Slashdot Mirror


Proposed Federal Rules On E-Document Destruction

runner345 writes "The Federal Advisory Committee on Civil Procedure is evaluating a series of 'e-discovery' rules that will change the way litigation handles electronically stored information for the federal courts. Included in this is proposed Fed. R. Civ. P. 37 which would exempt parties from sanctions for electronic evidence destroyed in a 'routine operation of the party's electronic information system.' Microsoft and other technology heavy-hitters have strongly backed this safe harbor because it judicially validates electronic document retention policies (perhaps the most effective Orwellian misnomer for outright document destruction). If you thought it was hard to get incriminating documents from the tech industry now, think about what this rule will do to a plaintiff's chances. You can get the proposed rule here (when their site works) and read what Microsoft and Intel have to say about it here. You can also read my law school thesis on the topic (still only in draft)."

29 of 147 comments (clear)

  1. Simple! by sandstorming · · Score: 4, Funny

    Destroying E Documents for dummies... Place on Hard Drive Give Hard Drive to 3 year olds with knives Tell then there is candy inside.

    1. Re:Simple! by deutschemonte · · Score: 5, Funny

      Or...
      Install Windows, place on hard drive, give an open internet connection three days to install candy inside.

      --
      The preceding message was based on actual events. Only the names, locations and events have been changed.
  2. document rentention policies by alatesystems · · Score: 4, Insightful

    We already have electronic document retention policies, and we do get rid of things on a regular basis. I don't really understand what this rule would be for, except to validate practices already in place at almost every major company.

    The submitter makes it sound like it's horrible for the plaintiff, but would we really want to live in a world where we have to keep every single file forever? I think not.

    1. Re:document rentention policies by natrius · · Score: 5, Interesting

      The submitter makes it sound like it's horrible for the plaintiff, but would we really want to live in a world where we have to keep every single file forever? I think not.

      Do we really want to live in a world where there is no such thing as electronic evidence, since anyone can just say, "oops, it got deleted in the routine operations of my business... last night." I think not. See Burst v. Microsoft.

    2. Re:document rentention policies by corporatemutantninja · · Score: 4, Interesting
      Actually, I do see a change. And this applies to rules about paper, email, and now IM retention as well.

      All that currently happens is that companies avoid putting anything potentially incriminating in writing. "Call me about this," the email says. So companies spend huge amounts of money ensuring "compliance" with retention laws, plus they are unable to get all the efficiency out of communications technologies that are possible because they still end up having the important conversations in person, and we still can't prove anything in court. What's next? Require companies to record and save all phone calls? The ultimate step will be when we don't allow people to have off-record conversations:

      CEO: "What do you think, Phil?"
      CFO: "I don't think the [FLUUUUUUUSSSSSHHHHH] shareholders will suspect a [ZIIIIP!] thing."

      Retention requirements are a huge ball-and-chain for companies without fully addressing the problem they are intended to solve.

      --
      Actually, I was trying to be Insightful, not Funny.
    3. Re:document rentention policies by Generic+Guy · · Score: 2, Insightful
      burst got $60 MM. What's your point?

      The point is that Microsoft claimed they didn't keep the files and messages for the Burst case (a strange 18-month "black hole" in their email records) after claiming in another case that they kept everything. This self-incrimination is the only thing that managed to help Burst.

      --
      { - Generic Guy - }
    4. Re:document rentention policies by Spad · · Score: 3, Insightful

      As it stands, there's nothing to stop a company from doing exeactly the same with paper documentation; "Oops, it got shredded in the routine operations of my business...last night".

    5. Re:document rentention policies by mccoma · · Score: 2, Informative
      But, surely, it simply scales linearly.

      No, you gotta count the number of connections. Businesses have a lot more e-mail then your average person. Not to mention the automatic stuff sent by programs and systems. Throw in the attachments and other fun things and you get a nightmare. The cost isn't trivial and it adds to the administrative overhead. Adding a sudden need to do proper backup (and offsite storage) of what should be transient.

