In our article Interrogation of big data we outlined some of the key tools and search methods used to effectively and efficiently facilitate the interrogation of big data. In this article we take an in-depth look at one particular tool of the interrogation trade: communications mapping.
It is estimated that around 90% of business data is now stored electronically, usually coined as ‘electronically stored information’ (ESI). It is also clear that businesses are custodians of a vast array of ESI, in the form of files on desktop computers, laptops, external servers and mobile media storage devices such as USB’s, mobiles and tablets. Therefore, when initially faced with a large internal investigation or disclosure exercise, the volume of data that the parties may need to sift through and review can be rather intimidating. It can be hard to even find a place to start.
In this context, using communications mapping as part of the initial assessment and overview analysis of the data held can be very helpful. It can seek out potential lines of investigation as well provide a more general overview of communications lines with a business, highlighting any potentially wayward patterns of behaviour.
As noted, communications mapping is part of what is referred to as ‘early case assessment’. The process is a simple, yet effective, way of gaining a snapshot view of employees’ communication. As a first step, the information is uploaded onto the digital review platform and each piece of data is designated a ‘custodian’. This will in almost all cases be the originator of the data, for example the person who created the document, or sent the email.
The platform then analyses all of this data and from this creates a visual and interactive ‘communications map’. This is a visual diagram showing in a concise and easily digestible form the instances where a custodian of a piece of data has sent it on to another person (or business). The diagram below is an example of a simple communications map, from the digital review platform Stroz Friedberg:
The different colours note the frequency of the communications; Black indicates a low level of communication, green a medium level and red for frequent communications. From this diagram, the reviewer can see that the individual ‘Vince J Kaminski’ has a high volume of traffic going from his business email address to his personal email address. It is then possible to drill down from here to see the exact number of communications, in this instance 178. This may be entirely innocuous, but the fact there is such a high volume of traffic leaving the workplace to a personal account could also give rise to suspicion.
The reviewer can then dig deeper to see exactly what those communications entail and gain an understanding of whether the behaviour was, in fact, innocent, or whether the individuals involved pose a risk to the business. By clicking on the arrows, as can be seen in the image, the reviewer will be automatically shown a list of the communications, and can then click into each communication to see each of these documents individually. This can be a very helpful way of uncovering potential issues within a business that require to be dealt with, and may lead to further internal investigations.
Communications mapping is, therefore, an effective way of detecting potentially bad behaviour within a firm and managing any risk that may result.
If we can help with your disclosure issues please contact John Mackenzie.
Learn more: Listen to our eDiscovery webinar
- Big data
- Interrogation of big data
- eDiscovery: focus on deduplication
- eDiscovery: focus on predictive coding
- Focus on concept clustering
- eDiscovery – Using Keywords to Find the Needle in the Haystack
- Technology Assisted Review (TAR) approved by the Irish Courts
- Focus on proactive uses for eDiscovery