Skip to content


3 Reasons Why Legal Needs Data Governance Technology in 2023

April 6, 2023

Changes in the modern work environment have made it clear that organizations need to have reliable, cost-effective solutions in place to meet their legal governance, risk, and compliance obligations. From the increasing data volumes driving up the cost of document review during litigation to regulators adopting more rigorous enforcement postures, the risks of not having a firm grasp on organizational data have increased.

In keeping with Exterro’s tradition of conducting industry surveys to understand how organizations are responding to these challenges—and how best to help them do so—we conducted a series of surveys in the second half of 2022 to examine how legal, privacy, and digital forensics professionals are tackling these challenges. With partners including EDRM, ACEDS, and Today’s General Counsel, we surveyed almost 300 legal, privacy, and forensics professionals, representing law firms, public sector organizations, SMBs, and enterprises in over 15 industries. The companies ranged in size from under 1,000 to over 100,000, with annual revenue in the millions to in excess of $1 billion. While the full details can be found in our report, The State of Legal Governance, Risk, and Compliance in 2023.

Outsourcing solutions to these challenges is not viable, either in terms of costs or timelines for compliance with the demands of e-discovery, privacy regulators, and cyber-incident response. Therefore, in the face of increasing demands, organizations are looking to solve these challenges on their own—usually by embracing technology. The past two years have seen a rapid acceleration of the trend toward moving corporate legal services in-house. More than half of respondents to this survey (56%) are performing more than three-quarters of their legal services in-house, and 75% of respondents are performing more than half. That’s a huge step forward from Exterro’s 2020 In-House Legal Benchmarking Report, which saw only 31% and 44% of respondents performing more than three quarters and one-half of their legal services in-house, respectively.

Reason #1: Regulatory Obligations in Privacy

Public and private organizations are facing increasing regulatory obligations that include responding to data subject and FOIA requests, use restrictions on consumer data, and stricter interpretations of consumer consent from regulators from Norway to California and beyond. Over three quarters of respondents to our privacy survey had in-house technology for one more core functions, with enterprise-level respondents averaging 3 in-house technology solutions compared to 2.5 for smaller companies.

In-House Privacy Technology

Reason #2: Internal Investigations

Digital forensics and incident response (DFIR) technology, another major component of a legal GRC solution, is in demand at modern organizations—especially in light of the fact that hybrid and remote workplaces are here to stay. Organizations over $1 billion in annual revenue frequently need to conduct internal investigations—almost half conduct more than six investigations per month. With investigations of data breaches, cyber-incidents, policy violations, and even routine resignations, the need for technology to support these processes is clear.

Number of Internal Investigations

Remote-first organizations are leading the way in DFIR. Over half of respondents to our DFIR survey worked at organizations that were “majority remote,” meaning 51% or more of their workforce was off-site—and 30% worked for organizations that were more than 75% remote.

Majority remote organizations were more likely to have the ability to collect data off corporate networks or VPNs (65% to 39%) and also to have robust cybersecurity solutions, such as security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solutions at 71% compared to only 26% of majority-onsite organizations. However, only 6% of respondents had integrated their SIEM and SOAR solutions with their DFIR technology—a capability Exterro FTK® offers.

Reason #3: E-Discovery Obligations for Civil Litigation

E-Discovery technology, which must ingest large volumes of data, then identify, preserve, review, redact, and produce relevant information on tight timelines, has long served as a Petri dish for innovation in legal technology, as early testing grounds for workflow automation, artificial intelligence, and machine learning. It’s no surprise, then, that e-discovery as a discipline is at the forefront of the embrace of trends like the use of business process optimization and in-house technology by legal teams, with 60% of respondents rating themselves as structured or higher on our five-point maturity scale.

If you want to dig deeper into the results of these surveys, download our report, The State of Legal Governance, Risk, and Compliance in 2023.

Sign Up for Alerts

Get notified when new content for specific topics is available.

Sign Up