Introduction

The dramatic expansion of technology and the Internet has transformed how enterprises manage their digital information. In the not-so-distant past, information was handwritten, typewritten, or printed from mainframes. This information, in paper form, was then maintained in vast file cabinets that were difficult to search and access. The advent of computing power to individual employees in an enterprise, whether it is a Fortune 500 corporation, a small accounting firm, or a vast government agency such as the U.S. Department of Defense, has altered the landscape of digital investigations and electronic discovery. The vast majority of information now created exists in digital form on some type of computing system.

The technology (laptops, desktops, personal digital assistants [PDAs], cell phones) that makes an employee so productive is the same technology individuals use to conduct activity that is against company policy or against the law. Employees, whether corporate or government, use technology to surf for pornography, run an unauthorized business on company time, access accounts to which they don t have authorization, or even steal proprietary corporate information.

Corporate investigators, information security specialists, or law enforcement officers need to be able to investigate these types of allegations/violations by identifying, recovering, analyzing, and reporting on the information that is stored on laptops, desktops, cell phones, PDAs, and other similar devices.

On the legal front, landmark changes to the Federal Rules of Civil Procedure (FRCP) in December 2006 have impacted how digital information is managed in civil litigation. The FRCP formalized the role of...