Social media and the Internet of Things have made corporate record keeping more complex. Businesses must be prepared to collect data from sources other than their own servers.
It used to be that electronic discovery, or e-discovery, could be conducted entirely within a company’s own servers. Email archives and file directories provided a complete picture of corporate documentation. That’s no longer true. Corporate communications are supplemented, or even dominated, by social media, text messaging, connected devices (i.e., the Internet of Things, or IoT), and more, making record keeping much more complex. Businesses must consider and plan for the inevitable requirement to collect electronically stored information from disparate data sources.
In particular, data retention policies can no longer ignore social media sites and the potentially relevant information they hold. In case after case, the courts have upheld the need to not only consider but in fact review and produce data from sources such as Facebook, Twitter, and LinkedIn. The issue is no longer whether social media should be collected but how it can be collected.
It’s important to remember that the standard for discovery of social media is the same as the standard for discovery of any other digital media record under the Federal Rules of Civil Procedure. More often than not, data collected from social media include verifiable metadata and text, and despite what you may think, the data are reasonably accessible. In fact, many social media sites provide application programming interfaces (APIs) that interact with the social media source to capture data. These tools are essential during the collection and extraction process.