Deleting E-mail Could Get You In Trouble

Sterling D. Allan writes "A story in the Deseret News cautions governments and corporations from deleting legitimate email. Expensive measures are being called into place to archive the mail for future subpoena purposes. Think Enron on one hand. Think Monicagate on the other. Next they'll ask us to keep recordings of all our phone conversations? Big brother gets bigger -- with good reasons, as always. What about all those business propositions I get from Nigeria. Do I have to keep those too? "Get rich from home" (to pay for the purchase of a new hard drive to contain all your spam). One man's junk is another man's treasure. You never know what an IRS agent might find lucky."

I'm not that bothered

[Ckwop]

I have no real problem with companies being subject to tighter restrictions. However, these restrictions shouldn't be too sweeping. If I send an e-mail to my friend using my Work's e-mail address the government should not be allowed to view that e-mail without a warrant.

Moreover, there should be a legal definition of what to keep and what can be tossed. I could imagine something like:

"a message that amounts to an instruction to an employee or specifying of company policy.." etc.

I don't want to store twenty thousand pieces of spam that every user might collect over two years. That makes e-mail quite an expensive tool if you have to do that.

There is one question I do have. Did the government have the power to collect so much information in the past? How many years worth of company paper memo's were stored? I suspect the ability was much reduced so in which case so why do they need so much more data?

Simon.

Re:I'm not that bothered

[Tim+C]

If I send an e-mail to my friend using my Work's e-mail address the government should not be allowed to view that e-mail without a warrant.

But how do they know that what you sent was a personal email, without reading it? When you send an email from your work account, you are effectively speaking on behalf of your company. If you want to send a personal email, you should use a personal email account.

How many years worth of company paper memo's were stored? I suspect the ability was much reduced so in which case so why do they need so much more data?

I suspect that if paper records were as easy to store as electronic ones, they would have required just as much to be retained. A couple of SAN-type things the size of an office filing cabinet would no doubt be capable of storing all the records your company is likely to ever create; the actual filing cabinets may only be sufficient for a couple of years' worth of paper records.

Re:I'm not that bothered

[moonbender]

I suspect that if paper records were as easy to store as electronic ones, they would have required just as much to be retained.

Interestingly enough, although electronic records are easier to store than paper ones, they are also far more easily deleted. Deleting email is easier than throwing away a paper letter. And what's more important, deleting a thousand or ten thousand emails isn't a lot more difficult than deleting just one. It's psychologically easier, as well, since paper documents have a more significant, official feel to them.

Re:I'm not that bothered

[sql*kitten]

Interestingly enough, although electronic records are easier to store than paper ones, they are also far more easily deleted. Deleting email is easier than throwing away a paper letter.

Except that's not actually true. If you have a paper letter, you tear it up, it's gone. Of course it can be photocopied, but still, those copies can (relatively) easily be found.

Delete and email - what if it's still in your mail folder? Many clients mark deleted emails as such then only carry out the purge when they "compress" the mail store. Maybe there's a copy still on the server, the delete instruction hasn't reached the other half of the cluster yet. Maybe there's a copy on the backup tape. Maybe the system is configured so that mail is logged on delivery, and deleting it from your client doesn't touch the master log.

Deleting email is actually far, far harder than destroying a letter.

Re:I'm not that bothered

[moonbender]

Except that's not actually true. If you have a paper letter, you tear it up, it's gone. Of course it can be photocopied, but still, those copies can (relatively) easily be found.

Well, for one thing, I think you underestimate the paper trail a document can have in any modern burocracy. :) But you're still right, one peculiarity of electronic documents is that they are often retrievable even after they have been deleted. And as you say it's very difficult to make sure something has actually physically been deleted after the delete command has been given, or even to determine whether it was physically deleted or not.

My point was different - that giving the delete command is a lot easier than having to "manually" (in the true sense of the word) delete paper document. Your point is well taken, though.

In other news...

Companies keep official correspondance.

quota

Well, when I reach my 500mb quota, I have to delete my mails. I have however, created my own mail database in Notes on my network user drive, and moved +1 year old mails to that database.

Re:reasonable

[tomhudson]

Good point. Besides, you can always archive it all on an old Maxtor if it has incriminating^H^H^H^H^H^H^H^H^H^Hinteresting stuff on it. Or even to a cheap DVD, and let bit rot take care of it. Or include cover-your-ass emails with forged headers.

It's like any other "suggestion". Eventually, they'll have to specify some sort of standard, and then the lawyers will find a way around it, like usual, for their clients.

Re:not-yet-mandatory-for-your-own-email

Governments and Corporations aren't you and me.

Speak for yourself. Who do you think works for the government and corporations? Kids?

VERY misleading summary..

The summary here seems to be implying that this has something to do with the government trying to get peopel to keep their PERSONAL emails. Read the article. That isn't the case.

This is simply talking about measures to force companys (and only them) to retain their internal emails. This way its hopefully harder for the CEO to say 'what funds? i don't know any embezzeled funds' after emailing his coherts about their plans.

Slashdot of all places should appreciate the fact that without a paper trail, corporate accountability is a pipe dream. This article is simply talking about trying to ensure that the paper trail exists.

How can they tell?

Do they mandate that you use an email system that keeps track of deletions? If not, there seems to be a bit of a hole there...

Re:I think someone need Gmail!

