Prognostications and predictions are inherently flawed. Does anyone really believe Punxsutawney Phil is a reliable weather forecaster? And how many of us, in our predictions of what would happen in legal technology in 2020, anticipated that a global pandemic would temporarily bring society to a halt? We sure didn’t.
Still, organizations can’t afford to be passive, sitting back and waiting to see what happens next. As Eisenhower said, plans are useless, but planning is indispensable.
With that in mind, here’s what we see on the horizon for corporate data archiving efforts.
Trends for 2022 in Data Archiving
1) Society will hold Corporations accountable for their statements.
In a movement that has been building gradually for years, the public is increasingly holding corporations responsible for their views. Localities such as Baltimore have filed lawsuits alleging that oil and gas companies engaged in a “long-standing, systematic deceptive marketing campaign designed to hide the catastrophic dangers” of fossil fuels and their contribution to climate change. One environmental group has sued Coca-Cola and other soda manufacturers, alleging that “Coca-Cola is deceiving the public by marketing itself as sustainable and environmentally friendly while ‘polluting more than any other beverage company.’”
The opioid litigation has proven that companies have to answer for their statements. In just one of thousands of cases, a jury recently concluded that “Teva Pharmaceuticals USA and others misled the American people about the true dangers of opioids” and was therefore liable for public nuisance.
Companies should monitor their websites and other communication channels to ensure they are not making false statements or promoting marketing claims that could be misinterpreted. They should also be prepared to defend their advertising and explain their statements’ evidence or rationale. Having complete data archives—in a read-only unchangeable format —could be critical to a company’s defense against an allegation of false advertising.
2)Companies must prepare to counter disinformation.
Fake news is everywhere—and sometimes, the real news is so bizarre that it can seem fake. Distinguishing between fact and fiction is increasingly difficult. For example, one recent video circulating on social media takes comments from Canadian Prime Minister Justin Trudeau entirely out of context. The video shows him saying, “attacking your fundamental rights or limiting your fundamental rights, and … we are still going to go ahead and do it.” While Trudeau did say those words, the video omitted the necessary context: Trudeau was explaining his opposition to the notwithstanding clause in the Charter of Rights, not stating his support for it. Yet to understand this, you have to dig deeper and understand the minutiae within Section 33 of the Charter of Rights. When people can manipulate the media and a voice presenting essential context, how can anyone distinguish between what someone said and what they didn’t?
Archives, that’s how. Companies will, again, need non-editable archives of what they have said so that they can point to an original version of a statement or its full context if the statement is later twisted or misapplied to a different context.
3) As the chief privacy officer role grows, CEOs will not be able to deny knowledge of their data policies.
With the growth in data privacy laws—which we’ll talk more about in a moment—companies are endowing their chief privacy officers with more power and responsibility. As part of that movement, chief privacy officers increasingly report directly to their CEOs.
That means that those CEOs will no longer be able to deny firsthand knowledge of their organization's data policies reasonably. If a company is collecting personal data from customers or visitors and using or selling that data, the CEO who’s been meeting with the chief privacy officer for years will not be able to claim plausible deniability about those actions.
Companies need to have clear and transparent data policies that are—you guessed it—archived in a non-rewriteable format to prove what they did with data and how they advised customers of their rights and responsibilities concerning their data.
4) Data privacy laws will be applied more in an HR context.
Jurisdictions continue to pass more data privacy laws and regulations every year, but the resulting protections for consumers in the U.S. have been underwhelming so far. When someone who’s visited a site or placed a single order requests deletion of their data, companies can easily claim that they don’t have any data or can disaggregate that data rather than fully deleting it. But it’s harder for a company to deny knowledge of someone who’s applied to work at that company or who has worked there, even briefly.
Should applicants or former employees request their data, companies will need a way to quickly and accurately search through their HR data archives to identify and provide, edit, or delete data that they hold about individuals. That means companies need better records and need those records to be highly searchable.
5) Companies that monitor their employees remotely may need to prove that they’ve given their employees notice and/or that they’ve obtained consent for that monitoring.
Employee monitoring has grown by leaps and bounds during the COVID-19 pandemic, giving employers unprecedented access to their employees’ homes and leading some states to consider employee protections. New York recently passed legislation requiring that employers who engage in electronic monitoring of their remote employees must give notice of their intent to do so. States such as Connecticut and Delaware require that employees actively consent to such monitoring, at least when working at the office. But how do those laws apply to remote workers? Arguably, all two-party or all-party consent states require consent for remote monitoring.
If your company needs to prove notice and/or consent, you need the following:
- immutable archives to prove that you have a documented employee monitoring policy,
- and that you’ve provided all required notice and obtained any necessary consent.
6) Companies that still have on-premise software and data storage solutions will increasingly move those systems to the cloud (or at least back them up in the cloud).
Many organizations still have legacy systems that operate solely on-premises. Those systems often contain a huge amount of important historical data that the company doesn’t want to lose permanently. But they’re at risk of that happening as long as data exists only in those legacy on-premise systems. When no one can get to the office to access data locally—or when the systems holding that data break down with no one left to provide maintenance or support—companies may find that it’s too late to extract their data for safer storage online.
Proactive companies are closing those loops by migrating on-premise data stores to the cloud, creating—again—secure, access-controlled, future-proof data archives that organizations can use from anywhere.
7) Software-as-a-service (SaaS) apps will continue to grow and diversify.
Most companies are already using over 100 different SaaS apps to manage and complete their work. Those apps have evolved to include chat apps, project management tools, data storage solutions, videoconference tools, ticket management apps, customer support tools, and more. These tools will continue to expand to become more important and to manage more of the day-to-day work of organizations and their employees.
Taking a screenshot of that data is not an adequate approach to archiving—which means companies will need archiving solutions that can capture the full content and context of information stored in these browser-based tools.
Whatever 2022 brings—whether our predicted trends prove true or another unexpected crisis crops up—Hanzo is here to help organizations with their data archiving needs. In addition to our dedicated Slack capture tool, Hanzo Hold, we can create non-rewritable archives for any SaaS tool accessed using Hanzo Dynamic Capture through a browser to crawl the web-based application’s url and produce interactive, fully functional replica web pages that you can navigate and interact with exactly like the live site. Our flexible approach lets us help enterprises target an organization’s data, collect what is needed and search through data to find the information you need so that you can know what is in your data and manage your risk..,
The result is a comprehensive, defensible process that allows your organization to face ediscovery and regulatory inquiries with confidence—no matter what SaaS applications or tools you use. Contact us to learn more or schedule a demo.