As the United States continues to debate proposed amendments to the Federal Rules of Civil Procedure, the International Organization for Standardization (ISO), in partnership with the International Electrotechnical Commission (IEC), is moving forward with the development of an international e-discovery standard ISO/IEC WD 27050, Information Technology – Security Techniques – Electronic Discovery. National standards organizations from 53 countries are participating in the standard development process as part of Subcommittee No. 27 on IT Security Techniques. The U.S. representative is the American National Standards Institute, which formed the International Committee for Information Technology Standards (INCITS) to serve as the U.S. Technical Advisory Group (TAG) to the project.
The subcommittee began developing the standard in April 2013. In October 2013, the subcommittee divided the proposed standard into four parts:
- Part 1: Overview and concepts, which “will provide an overview of electronic discovery, including terminology, concepts, and processes that can be leveraged by the other parts as well as other standards.”
- Part 2: Guidance for governance and management of electronic discovery, which “will describe how personnel at senior levels within an organization can identify and take ownership of risks related to electronic discovery, set policy relating to electronic discovery, and achieve compliance with external and internal requirements relating to electronic discovery as well as how to implement and control electronic discovery in accordance with prevailing policies.”
- Part 3: Code of Practice for electronic discovery, which “will provide requirements and guidance on activities in electronic discovery, including, but not limited to identification, preservation, collection, processing, review, analysis, and production of ESI as well as specifying relevant measures that span the initial creation of ESI through its final disposition.”
- Part 4: ICT readiness for electronic discovery, which “will provide guidance on the ways an organization can plan and prepare for, and implement, electronic discovery from the perspective of both technology and processes.”
The next step is a meeting of subcommittee participants on April 14-15 in Hong Kong. To receive a copy of the draft proposals, interested parties can send a message indicating interest and requesting a subscription to a Google group. They can formally participate and enjoy full voting rights by joining the Storage and Evidence Ad Hoc Committee of INCITS CS1.
The Pros and Cons of Global E-Discovery Guidelines
As ANSI notes, “the standard has the potential to provide important clarification on electronic discovery related issues that have not been directly addressed in the U.S. Federal Rules of Civil Procedure (FRCP) . . . or in relevant state electronic discovery statutes.” Admittedly, the development of a global standard could limit discovery disputes and offer other benefits to U.S. companies. For example, e-discovery service providers could establish compliance with the ISO standard and give organizations and courts comfort that their e-discovery techniques are sound. The ISO might also set guidelines that courts could apply in determining the reasonableness of discovery processes, such as information governance protocols or the measurement of precision and recall in technology-assisted review.
However, a uniform standard could also have unwanted effects, particularly on domestic litigation. For example, the standard could severely limit the broad discovery currently permitted in the United States if it emulates foreign discovery processes. And, if the privacy rules of other nations were to become part of a standard governing data collection or processing, it could create a conflict not unlike the one litigants currently face with foreign blocking laws and the EU’s Data Protection Directive.
In sum, although having an international standard could be an important step forward to unify an otherwise muddled universe of rules, the devil is in the details. The guidelines must take into account the various inconsistent jurisdictional issues facing discovery and disclosure to succeed, yet at the same time, their efficacy will depend on the specific provisions included and their interpretation.