Advising Your Client About Metadata
Law.com, August 27, 2008
As if the Federal Rules of Civil Procedure (FRCP) weren’t complicated enough, another issue has been brought to the table – metadata. What is metadata exactly? As this article simply states, “…metadata provides technical, ‘behind the scenes’ information about an electronic file, and some electronic files contain thousands of pieces of this information. For example, an e-mail file has more than 1,200 metadata properties, including sent and receipt dates, reply, forward and copy information, and sender address book information.”
Although the FRCP provides a set of standards that one should follow when producing ESI, it doesn’t exactly address metadata. In other words, should legal executives include metadata in the e-discovery process? Some courts rule that it should be, while others believe it isn’t required. Depending on each circumstance and the way in which it influences a specific case, metadata might be something lawyers will want to look into. However, as this author points out, doing so should require careful thought and preparation due to the complicated issue at hand.
“The review of metadata is highly technical, making it necessary for parties on both sides to expend additional resources to train attorneys on these technical matters. Lawyers should therefore be mindful of the increased burden they are placing on themselves, as well as their adversaries, if they request unnecessary metadata.”
This article takes us back to an interview Surety CEO Tom Klaff did with Metropolitan Corporate Counsel last year, where Tom discussed some of the dangers associated with the authentication of electronic records and metadata:
“Authentication becomes a critical issue when dealing with native electronic records. Whenever a native file is opened, the metadata associated with that record changes to reflect the time that file was opened and by whom. Technically, the file was altered, resulting in a chain of custody issues. Based on the Federal Rules of Evidence, companies must be able to prove that throughout a record’s chain of custody, its intended content and metadata are pristine. If they are unable to do this, the file may not be legally admissible.
One way to remove all metadata from electronic evidence is to print and store redundant copies of each native file, but this is costly, burdensome and would require an unimaginable amount of space to achieve. Beyond this, the printed records would be prone to forgery and spoliation. Alternatively, record managers could also convert each file into image files, such as TIFF or PDF, but those file formats can be easily compromised with commercial off-the-shelf software.
Trusted time-stamping cryptographically seals native electronic records, proving to all stakeholders, even during the e-discovery and review process, that the file and its metadata were never altered, even when opened.”