      I understand it for certain industries (I used to work in Clinical Trials and as another poster mentioned that has strict rules). Although, you can use those industries as an example of costs being driven up by the information storage requirements (the cost of I.T. for clinical trials is very high in the US).

  3. How long by Invalid+Character · · Score: 3, Interesting
    If i understand this right then how much of a time buffer would one get before destroying data is considered "destroying evidence"?
    What if your regular clean up procedures begin just after you've gotten wind of a warrent or other legal issue?

    Im sure there are provisions and details about these situations ( IANAL and i dont speak legalese) Can anyone with more knowledge elaborate on exactly what this all means?

    --

    --

    Registered .sig quotient : 1337

    1. Re:How long by ReggaeFire · · Score: 3, Insightful

      As pointed out above, this is no different then the rules governing retention policies for paper documents. For records management people this is a basic function of their job. What this means is that you have a regular cycle (a document "lifecycle") where a document is no longer needed for business use, and it is legal to destroy it. You cannot simply invent a lifecycle and destroy at will once a discovery process has begun (this is what Enron did, and a big reason we now have Sarbanes-Oaxley), but if you already have this automatic process in place (which a growing number of companies do for electronic records), this will keep the lawyers from claiming you are destroying evidence to willfully avoid prosecution (the same rules apply for electronic records as paper ones, you must keep certain records for x amount of years, etc.). This isn't groundbreaking, in fact it's pretty basic and surprising it didn't exist before.

  4. I agree with this legislation by Anonymous Coward · · Score: 5, Interesting

    Broadly, my company "EvilCorp" has a document retention policy, that simply states

    "Don't retain anything incriminating".

    I'm glad to see, government is catching up, with trends set by industry leaders like myself !!

    God Bless America.
    God Bless Corporate Malfesence.
    Death to document retaining, Commie Linux Users!

    Also, it's worth noting.

    We've always been at war, with East Asia !

    [Seriously folks]

    Am I the only one who thinks that government should be requiring companies to move the *other* way?

    Ie, retain, *everything*... absolutely *everything*, why should email/*doc* be an acceptable domain, where, one can simply erase data under dubious circumstances ?

    Because corporation (x) wants it that way ?

    [Aside]

    Corporations are too powerful now.
    Increasingly, law is coming to reflect the interests of Corporations, instead of the interests of countries citizens.

    It's not so absurd to suggest, that.. eventually, the little guy will revolt.

    Think the French revolution, think the American revolution...

    Eventually, when the little guy gets done taking enough crap from those on top... the little guy gives the other the boot.

    In this light, Bill Gates is the King of France.

    "Let them eat Patent-Cake".. etc.

    1. Re:I agree with this legislation by djmurdoch · · Score: 2, Informative

      Ie, retain, *everything*... absolutely *everything*, why should email/*doc* be an acceptable domain, where, one can simply erase data under dubious circumstances ?

      *Everything* is a lot. Do you want every revision of your swap file to be backed up?

      On the other hand, every email you send does seem like a reasonable requirement. But what if your email contains a URL. Should you be required to back up that version of the web page?

    2. Re:I agree with this legislation by MoralHazard · · Score: 2, Informative

      "Am I the only one who thinks that government should be requiring companies to move the *other* way?"

      Um, have you ever heard of a little piece of legislation called Sarbanes-Oxley? Yeah, you might want to check that out before you start assuming you're on a one-man crusade. Corporate ecords retention requirements have only increased over the past 10 years.

      "Ie, retain, *everything*... absolutely *everything*, why should email/*doc* be an acceptable domain, where, one can simply erase data under dubious circumstances ?"

      This would be fine... except for the fact that you'd have to remove the "delete" function from every application on every desktop. If I'm composing emails, and I decide not to send something I halfway finished, do I have to save it? How about drafts from 10-year-old memos? And what happens when you just have too much shit for your hard drives? Preserving EVERYTHING is a pretty goddamned big burden on businesses.

