Lawyers who are aware of the relevance of eDiscovery metadata strive for its analysis.

eDiscovery metadata can be used to display valuable information not evident from a document’s content alone. For example, data within a document can divulge the creation date, who created it and how many times it may have been modified.

What is metadata?

Metadata is the information generated within a piece of electronic data and is ‘data about data’. It exists within every digital item stored on physical devices, such as your computer and smartphone. The information contained within metadata can include the user who created it, creation date, history, and document software used to create it. These devices may also collect metadata about your usage, creating a digital footprint. These properties may be automatically generated by your operating system, or the application you are using.

Metadata often tells the rest of the story about the document and, therefore, is often a key focus of eDiscovery. However, there are still lawyers who are not fully aware of the benefits of preserving, collecting and utilising metadata, in part because they are not entirely clear on what it is and how it can be beneficial.

eDiscovery Metadata

The metadata of a file can include information about:

• when it was created;
• when it was last modified;
• what the name of the file is;
• location within the file system.

All this information is crucial to the electronic tools that are used to filter, sort, prioritise and evaluate the ESI (Electronically Stored Information) before producing it.

A word of caution

As useful as metadata is, it is also susceptible to alteration. Opening or previewing documents will alter their last accessed date. Copying a file can also change the creation date to the date it was copied. Saving a file can alter its last modified date and some applications carry the original author’s name, even if another person copies the file and modifies it. If it is needed for litigation, it is imperative that the legal professional dealing with the matter does not attempt to access the data. In doing so, the data will be altered, rendering the information useless.

Types of metadata 

• Embedded: This is usually hidden; however, it can be a vitally important part of the ESI. Examples of embedded metadata are edit history or notes in a presentation file. These may only be viewable in the original, native file since it is not always extracted during processing and conversion to an image format.
• Email: Data about the email, which varies depending on the email system utilised. For example, Outlook has a metadata field that links messages in a thread together which can facilitate the review. The email will also contain metadata regarding the sender and recipients.
• Application: Data created by an application, such as Microsoft Excel, that is related to the ESI (Electronically Stored Information) being addressed. This is embedded within the file and moves with it when copied.
• Document: Properties about a document that have been generated by the application that created it, such as Word. This tracks the author name, the total editing time and how many times it has been modified.
• File System: Data generated by the file system, to track key statistics about the file (e.g., name, size, location, etc.) which is usually stored externally from the file itself.
• User-Added: Data created by a user while working with, reviewing, or copying a file, such as tracked changes or notes.
• Vendor-Added: Data created and maintained by an eDiscovery vendor during the processing of the native document.