Conducting ediscovery in Outlook may be tempting – but although it’s a free and familiar tool, it carries risks and limitations for document review.

Email continues to be the primary source of electronic evidence in litigation matters today, even with all the competing communication channels such as text messages and collaboration platforms. In order to responsibly review and produce emails and their attachments, you need to use the right tool… and Microsoft Outlook is NOT the right ediscovery tool for a number of practical and ethical reasons.

Where is the Email Coming From?

Typically, your client will collect their relevant email, but you need to counsel them on how to properly preserve and transport the data to ensure an intact chain of custody. It should go without saying that you should NOT allow your clients to forward relevant messages to your email software. Those messages are electronic evidence, and when they forward an email to you, then YOU become a link in that chain of custody, which creates complications that can easily be avoided.

The best option is to work directly with your client to collect and export their email as a PST file if they use Microsoft Outlook (Gmail is typically exported in MBOX format). A PST file (Personal Storage Table) can hold a single email or 10 million emails, all with the associated attachments and metadata kept completely intact. A PST file preserves all the communication relationships, ensures all messages (and attachments) are collected from their original source, and secures all metadata regarding sent/received dates, names, addresses, and more. The PST file has been, and continues to be, the standard file format for collecting and preserving email and files from Microsoft Outlook.

Don’t Fall Into the “Cheap” Temptation to Use Outlook for Ediscovery

If you know a PST file was collected from Microsoft Outlook, and YOU have Microsoft Outlook on your computer, you may be understandably tempted to use your Outlook app to view and read through those emails. After all, you already have the app and you use it every day. However, this is extremely dangerous and can create a number of challenges – primarily the risk of evidence spoliation.

Even a “small” case today can involve several thousand emails requiring GBs or TBs of storage space. Your inbox is probably already bursting at the seams with your own correspondence, and loading additional mailboxes from your clients could cause Outlook to slow down or become less responsive.

When you load client PSTs into your own Outlook, you’re adding all those messages to your firm’s data backups and archives. Not only is that a storage burden, but now you have multiple copies of those client messages strewn across your firm’s network, which could cause quite a disruption if you were required to delete all known copies of client data.

Loading client emails into your personal Microsoft Outlook software also means those messages are “live” in the sense that they can be replied to, forwarded, or deleted. We’ll touch on the ethical aspects of that in a moment, but this could also lead to security risks for your firm. Those client emails could contain viruses, malware, or phishing/ransomware links that could be unwittingly unleashed upon your firm’s network. Your firm’s email server may be secured from outside threats, but loading a client’s PST into your Outlook for ediscovery will subvert those precautions and leave you susceptible to whatever malicious payload those messages could contain.

Commingling Your Work Product with Client Electronic Evidence

From an ethical perspective, loading client emails that have been collected for a litigation matter into your own Microsoft Outlook software results in commingling your work product with that client’s electronic evidence. Those evidentiary emails are now intermingled with your confidential and personal communications between colleagues and other clients, thereby introducing potential conflicts of interest.

As mentioned above, all those client emails are now “live” in your Microsoft Outlook, which means you could inadvertently reply to or forward any of those messages, thus interjecting yourself into a conversation you were never invited to. And when the client data is mixed in with all your personal communications, it would be easy to accidentally delete a piece of evidence or move it to the wrong folder, where it could be lost from document review forever.

Of course, you’re probably careful enough to never hit “reply” or “delete,” but why subject yourself to that risk? Even if you’re careful, it’s virtually impossible to be certain you haven’t lost or altered any evidence when reviewing in Outlook.

Another major issue with loading client emails into your own Outlook software is that you immediately damage and modify the metadata of those communications merely based on the source. When you click a message in the inbox to view it, the metadata changes to mark the message as “read.” If you’re looking through the drafts from your client’s inbox, the metadata may change to say it was last modified on the day you viewed it. Reviewing data in Outlook is akin to walking into a fresh crime scene and touching everything in sight with no regard for proper protocols.

Ediscovery in Outlook: The Wrong Tool for Document Review

Microsoft Outlook is an email software, and by extension, a “personal information manager,” since you can also access calendars, contacts, and tasks. Many may risk conducting ediscovery in Outlook. But Outlook is NOT designed to be a document review platform for the purposes of litigation and investigations.

In a document review platform such as Nextpoint, all messages and related attachments are easily accessible and viewable without the need for additional software. In Outlook, when you need to view an attachment, you must double-click the file so that it opens in the associated software – a Microsoft Word document will open in Microsoft Word; a PDF will open in your PDF software. As soon as you open those files, you have modified the “last opened” or “last accessed” metadata field. Additionally, that attachment is now “live” in the sense that you could inadvertently hit your keyboard and modify those evidentiary documents.

Microsoft Outlook does not offer adequate tools for finding relevant messages and files in client email collections. There is a search box in Outlook that you probably use everyday to find messages in your own mailbox, but the search tools are not robust enough to run advanced searches and filters on the mountains of messages and communications you receive from clients. Your only option for review is to start at the top of the list and manually read through each message one by one by one… and hope you don’t lose your place.

What happens when you come across a message that must be produced? There’s no way in Outlook to “tag” or “code” a message as relevant or responsive, there’s no way to indicate it needs to be produced, and there’s no method for noting a message is confidential or privileged. That means you’re left moving or copying a relevant message into a sub-folder in your Microsoft Outlook, further changing the metadata on those messages.

Lastly, Microsoft Outlook provides no adequate means for document productions short of exporting a PST file, converting to PDF, or printing to paper (all of which involve the modification of the original messages). Outlook can’t deduplicate ingested PSTs, it can’t apply Bates stamps, and it doesn’t offer any tools for redacting sensitive information. FRCP 34 and many state rules allow a party to specify the “form or forms” of production, which could be native files, PDFs, or “load files” that Outlook cannot create. The only way to ensure you have the most flexibility in responding to production requests is to use legitimate document review software such as Nextpoint that is specifically designed to preserve the integrity of emails and files so that they can be properly produced without any modifications.

The Three Reasons Not to Conduct Ediscovery in Outlook

1. Loading custodian files into your personal email software can create data burdens and potential security risks for your firm.
2. It commingles potential evidence with your work product and private correspondence, which can risk spoliation and alteration of the evidence.
3. Outlook doesn’t offer the necessary tools for a thorough and accurate document review. You can’t filter data, run advanced searches, add notes to files, or flag messages as responsive or privileged.