      "Corporations are too powerful now.
      Increasingly, law is coming to reflect the interests of Corporations, instead of the interests of countries citizens."

      Go back and RTFA. These standards have NOTHING TO DO with corporate versus non-corporate entities. We're talking about a rule that applies equally to all parties in civil litigation, whether they're incorporated or not. If you run a small business as a sole proprietor, and you get involved in a lawsuit, this applies to you, too.

      Is slashdot so easy that any pseudo-Marxist anticorporate ranting passes for "informative"?

      "Eventually, when the little guy gets done taking enough crap from those on top... the little guy gives the other the boot."

      Yeah, whatever.

  5. Thesis by Cruithne · · Score: 3, Funny

    There's a good idea.

    1. Post unfinished thesis on slashdot for us to review
    2. Incorporate feedback from users who read it
    3. Profit!!!

    Only problem is.... I dont think anyone is going to want to read it, especially not on a monday morning :D

  6. Excellent by Anonymous Coward · · Score: 3, Insightful

    Every cloud has a silver lining.

  7. the miracle of encryption... by torrents · · Score: 2, Insightful

    use encrypted volumes... when the feds come knocking forget the passwords... there's no law against being stupid... and if there was, i wouldn't know... i'm stupid!

    --
    Get your torrents...
    1. Re:the miracle of encryption... by stry_cat · · Score: 2, Informative

      There sure is. It's called obstruction of justice. and after the judge orders you come up with the password it is called contempt of court.

  8. routine, huh? by sugapablo · · Score: 5, Funny

    "...which would exempt parties from sanctions for electronic evidence destroyed in a 'routine operation of the party's electronic information system.'"

    So I suppose the following is perfectly acceptable:

    30 0 * * * rm -rf /var/log/incriminating/*

  9. i see nothing wrong with this proposed rule by awb131 · · Score: 5, Insightful

    For instance, under HIPAA and other state insurance regulatory laws, my company is required to maintain all documentation related to a customer file for 7 years. Right now this constitutes about 2 million pieces of paper weighing approximately 14 tons and taking up about 1500 square feet of floor space in my office for filing cabinets. We go through things once a year and toss anything that's older than 7 years.

    When we move to an electronic imaging system, everything will probably fit on to a couple of high-capacity disks. In 7 years, the cost of that amount of storage is probably going to be negligible, so there's no technical reason we couldn't keep things forever. But I'm still going to configure the document management system to toss anything older than 7 years. Why? Because 7 year old information is not useful. The only reason it's there is because of state/federal rules of evidence that require me to keep it around. It's only useful to someone who's suing me, and when those 7 years are up I'm glad to get rid of it.

    One of the things that keeps people from modernizing their filing systems is the fear of losing this "protection," of being able to throw away old information. There's a fear that if you go electronic, it's always going to be "out there" somewhere and potentially a legal threat to you, even if you've done nothing (intentionally) wrong.

    I for one support this rule. And if it seems like a good idea for our small company, imagine how it would seem if you're, say, Citibank.

    This rule is obviously not designed to support policies of "oh, we're getting sued, so I'm going to throw out this particular subset of information related to the lawsuit and try to claim it's a standard practice," because any attorney worth the price of his suit would get me thrown in jail for destroying evidence.

    --
    "There is no night so forlorn, no mood so bleak, that it cannot be infused with pleasure by tender meat..." - R.W. Apple
  10. Establish retention/destruction policies first... by sczimme · · Score: 2, Interesting


    [IANAL but have researched this issue to some extent. No statements I make should be construed as legal advice.]

    Organizations should establish data retention and destruction policies and follow them consistently.

    Suppose an organization has a policy that states that a) all email older than N days will be purged from the server and b) all email must remain on the server (i.e. no local storage of messages). Another party initiates legal action based on an email sent on $DATE and the discovery process begins. If the order comes through on the (N+1) day for the organization to produce its email, the organization will be in the clear because it followed its own already-established policy. However, if the order comes in on the (N-1) day and the organization purges older email early, it [the org.] will be in hot water.

