When a crime or legal dispute related to computers (such as unauthorized access or confidential information leakage) occurs, it is necessary to collect and analyze equipment, data, or digital records which are required for investigations to find out the cause of the crime or legal dispute. Particularly, in a civil lawsuit in the United States, a plaintiff and a defendant of the lawsuit assume responsibility to submit digital information related to the lawsuit as evidence pursuant to the eDiscovery (electronic discovery) system.
On the other hand, with rapid developments and widespread use of IT (Information technology), abundant information is created by using computers in businesses in recent years. Therefore, in the process of preparation for submission of evidentiary materials to a court, mistakes to include even confidential information, which is not related to the relevant lawsuit, in the evidentiary materials tend to easily occur. In order to solve the above-described problem, techniques related to a forensic system for analyzing document information are suggested in PTL 1 to PTL 3 indicated below.
Moreover, PTL 4 discloses a storage and search system for auditing telegram data, wherein the system: guarantees that the telegram data which is an audit target is stored in a format incapable of falsification; and makes it possible to promptly and easily execute processing for searching the telegram data which is the audit target. Furthermore, PTL 5 discloses an e-mail audit system capable of making the audit function without imposing excessive burdens on, for example, an audit practitioner. Furthermore, PTL 6 discloses an e-mail audit apparatus that promotes efficiency of work of an auditor, who audits e-mails, and implements appropriate auditing.