The social media eDiscovery conundrum

Social media has played an increasingly important role in both the consumer marketplace and the enterprise landscape, likely the result of the ability to connect with businesses and prospective clients for relatively no cost. However, social media has also been at the center of many eDiscovery discussions, as recent court proceedings have illustrated the need for responsible behavior in the social-sphere on behalf of businesses.

The process of mitigating the eDiscovery risks of social media are similar to the processes associated with email or document archiving and management, though the speed with which information travels in social media heightens the threats substantially. Computerworld recently elaborated on the difficulties experienced when managing social media for eDiscovery purposes.

Risks propagate at speed of a click

Computerworld explained that most business executives have been slow to allow social media use in the enterprise, as regulatory compliance surrounding the communications technology is still in its fledgling stages. Lawmakers are only beginning the discussions necessary to roll out substantial and clear guidance to enterprises regarding best practices and legal statutes.

However, despite the lack of clear guidance, firms can still be held accountable for misuse of social media-derived data should eDiscovery requests be made. For this reason, it is very much on the shoulders of corporate executives to build a comprehensive and relatively bulletproof set of policies to govern social media use.

Further, Computerworld noted that a survey from earlier this year revealed that 80 percent of the more than 200 businesses polled cited already having policies in place to protect the company from social media threats. However, roughly two-thirds of that same group said they do not have the necessary systems in place to truly govern those policies.

Statutes currently in place further complicate issues

The news provider cited the Financial Industry Regulatory Authority Regulatory Notice 10-06, which dictates any business that allows its employees to communicate through social media has a responsibility to retain any related data. This, Computerworld notes, puts businesses in a precarious position, as other laws prevent enterprises from not allowing employees to communicate via certain channels, such as the National Labor Relations Board (NLRB).

One truth does emerge from these tribulations, though, and that is enterprise decision-makers have to proceed with data archiving, be it from social media, email or the like, with due diligence. In this rapidly moving, technology-driven world, knowing personal and professional limits is key to avoid the costly repercussions of negligence.

Information governance as solution

A 2010 EDRM white paper illustrated how enterprises were approaching social media, mobile devices and virtualized storage environments – with extreme caution. In fact, the firm found that enterprises viewed social media as presenting the biggest challenge with respect to eDiscovery, while most respondents believed this will be a consistent theme for several years to come.

In the report, EDRM stressed the importance of strong information governance when approaching new technology, while the firm asserted comprehensive information governance can be the solution to any issue with new technology. This balances the separate – but equally important – matters of employee privacy and corporate data retention obligations.

Companies need to use these policies early, and govern them often, while adapting the rules to the ever-changing business landscape. Since clear guidance is still likely a year or more away from being readily available, executives would do well to know their limits.

Professionals who are not completely sure that their policies are comprehensive and can adequately safeguard their enterprises should consider using an eDiscovery solutions provider to avoid issues stemming from negligent archiving of social media data.