    However, the organization must be sure that it includes all sources of this information. Does the site backup/restore policy parallel the 90-day destruction rule? Many sites pull a set of tapes/media from the rotation once a month or so and put it aside for archival purposes. If the site policy is to destroy email but the backup tapes are available...

    IIRC this was a serious mistake on the parts of Enron and Arthur Andersen: they had no such destruction policies in place and began deleting sensitive items only after they knew proceedings were about to begin.

    --
    I want to drag this out as long as possible. Bring me my protractor.
  11. Too Much STUFF! by Hasai · · Score: 5, Insightful

    Y'know, judging from the submitter's slant on this, I would guess he's never had to maintain multi-gigabyte document repositories bursting at the seams with obsolete documents. Nor, I suspect, had to restore and rebuild five years worth of old email databases just to satisfy some little ambulance-chaser's fishing expedition.

    Bah.

    --

    Regards;

    Hasai

  12. Re:Amen by GigsVT · · Score: 2, Interesting

    The last thing I want is some asinine law that manadates the retention of every stupid file for ten years.

    Yeah, this one is funny.

    ---
    "Reasonably Accessible" The term often means information that the party itself routienely accesses or uses or that is easily located and retrieved. By contrast, information stores only for disaster recovery is generally expensive to restore and is disorganized.
    ---

    That's pretty damn accurate in a lot of companies!

    --
    I've had enough abrasive sigs. Kittens are cute and fuzzy.
  13. Submitter has no idea what he's talking about by jizmonkey · · Score: 4, Insightful
    Clearly this "law student" has never worked at a firm involved in litigation. He's going to need a lot of luck getting that paper published.

    Abuse of American electronic discovery rules is getting worse every year. Defragment your disk? That's a sanction. Copy files from an old computer to a new one? That's a sanction.

    Seriously, the legal rules need to realize that asking for documents not normally accessible is extremely expensive and opens up possibilities for extortion. ("Looks like it will cost you three million dollars to restore and examine these tapes... Why don't we just settle the case for two?") Everything the Microsoft attorney said is true.

    The judges know this, the attorneys know this, the companies know this. The submitter needs to get out in the real world and get his head out of his ass. There's not even an ideological basis for thinking the way he does. It's not like poor people benefit from these rules (who Democrats like to protect) or self-made rich people (who Republicans like to protect).

    --
    With great power comes great fan noise.
  14. Notice from Legal by ajp · · Score: 4, Funny

    Please save every business-related e-mail you receive. And you shouldn't be using work e-mail for personal purposes so please save every e-mail you receive. Thank you.

    Inbox: 41559 messages (41551 read, 8 unread)
    Saved-messages: 4154854884569842455 messages
    You are usuing 12090% of storage capacity.

  15. some of us do, you insensitive clod! by RMH101 · · Score: 4, Informative

    i work in big pharma, and for a lot of our systems we *do* have to do this. legally, we've got to keep data for clinical trials for *twenty five years* after the patentable lifetime of a drug. not only that, but we've got to figure out a way of archiving complete systems for that long. suffice to say, it's really, *really* expensive...

  16. Context of the proposed rule: what's required now by Brian+See · · Score: 4, Informative

    I think some of this discussion is lacking in context.

    First, if you destroy evidence after the lawsuit gets filed (or when you enter the grey zone of when you "reasonably anticipate litigation"), you have just committed spoliation of evidence. While this makes intuitive sense - the rule prohibits a defendant from having a "shredding party" the day after a lawsuit gets filed - it becomes problematic as definitions of what constitutes "evidence" expand.

    Active emails? Check. Files on network servers? Check.

    Backup tapes from last night's cycle? OOPS. Yes, several court decisions /orders have taken parties to task for failing to suspend routine overwriting of backup tapes. Taken to the extreme, this means that once you get sued, you can't overwrite any of your backup tapes.

    Updating databases that might result in some data (i.e., last accessed, last modified) being modified? Uhoh, better take a snapshot of that database.

