The International Organization for Standardization (ISO) is an international body that develops voluntary international standards for everything from the sterilization requirements for health care products to banking telecommunication message systems. The ISO has recently formed a committee within their cyber security unit to develop standards for the e-discovery process. These standards, if written, would help put in place procedures for legal staff and technology providers to better understand how to handle digital data.
The ISO has stated that the goal behind creating these standards is to help lawyers and judges sort through technology issues that can be both time consuming and costly to deal with in court. The ISO currently has a set of quality control procedures known as the ISO 9001 which requires “documented procedures” of the following activities:
- Control of documents
- Control of records
- Internal audit
- Control of nonconforming product
- Corrective action
- Preventive action
The new procedures would cite these procedures in an effort to help streamline the process as the ISO 9001 is currently used by over one million businesses. In discussing the committee’s new task Eric Hibbard, co-editor of the project, stressed the importance of standards for the e-discovery industry by commenting “because it really is a relatively new industry, a lot of people do things their own way.”
There are concerns that because e-discovery is a relatively new concern in courts, that perhaps the ISO is jumping the gun on creating international standards. Many judges and courts are just now starting to put into place firmer e-discovery expectations and requirements. It may be too early to set a global standard while these issues are still pending. Although, by the same token, the ISO might be able to help courts facilitate the accepting of a broader, more global approach to the discovery procedures.