Electronic Discovery (e-Discovery) has developed as a process to be managed by investigators and as a practice that has a set of procedures that are peculiar to Electronically Stored Information (ESI). Traditional document management systems have been stable and accessible by manual means. However with the increased use of digital mediums to store information, new techniques have been developed to handle volatile information and its vastly increased quantities. The Electronic Discovery Reference Model (EDRM) is a framework that is widely used as a guideline for e-Discovery processes in investigations. The model provides a systematic guide for actions that start at the information management system and proceed through reproducible steps until an evidential output is achieved. Software tools are also available to perform these investigative steps and to speed the extraction and reporting of evidence. However, the dependability of digital evidence that is collected, analysed and presented in a court using e-Discovery tools has been challenged.

The outputs of e-Discovery processes serve several end-users and are open for scrutiny in a court of law. The main users are those in legal roles who wish to extract reports and presentations from an information management system. Lawyers and other legal advocates require briefs that contain summative information regarding the case at hand. Digital forensic investigators and expert witnesses also require the services of e-Discovery processes and rely on the software tools to deliver full and accurate information that can be substantiated under cross examination.  Key issues and problem areas arise from the stability of software, the debates about the reliability of open-source and/or proprietary software, the consistency of different software presentations, and the ability of experts to communicate the use of the software to a court of people unfamiliar with digital processes. Consequently, not only are there many problems surrounding the use of e-Discovery software, but there are also few people who are knowledgeable of both the legal and IT technical requirements of court presentations.

    In this research, the most widely used software for e-Discovery processes is reviewed in the literature section and then one of the tools is investigated in the laboratory to assess its characteristics and capabilities. The research question “What performance can be expected of e-Discovery tools when extracting evidence?” was selected to address the problem of limited knowledge of tool capability. The tool was investigated using each of the phases in the EDRM model, and by testing it in different case scenarios. The results showed the capability of the tool and the scope of such software to assist investigators and others with a legal interest. 

    To conclude, the overall research conducted confirms that e-Discovery is a legal investigation process that is dependable when the software tools are understood and used correctly. There are many and competing software tools available and each exhibits different strengths and weaknesses. The empirical research study satisfies the aim of testing e-Discovery software to gain greater knowledge of its use. Though pilot testing and case scenarios, the EDRM model was found to be comprehensive and a trustworthy guideline for evidence management. The result of such testing shows a better understanding of a tool’s capability, its effectiveness as a business process, and provides advice for best practices in evidence presentation.