Philip Favro of Symantec, in an article called Defensible Deletion: The Cornerstone of Intelligent Information Governance on the eDiscovery 2.0 blog, defines defensible deletion as “a comprehensive approach that companies implement to reduce the storage costs and legal risks associated with the retention of electronically stored information (ESI)”.
He goes on to say that organisations which have done this “have been successful in avoiding court sanctions while at the same time eliminating ESI that has little or no business value”
That is the point, of course, of the word “defensible” in this context. It matters most in the US, where everyone goes in fear of the sanctions bogeyman, apparently without regard to the terms of Rule 37(e) of the Federal Rules of Civil Procedure which reads as follows:
(e) Failure to Provide Electronically Stored Information. Absent exceptional circumstances, a court may not impose sanctions under these rules on a party for failing to provide electronically stored information lost as a result of the routine, good-faith operation of an electronic information system.
Most other jurisdictions can manage without this “safe harbor” because they do not have the same (alleged) reason to fear sanctions. I say “alleged” because if US companies paid more attention to Rule 37(e), they too could set about the deletion of material which is not presently the subject of a legal hold and which is not required for statutory or business purposes. It would help, too, if they read some of the sanctions Opinions which cause such dread to see how many of them were the consequence of the “routine, good-faith operation of an electronic information system”.
If you are short of ROI information to justify the work involved in a defensible deletion programme, try and calculate how much money was spent last year processing and reprocessing useless data for eDiscovery purposes, rejecting it time after time, at considerable expense. There’s a big chunk of ROI there.