Proposed Federal Rules On E-Document Destruction
runner345 writes "The Federal Advisory Committee on Civil Procedure is evaluating a series of 'e-discovery' rules that will change the way litigation handles electronically stored information for the federal courts. Included in this is proposed Fed. R. Civ. P. 37 which would exempt parties from sanctions for electronic evidence destroyed in a 'routine operation of the party's electronic information system.' Microsoft and other technology heavy-hitters have strongly backed this safe harbor because it judicially validates electronic document retention policies (perhaps the most effective Orwellian misnomer for outright document destruction). If you thought it was hard to get incriminating documents from the tech industry now, think about what this rule will do to a plaintiff's chances. You can get the proposed rule here (when their site works) and read what Microsoft and Intel have to say about it here. You can also read my law school thesis on the topic (still only in draft)."
Ie, retain, *everything*... absolutely *everything*, why should email/*doc* be an acceptable domain, where, one can simply erase data under dubious circumstances ?
*Everything* is a lot. Do you want every revision of your swap file to be backed up?
On the other hand, every email you send does seem like a reasonable requirement. But what if your email contains a URL. Should you be required to back up that version of the web page?
There sure is. It's called obstruction of justice. and after the judge orders you come up with the password it is called contempt of court.
"Am I the only one who thinks that government should be requiring companies to move the *other* way?"
Um, have you ever heard of a little piece of legislation called Sarbanes-Oxley? Yeah, you might want to check that out before you start assuming you're on a one-man crusade. Corporate ecords retention requirements have only increased over the past 10 years.
"Ie, retain, *everything*... absolutely *everything*, why should email/*doc* be an acceptable domain, where, one can simply erase data under dubious circumstances ?"
This would be fine... except for the fact that you'd have to remove the "delete" function from every application on every desktop. If I'm composing emails, and I decide not to send something I halfway finished, do I have to save it? How about drafts from 10-year-old memos? And what happens when you just have too much shit for your hard drives? Preserving EVERYTHING is a pretty goddamned big burden on businesses.
"Corporations are too powerful now.
Increasingly, law is coming to reflect the interests of Corporations, instead of the interests of countries citizens."
Go back and RTFA. These standards have NOTHING TO DO with corporate versus non-corporate entities. We're talking about a rule that applies equally to all parties in civil litigation, whether they're incorporated or not. If you run a small business as a sole proprietor, and you get involved in a lawsuit, this applies to you, too.
Is slashdot so easy that any pseudo-Marxist anticorporate ranting passes for "informative"?
"Eventually, when the little guy gets done taking enough crap from those on top... the little guy gives the other the boot."
Yeah, whatever.
i work in big pharma, and for a lot of our systems we *do* have to do this. legally, we've got to keep data for clinical trials for *twenty five years* after the patentable lifetime of a drug. not only that, but we've got to figure out a way of archiving complete systems for that long. suffice to say, it's really, *really* expensive...
I think some of this discussion is lacking in context.
/orders have taken parties to task for failing to suspend routine overwriting of backup tapes. Taken to the extreme, this means that once you get sued, you can't overwrite any of your backup tapes.
First, if you destroy evidence after the lawsuit gets filed (or when you enter the grey zone of when you "reasonably anticipate litigation"), you have just committed spoliation of evidence. While this makes intuitive sense - the rule prohibits a defendant from having a "shredding party" the day after a lawsuit gets filed - it becomes problematic as definitions of what constitutes "evidence" expand.
Active emails? Check. Files on network servers? Check.
Backup tapes from last night's cycle? OOPS. Yes, several court decisions
Updating databases that might result in some data (i.e., last accessed, last modified) being modified? Uhoh, better take a snapshot of that database.
Are your server logs at issue? Uhoh, better suspend rotation of your server logs.
Hey, when you TURN ON your desktop, aren't you overwriting some cache space and slack space, that might make recovery of deleted files impossible? Guess what? If the other side wants to do a forensic examination of your machines, you can't even continue using them without taking a bit-by-bit image.
And by the way -- if you miss any bit of this data, you get sanctioned. Monetary sanctions, or an adverse inference ("we don't know what was on that tape that was destroyed, but you can ASSUME it was bad!"), or even a default judgment. Yes, electronic discovery can turn into a game of "gotcha".
Think how expensive this is for a small shop with just a handful of machines. And then think what's involved for a nationwide company with, say, 80 far-flung locations and company databases.
See the problem?
The "safe harbor" to Rule 37 says that you don't sanctioned for failure to preserve information lost from ROUTINE operation of a system UNLESS THE LOSS WAS INTENTIONAL OR RECKLESS. The "reckless" hole is very large, admittedly. But the rule attempts to bring some sanity to some of the broad-reaching data preservation games being played today.
Also, note that a court can order a party to take steps above and beyond what the proposed Rule 37 requires.
(IANAL, but I spent a few years writing software for a legal company.)
Found in the Microsoft testimony:
"One of the better comments I think that was submitted to you was from somebody who does a lot of employment class action litigation. And she expressed that very concern. She also cited a few statutes, like Title 7 and maybe the Wage and Hours Act in the employment area, that very specifically tell companies what they must keep and what they must not.
And I bet those statutes also provide penalties if they are not kept. And I'm pretty sure that they provide -- is it ten to twenty years in prison for the intentional destruction of documents? I mean, I think it would be insanity beyond belief for anybody, any serious lawyer, to advise their client that, oh, yeah, this is a way to get rid of something that might come back to bite us. Because the moment you have that thought, you're engaging in basically criminal conduct.
So the routine operations of systems has to strictly be for the business purposes of keeping your IT systems running."
Where this differs from the "safe harbor" provision (IMO) is that some companies *routinely* engage in the intentional destruction of electronic documents. Last week I had some confidential records for a client, and when I was done with them, I deleted my copy as a routine IT practice: don't store confidential data any longer than necessary. My client has the data, so I don't need to retain it; even if I need it again later, the risk of someone walking away with my laptop *far* outweighs the convenience factor of holding onto the file. When documents are deleted for security reasons, this amounts to intentional deletion for the express purpose of denying access, and *might* be viewed rather harshly under the safe harbor guidelines.
Microsoft cheerleader, blue flag waving, you got a problem with that?
A quick review for those not familar with "trusted" computing. The hardware uses digital signatures to enforce running an approved BIOS only, which in turn enforces running an approved OS, which in turn will only run approved applications. Documents are encrypted, and the approved applications can phone home to determine whether you are allowed to read a document. If the document is on a delete list, it is immediately erased. Microsoft Media Player already implements this system - except for the hardware enforcement. Microsoft Office is next. Evil Media companies, and Microsoft, want to make the hardware enforcement required by law on all computing devices.
In the not too distant future, having obtained a copy of an incriminating document, you could keep it stored on a banned Linux system running on illegal hacked hardware, and given Microsoft's expertise with security, probably crack the encryption in a reasonable amount of time due to some stupid design flaw (e.g. random seed for session key is derived from Document time stamp). However, the resulting evidence would not be admissable in court. So stock up on tin foil hats.
No, you gotta count the number of connections. Businesses have a lot more e-mail then your average person. Not to mention the automatic stuff sent by programs and systems. Throw in the attachments and other fun things and you get a nightmare. The cost isn't trivial and it adds to the administrative overhead. Adding a sudden need to do proper backup (and offsite storage) of what should be transient.
I understand it for certain industries (I used to work in Clinical Trials and as another poster mentioned that has strict rules). Although, you can use those industries as an example of costs being driven up by the information storage requirements (the cost of I.T. for clinical trials is very high in the US).