    Are your server logs at issue? Uhoh, better suspend rotation of your server logs.

    Hey, when you TURN ON your desktop, aren't you overwriting some cache space and slack space, that might make recovery of deleted files impossible? Guess what? If the other side wants to do a forensic examination of your machines, you can't even continue using them without taking a bit-by-bit image.

    And by the way -- if you miss any bit of this data, you get sanctioned. Monetary sanctions, or an adverse inference ("we don't know what was on that tape that was destroyed, but you can ASSUME it was bad!"), or even a default judgment. Yes, electronic discovery can turn into a game of "gotcha".

    Think how expensive this is for a small shop with just a handful of machines. And then think what's involved for a nationwide company with, say, 80 far-flung locations and company databases.

    See the problem?

    The "safe harbor" to Rule 37 says that you don't sanctioned for failure to preserve information lost from ROUTINE operation of a system UNLESS THE LOSS WAS INTENTIONAL OR RECKLESS. The "reckless" hole is very large, admittedly. But the rule attempts to bring some sanity to some of the broad-reaching data preservation games being played today.

    Also, note that a court can order a party to take steps above and beyond what the proposed Rule 37 requires.

  17. I am from tech industry by mi · · Score: 2, Interesting

    And I'm damn glad, it will become harder for litigious bastards to blackmail me into giving them access to my data...

    --
    In Soviet Washington the swamp drains you.
  18. Check the actual testimony. by CDarklock · · Score: 2, Informative

    (IANAL, but I spent a few years writing software for a legal company.)

    Found in the Microsoft testimony:

    "One of the better comments I think that was submitted to you was from somebody who does a lot of employment class action litigation. And she expressed that very concern. She also cited a few statutes, like Title 7 and maybe the Wage and Hours Act in the employment area, that very specifically tell companies what they must keep and what they must not.
    And I bet those statutes also provide penalties if they are not kept. And I'm pretty sure that they provide -- is it ten to twenty years in prison for the intentional destruction of documents? I mean, I think it would be insanity beyond belief for anybody, any serious lawyer, to advise their client that, oh, yeah, this is a way to get rid of something that might come back to bite us. Because the moment you have that thought, you're engaging in basically criminal conduct.
    So the routine operations of systems has to strictly be for the business purposes of keeping your IT systems running."

    Where this differs from the "safe harbor" provision (IMO) is that some companies *routinely* engage in the intentional destruction of electronic documents. Last week I had some confidential records for a client, and when I was done with them, I deleted my copy as a routine IT practice: don't store confidential data any longer than necessary. My client has the data, so I don't need to retain it; even if I need it again later, the risk of someone walking away with my laptop *far* outweighs the convenience factor of holding onto the file. When documents are deleted for security reasons, this amounts to intentional deletion for the express purpose of denying access, and *might* be viewed rather harshly under the safe harbor guidelines.

    --
    Microsoft cheerleader, blue flag waving, you got a problem with that?
  19. Combine this with treacherous computing... by CustomDesigned · · Score: 2, Informative
    ...and you can delete any electronic copies that may have been made as well.

    A quick review for those not familar with "trusted" computing. The hardware uses digital signatures to enforce running an approved BIOS only, which in turn enforces running an approved OS, which in turn will only run approved applications. Documents are encrypted, and the approved applications can phone home to determine whether you are allowed to read a document. If the document is on a delete list, it is immediately erased. Microsoft Media Player already implements this system - except for the hardware enforcement. Microsoft Office is next. Evil Media companies, and Microsoft, want to make the hardware enforcement required by law on all computing devices.

    In the not too distant future, having obtained a copy of an incriminating document, you could keep it stored on a banned Linux system running on illegal hacked hardware, and given Microsoft's expertise with security, probably crack the encryption in a reasonable amount of time due to some stupid design flaw (e.g. random seed for session key is derived from Document time stamp). However, the resulting evidence would not be admissable in court. So stock up on tin foil hats.