[ip_fired]

Well, in view of that information, the problem isn't google, but the law. Personally, I don't care if people read my e-mail. It's quite boring, and I doubt anyone would ever find it useful.

If they would like to see that I'm going to visit my friend in October or call my sister then let them. Important information should be encrypted anyway.

What annoys me are all of the people who want to stop a company from providing a valuable service. The reason why google offers the service that lets you just archive mail and save it, is because some people like to keep their correspondence between friends. I know I do.

ease off the panic button there, Buck Rodgers

[SuperBanana]

I remember the good ol' days of the internet when it was a playtoy for scientists and computer people.

...and nobody used it to conduct business, especially financial matters.

Now we have the government telling me what I can and can't delete.

The government has always told certain categories of businesses that certain things must be saved. My friend who is a private, fee-based financial planner/advisor, has to keep all emails and a call log (don't remember with notes or not) when it concerns a client.

Tightening the noose

[Dr_Marvin_Monroe]

I'm not really opposed to this, and it does seem to be in direct opposition to a lot of "company e-mail policies" as it's written too.

I dont think that companies should get a pass on these types of written correspondences. These days, it's just too easy to hatch a "dominate the globe" policy at the corp. level and then eliminate the evidence through a "document destruction policy" like those at Arthur Anderson/Enron/MS/etc.... I've seen a clear policy of "destroy everything" with regard to e-mail and written transactions at almost every company I've been at. Seems more like the policy is geared towards eliminating any incriminating evidence rather than simply keeping space on the server to a manageable level. That's too bad, because I've seen some smoking guns that SHOULD be loosed on the world.

On the other hand, these types of policies are instituted because it's just too easy for lawyers to get ahold of those records for the purposes of "fishing expeditions," think SCO and their associated scum. Lawyers can just come in with the vague outline of some scheme and get all of a company's e-mails to help create a real case where none existed before. The cost of handing off an entire archive isn't trivial, and discovery is just too easy to do.

Whatever the outcome, it just seems like you and I (read the little guys) will have ALL of their e-mails "go down on our permanent records" while the big guys will always seem to have a good excuse why the mail server suddenly destroyed all the records for that pending lawsuit. I can just hear the lawyers now...."..yeah, it's funny how only the VP's e-mails dissapeared, and only for a 3 month period, but we've got him on a special server that's set to explode in flames every 90 days."

I think that this type of national policy will ultimately hurt the little guys/companies more than the real targets of such legislation. The big guys will just start having oral meetings without taking notes or some such method of non-trackable information sharing.

As with all government intervention, the "quick-fix" is never really that quick, and the problem is almost never fixed.

I find it interesting...

[bigattichouse]

that its not that big brother is recording our emails - they realize they can't.. so they make it law that we have to spy on ourselves by saving emails. So, If I delete my own emails - can I plead the 5th amendment? But, forcing my employer to spy on me, now that is an interesting work-around to the 5th. Not one I like, just interesting.

screw 'em & the camel that rode in on them

[Almost-Retired]

As a now private, more or less un-employed and semi-retired person, most of my mailing list activitys are recorded in the various folders my email agent maintains. But, part of that maintainance in most cases is an expire date. I keep mailng list messages only for a couple of months, then they are automaticly gone as basicly their contents are no longer valid anyway.

Not only that, but what the hell has happened to our basic 1st amendment rights. Or the rest of the Bill of Rights for that matter.

I think its way past time we found an honest man for the white house, one who would uphold the constitution instead of figure out ways to feed his buddies ever more government contract monies without actually putting it out to bid.

Unforch, politics and religion have this commonality. As the devil said when God threatened to sue to get an engineer back that was sent down by accident, "And just where are *you* going to get a lawyer?"

Seriously, we need a "D" option on the ballot, for none of the above, thereby forceing a fresh start at finding a suitable candidate, one crazy enough to want the job, and still honest enough to try to fix the congressional excesses of the last 30 years.

You don't like my message? Then don't post, but get off your ass and be a part of a democracy, register and VOTE dammit! Then send a message to the winner saying that you expect him to do the job he was elected to do.

Cheers, Gene

Meta-data costs more to save?

[Todd+Knarr]

I think Mr. Ellis needs to go get an independent consultant to double-check the software contractor's results. If users are just filing e-mail, then saving meta-data should be automatic. All the e-mail programs I use commonly that let me file messages in folders (Pine, Evolution, Mozilla Mail, Thunderbird) save the complete SMTP headers with the meta-data in question automatically. If the company Mr. Ellis is getting his "solution" from charges extra for saving what's commonly saved automatically, they're probably gouging him on more than just that.

Re:Company policy requires email deletion

[Rich0]

The company sent out an email claiming costs in the tens of dollars per MB, which to me just suggests that they are either really inept, or they're including all kinds of non-marginal costs that they'd have to pay anyway.

If I had a single server with a single 10GB hard drive and I paid one guy to maintain it I might have to claim costs of $80/MB - but that doesn't mean that it would cost me that much to add more space...

Whistleblowers are our friends

[0x0d0a]

nice guy - reporting the company... did it profit you any?

Actually, I'd say he is. If you define "nice" as "willing to take personal cost to benefit others (in this case society)", I'd say that he pretty much falls exactly into that category.

If "nobody likes a snitch" then perhaps everybody should stop breaking the law at their company. Frankly, I think it's too bad that we can't reward whistleblowers even more.