Proposed Federal Rules On E-Document Destruction
runner345 writes "The Federal Advisory Committee on Civil Procedure is evaluating a series of 'e-discovery' rules that will change the way litigation handles electronically stored information for the federal courts. Included in this is proposed Fed. R. Civ. P. 37 which would exempt parties from sanctions for electronic evidence destroyed in a 'routine operation of the party's electronic information system.' Microsoft and other technology heavy-hitters have strongly backed this safe harbor because it judicially validates electronic document retention policies (perhaps the most effective Orwellian misnomer for outright document destruction). If you thought it was hard to get incriminating documents from the tech industry now, think about what this rule will do to a plaintiff's chances. You can get the proposed rule here (when their site works) and read what Microsoft and Intel have to say about it here. You can also read my law school thesis on the topic (still only in draft)."
Destroying E Documents for dummies... Place on Hard Drive Give Hard Drive to 3 year olds with knives Tell then there is candy inside.
http://www.sandstorming.com
We already have electronic document retention policies, and we do get rid of things on a regular basis. I don't really understand what this rule would be for, except to validate practices already in place at almost every major company.
The submitter makes it sound like it's horrible for the plaintiff, but would we really want to live in a world where we have to keep every single file forever? I think not.
What if your regular clean up procedures begin just after you've gotten wind of a warrent or other legal issue?
Im sure there are provisions and details about these situations ( IANAL and i dont speak legalese) Can anyone with more knowledge elaborate on exactly what this all means?
--
Registered .sig quotient : 1337
Broadly, my company "EvilCorp" has a document retention policy, that simply states
"Don't retain anything incriminating".
I'm glad to see, government is catching up, with trends set by industry leaders like myself !!
God Bless America.
God Bless Corporate Malfesence.
Death to document retaining, Commie Linux Users!
Also, it's worth noting.
We've always been at war, with East Asia !
[Seriously folks]
Am I the only one who thinks that government should be requiring companies to move the *other* way?
Ie, retain, *everything*... absolutely *everything*, why should email/*doc* be an acceptable domain, where, one can simply erase data under dubious circumstances ?
Because corporation (x) wants it that way ?
[Aside]
Corporations are too powerful now.
Increasingly, law is coming to reflect the interests of Corporations, instead of the interests of countries citizens.
It's not so absurd to suggest, that.. eventually, the little guy will revolt.
Think the French revolution, think the American revolution...
Eventually, when the little guy gets done taking enough crap from those on top... the little guy gives the other the boot.
In this light, Bill Gates is the King of France.
"Let them eat Patent-Cake".. etc.
There's a good idea.
:D
1. Post unfinished thesis on slashdot for us to review
2. Incorporate feedback from users who read it
3. Profit!!!
Only problem is.... I dont think anyone is going to want to read it, especially not on a monday morning
Every cloud has a silver lining.
use encrypted volumes... when the feds come knocking forget the passwords... there's no law against being stupid... and if there was, i wouldn't know... i'm stupid!
Get your torrents...
"...which would exempt parties from sanctions for electronic evidence destroyed in a 'routine operation of the party's electronic information system.'"
/var/log/incriminating/*
So I suppose the following is perfectly acceptable:
30 0 * * * rm -rf
Sugapablo
For instance, under HIPAA and other state insurance regulatory laws, my company is required to maintain all documentation related to a customer file for 7 years. Right now this constitutes about 2 million pieces of paper weighing approximately 14 tons and taking up about 1500 square feet of floor space in my office for filing cabinets. We go through things once a year and toss anything that's older than 7 years.
When we move to an electronic imaging system, everything will probably fit on to a couple of high-capacity disks. In 7 years, the cost of that amount of storage is probably going to be negligible, so there's no technical reason we couldn't keep things forever. But I'm still going to configure the document management system to toss anything older than 7 years. Why? Because 7 year old information is not useful. The only reason it's there is because of state/federal rules of evidence that require me to keep it around. It's only useful to someone who's suing me, and when those 7 years are up I'm glad to get rid of it.
