New survey by Symantec highlights impact of FoI Act – Guest article by Allison J. Walton, Esq, eDiscovery Counsel, Symantec Corporation

 

The federal government faces unique challenges as both a record keeper for the purposes of the Freedom of Information Act,[1] and as a repository of information for American citizens. State and local governments face similar challenges, but on a smaller scale. These record keeping challenges include:  large amounts of data, complex records schedules, legacy/outdated systems, migrations from paper to digitized records, limited resources, tightening budgets and changes in political agendas that may derail even the most well-intentioned information management efforts. This article explores recent survey results from the federal government on the topic of information governance[2] and discusses how the Presidential Mandate[3] may be driving more than just a records management overhaul.

In an effort to assess the government’s plans to address these information management challenges, Symantec Corporation recently commissioned a survey on information governance at the largest eDiscovery event in Washington, DC, the EDGE (eDiscovery in Government Education) Summit. The goal was to learn from respondents in the midst of complying with the Presidential Mandate, and to glean more information about how respondents plan to address information governance as a whole. The survey polled IT staff, FOIA agents, records managers, lawyers, paralegals and investigative agents focusing on questions relating to the umbrella concept of information governance. The results yielded some insightful data about the mindset of the government with regard to big data and what the top priorities are for information governance.

The survey was timely as it came on the heels of both the town hall meeting held by the National Archives Records Administration (NARA) in Washington, DC, in March, as well as the Presidential Mandate itself.  On November 28, 2011, the White House issued a Presidential Memorandum that outlined what is expected of the 480 federal agencies of the government’s three branches in terms of data management. Up until now, Washington, DC has been the Wild West with regard to information governance since each agency has often unilaterally adopted its own silo-ed policies and systems. The Presidential Mandate aims to bring agencies into the 21st century with regard to their technology, and to create a more uniform records keeping regimen across all agencies.

In response to the mandate, reports from each of the 480 agencies were due to NARA. The mandate, in conjunction with the much-anticipated guidance on best practices for records management to be released by NARA in late July, 2012 has the government revising their infrastructures and workflows with regard to records management.

Records Management Evaluation Leads to Information Governance

Because there are many considerations when investing in a records management overhaul of this magnitude, other components are necessarily becoming part of the initiative. Inevitably, what was intended to be a records management initiative begins to spill over into an information governance initiative. This is further evidence that these processes and decisions are all inextricably connected, since records management is not totally unrelated to eDiscovery. A good example of this evolution on a macro level is how, when an agency seeks to proactively classify records according to a schedule, that agency must also think about how long that record will be retained and where it will be archived. In doing so, the agency must also consider how the records will be collected and retrieved when needed for FOIA requests or litigation. Additionally, a savvy agency must also consider how to place a record on legal hold[4] via automated legal hold capabilities, and how to secure preservation past the normal lifecycle of the record should it be necessary.

The aforementioned considerations naturally raise questions for each agency about what systems are currently deployed and how technology can automate existing processes to make them more efficient and cost effective. Automated data classification for records, archiving for data lifecycle management with retention and expiry parameters, and in-house eDiscovery tools for identification, collection, processing, review and production all come into play.

As departments within agencies become less silo-ed and communication across IT, Legal and Records Management become more integrated on policy and technology levels, the government is wisely seeking more holistic end-to-end solutions. Technology is available to streamline information governance, and where the government is behind they will need to invest dollars to become current as the playing field in the litigation landscape is leveling.[5] The manual management of complex data procedures is nearing impossibility due to the amount of data generated[6] and requirements regarding how data is governed.

The Survey Results

Symantec’s survey results uncovered the Freedom of Information Act as the primary driver for agencies seeking to procure an information governance solution, identified as a concern by 73% of respondents. Historically, FOIA was not a primary concern for the government, but pressure from the President has prioritized FOIA productions. FOIA requests have increased, and government performance has improved. The backlog of FOIA requests has decreased dramatically due to the adoption of enabling technologies. Agencies that have not deployed technology to assist in FOIA requests continue to struggle with manual processes that impede their production timeframes and leave them having to redact information manually. This also exposes them to the possibility of a privacy breach since manually redacting documents has a high margin for error. Not far behind FOIA requests, litigation and congressional investigations were two other top drivers for implementing technology to address the data explosion and government requirements

The Survey also revealed strong interest in information governance, but showed that comprehensive adoption and purchasing decisions still lag. A staggering 95% of respondents reported that they are internally discussing these solutions, yet only 16% have actually moved forward.  The results indicated that over the next two years, the percent of agencies that will implement an end-to-end solution is expected to triple, from 16% to 52%. Respondents also reported the three most important activities surrounding information governance to be email/records retention (73%), data security and privacy (73%) and data storage (72%).

Conclusion

Presently, there is no central template for each agency to follow. In fact, this is why NARA was charged with this records directive. The aim is to bring organization and efficiency to the record’s process, at a minimum. The hope is that this initiative will address much more than just records, and as evidenced by respondents’ plans to institute an end-to-end information governance plan, it looks as if that this will be reality. The agility an end-to-end information governance solution provides is ideal for government organizations that have large data volumes and must collect, analyze, review and produce that data. Government agencies are also increasingly looking for ways to link intelligence together across agencies for matters unrelated to records information management, FOIA and litigation.

In anticipation of NARA’s directive this July, it is important to note the positives. For example, agencies have taken inventory of their systems, have done some research on solutions and are planning to implement them. The beauty of instituting technology to automate data management is that an end-to-end solution offers flexibility to manage, search, identify, collect, preserve, review, analyze and produce data for many purposes, whether for records management, FOIA, or litigation. One system can accomplish many goals efficiently and provide for efficiencies and cost-savings that private sector has already realized.

 


[1] The Freedom of Information Act (FOIA) is a law that gives you the right to access information from the federal government. It is often described as the law that keeps citizens in the know about their government.

[2] Gartner, a leading technology research firm, defines information governance as the “specification of decision rights, and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information. It includes the processes, roles, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.”

[3] Section 1Purpose.  This memorandum begins an executive branch wide effort to reform records management policies and practices.  Improving records management will improve performance and promote openness and accountability by better documenting agency actions and decisions.  Records transferred to the National Archives and Records Administration (NARA) provides the prism through which future generations will understand and learn from our actions and decisions.  Modernized records management will also help executive departments and agencies (agencies) minimize costs and operate more efficiently.  Improved records management thus builds on Executive Order 13589 of November 9, 2011 (Promoting Efficient Spending), which directed agencies to reduce spending and focus on mission critical functions.

[4] A legal hold or litigation hold, also known as a “preservation order” or “hold order” is a temporary suspension of the company’s document retention destruction policies for the documents that may be relevant to a law suit or that are reasonably anticipated to be relevant.  The trigger for legal hold is “reasonable anticipation of litigation.”

[5] Nat. Day Laborer Org. Network v. United States Immigration and Customs Enforcement Agency (2011) established the government must make their productions in a readily usable format, including metadata fields that they require of producing parties.

[6] The IDC analyst group predicted 2011-12 would see a higher use of multi-terabyte datasets for business intelligence and analytics, otherwise known as “big data.” Their statistics also show data use expected to grow by as much as 44 times, amounting to some 35.2ZB (zettabytes — a billion terabytes) globally.