Document Retention And E-mail

innocent_white_lamb writes "An interesting column by Jim Carroll about email within companies, document retention, how hard it is to actually get rid of an email, and how all of this can come back to bite you later on. "

What about the benefits

So what is the lesson here? If you are planning on committing fraud, illegally maintaining a monopoly, or postponing a defective product recall to maximize profit, you should first make sure you have a document 'retention' policy? And then everything will be OK? What is wrong with this picture?

What about a story on the benefits of keeping old emails? I'm tired of hearing about the costs.

Fucking lawyers. Oh, my mistake. It isn't the lawyers, it is the legislators. Fucking legislators. Oh, my mistake. It isn't the legislators, it's the voters. Fucking voters. There, that's better.

jkljkl

Interesting moral position

[Ami+Ganguli]

I find it fascinating that people openly discuss ways of destroying evidence in case of possible legal action. Is this going to be a standard MBA course from now on: "How to cover your tracks" or "Case Studies: Failures in Shredding Policy from Watergate to Enron"?

It makes you wonder why nobody looks at it from the opposite side. If you don't do anything illegal then your e-mail archive could prove valuable for your own defense. Trading companies, for example, keep all records of customer interaction, including phone calls, for use in the event of a dispute. You can never claim that your broker did something without authorisation because they archive everything.

Re:Interesting moral position

[Scutter]

"Legal" is an ambiguous term at best, the definition of which is determined in the courts, not the boardroom. The U.S. legal system is so convoluted, it's virtually impossible to get through the day without breaking some law. Even if you just stayed in bed all day, you'd probably be guilty of loitering.

Netscape history

[the+gnat]

Jamie Zawinski has a rather unpleasant story about this on his site:

http://www.jwz.org/gruntle/rbarip.html

A very good example of how essentially harmless email can be seriously misinterpreted.

Re:Offshore email servers (not just with HavenCo)

[rdl]

Yes. Most of our clients for email use secure imap with mail kept on the server, or use web-based mail systems (which offer ticketing and other features as well)

The ultimate system would involve secure laptops with no local unencrypted state -- using RAM for cache, and/or encrypted disk, but requiring connections to a non-US location to unlock the encrypted disk each time the machine is used. You could easily replicate the unlock servers for fault tolerance, and with a cell modem you can easily get a few hundred bytes exchanged from almost anywhere. Desktops and local servers could be handled the same way -- no local unencrypted state when powered off, and no way to unlock them without positive assistance from outside the jurisdiction, which would be revoked if there is evidence of an attack.

What is the legal status of email?

[mir]

Emails can be forged so easily, how is their authenticity established?
I guess any decent sysadmin in the world could show the court a whole bunch of threatening emails from the CEO of his company, what would a court do in such a case?

Plead the 5th

[pryan]

A corporation is a legal construct designed to give a business the same rights as a person, right? If so, in the face of a subpoena duces tecum, why can't a corporation plead the fifth amendment? I assume there's a clear legal answer, but IANAL.

Amendment V

No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a grand jury, except in cases arising in the land or naval forces, or in the militia, when in actual service in time of war or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.

Off shore ?

[Martin+S.]

This post is completely miss-leading, even assuming 'HavenCo' have a legit claim to be off-shore.

Placing/using an email Server 'off-shore' offers not more protection than refusing to hand over the messages in the first place, you will be in contempt of court and go to jail until you agree to turn them over. FACT!

Causing the destruction of evidence is a crime, in most countries, even if it is carried out by an agent. So in most cases, all 'HavenCo' will achieve is to further incriminate.

BTW: How does a mindless commercial plug warrent +5 Interesting ?

Re:It gets out of control very easily

[baptiste]

It's when that 6gb is sucking up server space when that starts to suck.

Oh I don't know - GB sized .pst files anywhere seem to give Outlook fits. I'm alwasy amazed at people who have all their email in ONE folder and complain about sluggishness. They're amazed when we tell them they can file stuff in folders both on and off the server.

As for storage of email - I've never really figured this out. Yes, some companies log email, etc, etc. Stuff gets caught on backup tapes, etc. But even then stuff drops out after a while. As an IT manager, I'd almost WANT to ditch email serve rbackup tapes after 6 months to a year, less legal hassles :)

Besides - if its not on the server or the defendants machine (IANAL) - its tough to use as evidence - I mean you can spoof an email easily if you're the plaintiff to make it LOOK like someone sent something. Now do courts understand that? I doubt it :)