There’s been a lot of talk lately that the eDiscovery industry is maturing. Then you hear stories like this.
Apparently, New York City-based DiscoveryWorks CEO Harry DeBari told GlaxoSmithKline PLC to pay him $80,000 he feels is owed or he would destroy as many as 3.7 billion pages of documents kept in unknown locations. Or, as the complaint filed by GlaxoSmithKline read, DeBari is “holding hostage over 20 terabytes of GSK’s most sensitive and confidential data, and threatening to withhold and destroy the data unless GSK pays the ransom.”
There was a time when eDiscovery vendors started as copy shops that slapped a name like “DiscoveryWorks” on their vans, bought a couple of scanners, and called themselves an eDiscovery company.
While they pretended to be sophisticated digital processing companies, their back-end processes were still little more than those of a glorified document delivery service. While there are fewer of those companies around, a few still manage to get big clients like GSK.
Stop or I Shoot the Hard Drive
We don’t know if GlaxoSmithKline legitimately owes Mr. DeBari a large sum of money. But data should never be held hostage like this. (We should also note that Mr. DeBari has had a lot of people demanding money from him.) How is it possible that 20 terabytes of data would be handed over without a clear understanding of ownership or agreement over how to dispose of the data?
Michael Van Arsdell with Crowell Morning in Washington, D.C. lists some obvious negotiating points to ensure this kind of hang-up never happens. These include negotiating archiving costs, certification that data is destroyed at the end of an engagement, and the return of any hard drives or media.
Of course, modern eDiscovery vendors should have these kind of policies baked into their offerings already. For example, Nextpoint doesn’t charge to export data. When it’s time to export or delete data at the end of a matter, that is normally kicked-off by the user (we don’t approve them or otherwise restrict them).
It’s a simple, straightforward approach that gives the user full control. You always know where your data is and fully control how it is managed. It’s surprising that a large company like GlaxoSmithKline would let 20 terabytes of data reside in “unknown” locations under the control of an individual user not directly employed by the company.
They likely engaged DiscoveryWorks on this matter years ago that is just now being resolved. But there is no longer a reason to give your data to a third party without maintaining control.
To avoid running into the same kind of tight spots, it is important to consider the provider’s expertise, technical specifications, and storage policies in data storage, before putting your data in their hands. Our previous blog post on “Tips for Choosing between eDiscovery Vendors” outlines important guidelines for consideration that can help your firm make an informed decision.