One of the things that keeps people from modernizing their filing systems is the fear of losing this "protection," of being able to throw away old information. There's a fear that if you go electronic, it's always going to be "out there" somewhere and potentially a legal threat to you, even if you've done nothing (intentionally) wrong.
I for one support this rule. And if it seems like a good idea for our small company, imagine how it would seem if you're, say, Citibank.
This rule is obviously not designed to support policies of "oh, we're getting sued, so I'm going to throw out this particular subset of information related to the lawsuit and try to claim it's a standard practice," because any attorney worth the price of his suit would get me thrown in jail for destroying evidence.
"There is no night so forlorn, no mood so bleak, that it cannot be infused with pleasure by tender meat..." - R.W. Apple
[IANAL but have researched this issue to some extent. No statements I make should be construed as legal advice.]
Organizations should establish data retention and destruction policies and follow them consistently.
Suppose an organization has a policy that states that a) all email older than N days will be purged from the server and b) all email must remain on the server (i.e. no local storage of messages). Another party initiates legal action based on an email sent on $DATE and the discovery process begins. If the order comes through on the (N+1) day for the organization to produce its email, the organization will be in the clear because it followed its own already-established policy. However, if the order comes in on the (N-1) day and the organization purges older email early, it [the org.] will be in hot water.
However, the organization must be sure that it includes all sources of this information. Does the site backup/restore policy parallel the 90-day destruction rule? Many sites pull a set of tapes/media from the rotation once a month or so and put it aside for archival purposes. If the site policy is to destroy email but the backup tapes are available...
IIRC this was a serious mistake on the parts of Enron and Arthur Andersen: they had no such destruction policies in place and began deleting sensitive items only after they knew proceedings were about to begin.
I want to drag this out as long as possible. Bring me my protractor.
Y'know, judging from the submitter's slant on this, I would guess he's never had to maintain multi-gigabyte document repositories bursting at the seams with obsolete documents. Nor, I suspect, had to restore and rebuild five years worth of old email databases just to satisfy some little ambulance-chaser's fishing expedition.
Bah.
Regards;
The last thing I want is some asinine law that manadates the retention of every stupid file for ten years.
Yeah, this one is funny.
---
"Reasonably Accessible" The term often means information that the party itself routienely accesses or uses or that is easily located and retrieved. By contrast, information stores only for disaster recovery is generally expensive to restore and is disorganized.
---
That's pretty damn accurate in a lot of companies!
I've had enough abrasive sigs. Kittens are cute and fuzzy.
Abuse of American electronic discovery rules is getting worse every year. Defragment your disk? That's a sanction. Copy files from an old computer to a new one? That's a sanction.
Seriously, the legal rules need to realize that asking for documents not normally accessible is extremely expensive and opens up possibilities for extortion. ("Looks like it will cost you three million dollars to restore and examine these tapes... Why don't we just settle the case for two?") Everything the Microsoft attorney said is true.
The judges know this, the attorneys know this, the companies know this. The submitter needs to get out in the real world and get his head out of his ass. There's not even an ideological basis for thinking the way he does. It's not like poor people benefit from these rules (who Democrats like to protect) or self-made rich people (who Republicans like to protect).
With great power comes great fan noise.
Please save every business-related e-mail you receive. And you shouldn't be using work e-mail for personal purposes so please save every e-mail you receive. Thank you.
Inbox: 41559 messages (41551 read, 8 unread)
Saved-messages: 4154854884569842455 messages
You are usuing 12090% of storage capacity.
i work in big pharma, and for a lot of our systems we *do* have to do this. legally, we've got to keep data for clinical trials for *twenty five years* after the patentable lifetime of a drug. not only that, but we've got to figure out a way of archiving complete systems for that long. suffice to say, it's really, *really* expensive...
I think some of this discussion is lacking in context.
/orders have taken parties to task for failing to suspend routine overwriting of backup tapes. Taken to the extreme, this means that once you get sued, you can't overwrite any of your backup tapes.
