The EDRM (the organization behind the Electronic Discovery Reference Model), now part of Duke Law School, has published an ESI checklist.

The checklist is a simple one page form divided into seven sections:

1. File System Locations

2. User Removable Storage and Portable Devices

3. Server Software

4. Public/Semi-Shared Sources

5. Security / Access Components

6. Backups

7. Retired Workstations, Mail Servers, Devices

The list is simply a way for someone collecting data to confirm that they are inquiring about all likely data sources. It's useful to have a checklist from an authoritative source, to confirm that one had done due diligence.

Note the only brand names mentioned on the list (either than the ubiquitous Google Docs and Drop Box) are Golden Eye and Web Trends. These are given as resources for tracking monitoring activity on computers and web sites. Golden Eye is a program aimed at the general user that allows them to spy on someone using a computer - detecting which files and folders are used; which websites are visited; which user names & passwords are entered; giving an individual (or a company) to take a screen grab at fixed intervals. Are companies using this software on employee PCs? I wonder.

WebTrends is a large data analytics company that helps companies track how their web sites are used. It uses software that analyzes captured web data and generates reports that are often in PDF or .csv format.