR is undoubtedly a useful tool, especially for simple cases, the complexities of litigation and legal regulations often require more expertise than artificial intelligence and automation can manage.
It is not, however, necessary to ignore internet investigations and insist on old school, time-consuming discovery practices across the board. Instead, law firms and their personnel should identify where introducing technology makes sense for their practices. For example, are the tools they are introducing compliant with important confidentiality and security regulations, time efficient, and cost effective? For many firms, this latter consideration is a real pain point. They may have been badly burned by software or automation in the past, and wary about using outside vendors.
How does one accurately evaluate whether a service is worth it? Given data privacy concerns, we recommend you only work with data compliant companies, which you can judge by looking for the following:
- Data encrypted in transit and at rest
- SOC 2 Compliance and Certification proof
- ISO 27001 & 27002 Data Compliant proof
Furthermore, ask about real-world applications of their process. Have they worked with high profile cases? In how many significant legal cases have they participated? How many subjects have they investigated in a year? Only industry leaders will have answers to these questions. For example, SMI has proof of all it’s compliance standards and has extensive differentiators, such as working with 5,000 subjects in 2019. Investigation cases for seven of the ten largest employment firms, and screening incoming athletes for a major sports league.
Can your in house team or outsourced internet investigators say that?