Most IT and legal departments are aware that during litigation, corporate e-mail is going to be requisitioned by the adversary. What many enterprises may not realize is any digital information is vulnerable—including data in wikis and blogs, or files and documents stored in collaborative environments.
The problem for today's enterprises is that users may have set up accounts to create wikis and blogs and share corporate data without the knowledge or involvement of IT or in-house counsel. Failure to produce relevant information may have serious consequences, including fines and other penalties such as an adverse inference ruling.
An even more damaging consequence is a preclusion order, in which the party is prevented from raising certain defenses and making certain arguments; this may result in the company losing the case entirely, says Michael Sands, a partner in the litigation group at Fenwick & West. Sands counsels enterprises in legal discovery.
"We tell clients, the first thing is to get a handle on what you have and where you have it," Sands says. He adds that IT typically starts talking about servers and local drives, and then mobile devices. "Then we say, 'What about wikis and blogs? Or Facebook?' Their faces go blank."
Sands says courts generally don't accept "We didn't know it was there" as an excuse for not producing information. "Stuff can be put in new remote areas and is harder to access, but it's still part of the discovery process, and that's something companies are struggling to understand."
"I'm not sure the courts would be terribly impressed with an argument that says, 'We had a policy that says you shouldn't do that," Sands says.