First, if you destroy evidence after the lawsuit gets filed (or when you enter the grey zone of when you "reasonably anticipate litigation"), you have just committed spoliation of evidence. While this makes intuitive sense - the rule prohibits a defendant from having a "shredding party" the day after a lawsuit gets filed - it becomes problematic as definitions of what constitutes "evidence" expand.
Active emails? Check. Files on network servers? Check.
Backup tapes from last night's cycle? OOPS. Yes, several court decisions
Updating databases that might result in some data (i.e., last accessed, last modified) being modified? Uhoh, better take a snapshot of that database.
Are your server logs at issue? Uhoh, better suspend rotation of your server logs.
Hey, when you TURN ON your desktop, aren't you overwriting some cache space and slack space, that might make recovery of deleted files impossible? Guess what? If the other side wants to do a forensic examination of your machines, you can't even continue using them without taking a bit-by-bit image.
And by the way -- if you miss any bit of this data, you get sanctioned. Monetary sanctions, or an adverse inference ("we don't know what was on that tape that was destroyed, but you can ASSUME it was bad!"), or even a default judgment. Yes, electronic discovery can turn into a game of "gotcha".
Think how expensive this is for a small shop with just a handful of machines. And then think what's involved for a nationwide company with, say, 80 far-flung locations and company databases.
See the problem?
The "safe harbor" to Rule 37 says that you don't sanctioned for failure to preserve information lost from ROUTINE operation of a system UNLESS THE LOSS WAS INTENTIONAL OR RECKLESS. The "reckless" hole is very large, admittedly. But the rule attempts to bring some sanity to some of the broad-reaching data preservation games being played today.
Also, note that a court can order a party to take steps above and beyond what the proposed Rule 37 requires.
And I'm damn glad, it will become harder for litigious bastards to blackmail me into giving them access to my data...
In Soviet Washington the swamp drains you.
(IANAL, but I spent a few years writing software for a legal company.)
Found in the Microsoft testimony:
"One of the better comments I think that was submitted to you was from somebody who does a lot of employment class action litigation. And she expressed that very concern. She also cited a few statutes, like Title 7 and maybe the Wage and Hours Act in the employment area, that very specifically tell companies what they must keep and what they must not.
And I bet those statutes also provide penalties if they are not kept. And I'm pretty sure that they provide -- is it ten to twenty years in prison for the intentional destruction of documents? I mean, I think it would be insanity beyond belief for anybody, any serious lawyer, to advise their client that, oh, yeah, this is a way to get rid of something that might come back to bite us. Because the moment you have that thought, you're engaging in basically criminal conduct.
So the routine operations of systems has to strictly be for the business purposes of keeping your IT systems running."
Where this differs from the "safe harbor" provision (IMO) is that some companies *routinely* engage in the intentional destruction of electronic documents. Last week I had some confidential records for a client, and when I was done with them, I deleted my copy as a routine IT practice: don't store confidential data any longer than necessary. My client has the data, so I don't need to retain it; even if I need it again later, the risk of someone walking away with my laptop *far* outweighs the convenience factor of holding onto the file. When documents are deleted for security reasons, this amounts to intentional deletion for the express purpose of denying access, and *might* be viewed rather harshly under the safe harbor guidelines.
Microsoft cheerleader, blue flag waving, you got a problem with that?
A quick review for those not familar with "trusted" computing. The hardware uses digital signatures to enforce running an approved BIOS only, which in turn enforces running an approved OS, which in turn will only run approved applications. Documents are encrypted, and the approved applications can phone home to determine whether you are allowed to read a document. If the document is on a delete list, it is immediately erased. Microsoft Media Player already implements this system - except for the hardware enforcement. Microsoft Office is next. Evil Media companies, and Microsoft, want to make the hardware enforcement required by law on all computing devices.
In the not too distant future, having obtained a copy of an incriminating document, you could keep it stored on a banned Linux system running on illegal hacked hardware, and given Microsoft's expertise with security, probably crack the encryption in a reasonable amount of time due to some stupid design flaw (e.g. random seed for session key is derived from Document time stamp). However, the resulting evidence would not be admissable in court. So stock up on tin foil hats.