A litigation hold process in India gives a legal team a controlled way to preserve records that may matter to a dispute, investigation, or anticipated proceeding. It turns a broad instruction to “keep everything” into a documented sequence: define the trigger, map likely sources, notify the right people, pause routine deletion where appropriate, collect selectively, and monitor until counsel closes the hold.
The process is not a prediction about admissibility, relevance, or the outcome of a case. Those decisions belong to counsel and the forum. Its operational purpose is narrower and valuable: reduce avoidable loss, keep the source trail intact, and show what the organisation actually did.
What should trigger a litigation hold process in India?
There is no useful universal trigger phrase. A demand notice, filed case, regulatory communication, internal report, contractual dispute, credible threat, or instruction from counsel may prompt assessment. The responsible lawyer should record the facts considered, the date of assessment, the likely issues, and the chosen scope. A hold should not be opened merely because a keyword appears in an inbox, nor delayed until every legal question is settled.
The evidence context matters. The Bharatiya Sakshya Adhiniyam, 2023 addresses electronic or digital records and conditions relating to electronic records. The Code of Civil Procedure, 1908 contains provisions concerning discovery, inspection, production, and admission of documents. Teams should use the current official text and applicable court rules, then obtain matter-specific advice.
Create a short trigger record with:
- the event and date that caused review;
- the person who escalated it;
- the business units, people, systems, and period potentially involved;
- known proceedings, notices, deadlines, or counterparties;
- counsel's scoping decision and assumptions; and
- the next review date.
This record prevents later confusion about why the hold began and what information was available at the time.
Who should own the legal hold workflow?
Name one accountable legal owner, even when many functions participate. Legal interprets the matter and approves scope. IT maps systems and implements technically appropriate preservation steps. Information security controls access and transfer. Records teams explain retention schedules. HR supports communications involving current and departing staff. Business custodians identify working practices that system diagrams miss.
| Role | Core responsibility | Evidence to retain |
|---|---|---|
| Legal owner | Define trigger, issues, scope, changes, and release | Decision log and approvals |
| Hold coordinator | Issue notices, track responses, manage reminders | Notice and acknowledgement register |
| IT or system owner | Identify repositories and suspend relevant deletion | System action record |
| Security or privacy | Review access, transfer, and incident risks | Control assessment |
| Custodian | Preserve identified material and disclose other sources | Acknowledgement and follow-up |
| Reviewer | Check collected material against scope | Review status and exceptions |
Do not let responsibility disappear between legal and IT. A request such as “retain the mailbox” is incomplete unless the system, account, date range, preservation method, verification, and owner are recorded.
How do you map custodians, systems, and relevant data?
Start from issues, not applications. For each issue, ask who participated, who approved, who received reports, and who administered the relevant process. Then map where those people created or stored records. Common sources include email, shared drives, document systems, collaboration messages, personal work folders, enterprise applications, mobile devices, backups, physical files, and third-party platforms.
Use interviews to test the map. A custodian may save signed copies in a deal room while drafts remain in email. A team may have shifted platforms during the relevant period. An assistant or shared account may contain records absent from a senior person's mailbox.
| Mapping question | Why it matters |
|---|---|
| What issues and period are in scope? | Prevents unbounded preservation |
| Who created, approved, received, or administered relevant records? | Finds obvious and less visible custodians |
| Which systems were used during that period? | Captures migrations and retired tools |
| What deletion, expiry, or overwrite processes apply? | Identifies time-sensitive sources |
| Are records held by vendors or former employees? | Exposes control and access dependencies |
| Are paper, audio, images, or device data relevant? | Avoids an email-only view |
The resulting source register can connect to an evidence-linked litigation chronology, but preservation should retain relevant context rather than only the events selected for a timeline.
What should a litigation hold notice contain?
A useful notice is specific enough to act on and plain enough to understand. It identifies the matter without unnecessary circulation, describes categories and dates, lists systems and device types, explains routine actions that must pause, tells recipients not to alter or delete relevant material, and provides a contact for questions. It should also explain that scope may change and require acknowledgement.
Avoid asking custodians to decide final legal relevance. Give examples tied to issues and direct uncertain recipients to preserve and ask. Separate the notice from legal strategy that recipients do not need.
Notice checklist:
- clear subject and accountable sender;
- matter identifier and confidential handling instruction;
- people, topics, record categories, and period;
- named repositories, accounts, devices, and physical locations;
- steps required and actions prohibited;
- acknowledgement deadline and help contact;
- instruction to report additional sources or custodians;
- departure, transfer, or device-replacement procedure; and
- reminder and release process.
Track delivery, acknowledgement, follow-up, and exceptions. A sent email alone does not prove the operational steps were understood or completed.
How should electronically stored information be preserved?
Choose methods based on system behaviour and matter needs. Options can include in-place preservation, account-level retention, targeted export, forensic collection by qualified personnel, or secured copies with metadata. The right method depends on access, volatility, proportionality, authenticity concerns, and counsel's instructions.
Preserve provenance. Record who performed the action, when, against which source, using what method, with what filters, and where the preserved copy resides. Restrict access and keep audit records. If files are transformed, note the original and derivative relationship.
Security remains part of preservation. The CERT-In Directions under section 70B and CERT-In's official directions page provide primary material for relevant cyber incident and log-related obligations. Their application is fact-specific. A hold process should route suspected incidents to the organisation's security and legal response paths rather than treating them as ordinary document collection.
Teams evaluating workflow support can review Gotham's security approach, document workflows, and practice solutions. Procurement and counsel should verify actual configuration against their requirements.
How do you monitor, revise, and release a hold?
A hold is a lifecycle, not a one-time notice. Review it when pleadings change, new parties or custodians appear, systems migrate, employees leave, devices are replaced, or counsel narrows the issues. Send reminders at a cadence chosen for the matter and record meaningful responses.
Use a repeatable review loop:
- Reconfirm the matter status and scope.
- Review unacknowledged notices and custodian changes.
- Check preservation controls with system owners.
- Add newly identified sources and document exclusions.
- Review access, storage, and collection exceptions.
- Approve the next review date or release decision.
Release only on documented legal approval. Tell custodians and system owners exactly which restrictions end. A release does not itself require immediate deletion. Ordinary retention rules, another hold, contractual requirements, investigations, or security needs may still apply.
How can a team audit whether the process is working?
Sample the process from trigger to source. Can the team show the scoping decision, correct notice population, acknowledgements, system actions, source register, changes, and release authority? Can it distinguish preservation from collection and collection from review? Can reviewers open the source behind a chronology entry?
An operational audit should test:
- missing or duplicate custodians;
- notices sent to stale addresses;
- auto-deletion that was not actually paused;
- unmanaged vendor or former-employee data;
- undocumented filters or exports;
- access that is broader than the matter requires;
- scope changes not reflected in notices; and
- holds left open without a review owner.
The best legal hold process is not the broadest. It is the one a team can explain, operate, revisit, and connect to the underlying record. Explore Gotham's litigation discovery workflow or talk to the team about source-linked matter operations.



