White House Says Hard Drives Were Destroyed

wanderindiana brings us an update on the White House missing emails mess, which we have discussed before. It seems the hard drives of many White House computers are gone beyond the possibility of recovery. Is it unusual in your experience for, say, a corporate IT department to destroy hard drives by policy? "Older White House computer hard drives have been destroyed, the White House disclosed to a federal court Friday in a controversy over millions of possibly missing e-mails from 2003 to 2005. The White House revealed new information about how it handles its computers in an effort to persuade a federal magistrate it would be fruitless to undertake an e-mail recovery plan that the court proposed."

No it is not usual

[Spiked_Three]

"Is it unusual in your experience for, say, a corporate IT department to destroy hard drives by policy?"

I worked on some projects involving email at the white house. The system tracks other things includuding gifts and snail mail.

There are very specific rules and laws that must be followed and the million dollar consultants the white house pays to manage this stuff is very aware of those rules and laws.

Any destruction of email by the white house is purely intentional, period.

Re:No it is not usual

[samurphy21]

Is it unusual in your experience for, say, a corporate IT department to destroy hard drives by policy?

During my employ as a contractor with the Canadian Department of National Defence, it was standard for decomissioned (read: hellishly outdated) systems to be stripped of RAM and HD, by policy, before being sold off as a lot as surplus/scrap. The RAM and HD would then be sent to an industrial grade metal shredder at a larger nearby base for destruction.

Granted, this was for workstation systems where no personal or private data was to be stored. Again, by policy. I'm unsure what the policy would be for servers where email was stored. Probably still destroy the physical hard drive, but the final backup tapes are more than likely to be kept under lock and key for eternity.

Re:No it is not usual

[erroneus]

There is a law related to the preservation of all presidential records, however, that should supercede any 'standard' policy. For more information, search for "Presidential Records Act."

This offered excuse does not hold water and should finally put an end to the question about whether or not to prosecute the executive. This is no simple 'mistake.' It was willful and intentional destruction of evidence. And let us not lose sight over what this ultimately comes down to. If you consider yourself to be a patriotic citizen of the U.S., you should be outraged and infuriated at the thousands of U.S. lives wasted at the hands on this administration brought on by an illegal and deceitfully based war. It is no trivial matter to send even a single soldier to face his or her death. And it is certainly no trivial matter when even a single person dies because this president has lied to congress and entered us into a war. Forget that this war has harmed the global economy and the U.S.'s standing in the world and all other fall-out.

If there were justice to be had, it would be in the form of "demoting" our commander-in-chief down to a foot-soldier, put a rifle in his hand and let HIM fight his damned war in person.

Re:No it is not usual

[rucs_hack]

So at what point does the silliness of excuses stop and we start calling "destruction of evidence"?

When the next administration need something to distract the public from their own nefarious deeds.

Re:No it is not usual

[Professor_UNIX]

National Security supersedes the Presidential Records Act. There was likely e-mail on those drives that could've had a massive negative effect on the President and his administration, thus it is in our national security interests to see that those records were destroyed.

Not so fast...

[msauve]

If they are arrested now, they can (and likely would be) pardoned.

Much better to wait a year, when a new administration is in office, and then go after the lawbreakers.

Re:Not so fast...

[Phroggy]

You're joking, right? I certainly hope so. You really think that a Clinton or McCain administration will do anything different from the current one? No, that's why I'm hoping Obama wins.

When he says he stands for change, he's not talking about just the last 7 years.

Re:Banking

[malkavian]

I work in the NHS, and we're required to do two things:
1: Destroy hard drives comprehensively.
2: Ensure that any data on them of a sensitive/clinical nature is kept on a secure backup (in clinical data, for 25 years).

So, yes, destroying hard disks is a common thing. Now destroying DATA.. That's something else altogether.
For sensitive government documents, there is no excuse. Destroying the data can be arrived at through two ways:

1: Incompetence of the IT staff (with the amount of change control in a high profile environment such as high government/clinical, you'd have to be REALLY incompetent, and probably picked up way before this).
2: Someone said "This data is embarrassing. Make it go away.".

I'd say 2 was the most probable.

Not really the point

[Gription]

The IT staff either is malicious or highly incompetent.

Or following orders. They were almost certainly following policy. The complaint here is that the data is missing/destroyed. The data is supposed to be retained by a backup solution. The hard drives are only a 'working area'. Sure the data is stored there while someone is actively using the computer but as soon as it leaves the person's desk it is now a security risk.

The drives should be thoroughly wiped and then recycled or destroyed. That is good IT policy. I run the IT hardware division for my company that supplies and supports customer's computers. When any computer is repaired or replaced the old drive is dated, put into secure storage for a minimum of 30 days, and then DOD wiped, and then recycled or physically destroyed. (The magnets are really good for hanging things on cubical walls.)

The reason our drives are 'aged' for 30 days is because we can't trust our customers to have a good backup. (or ANY backup...) The White House shouldn't have any issues with their backups so they have no reason to retain the drives. This brings us back to the backup question. The rule for a really secure backup methodology is, "Multiple methods of backup, and multiple media". About 10 years ago I saw an article in a trade journal (InfoWorld?) that quoted the statistic that after a catastrophic data loss, 15% of the time the backup method itself is found to be flawed. Having 2 methods of backup would reduce the chance of an unrecoverable flaw to 2.25% which is much more acceptable.

The solution to the White House problem is the judicious use of pink slips. Fire any one who bowed to pressure and allowed this to happen. (or was incompetent enough to allow a flawed backup scheme...)

Re:Not really the point

[Moryath]

Given the amount of security-sensitive or financially-sensitive documentation on the computers, OF COURSE they should be destroyed, or else wiped beyond recovery.

Read your regulations. HIPPA (medical record) regulations alone require the destruction of any data like that using national-security level tools. Either you break the drive itself, you push it through one hell of a magnetic field a certain number of times, or you use one hell of an overwriting tool that makes 16+ passes on the drive to ensure that traces of previous data are completely gone.

This is a non-story, and the only reason it's being pushed time and again is as a kludge to try to attack Bush. I'll admit there are a hell of a lot of reasons to attack Bush (the bribery and scams over illegal immigration/amnesty alone!), but this one isn't it.

Re:Not really the point

[KenSeymour]

Unlike HIPPA, which requires destruction of data, the White House is subject to the various laws mandating the preservation of all presidential records.

This includes the Presidential Records Act of 1978. This states that upon leaving office, white house documents become the property of the government. A different law, the Hatch Act, prohibits federal employees from engaging in partisan political activities.

In order to address the Hatch Act, about 88 people who work in the White House were given separate computers purchased by the Republican National Committee and given email addresses in the domain gwb43.com, georgewbush.com, and rnchq.org.

It appears that White House staff consciously used the political equipment and email for some official business, presumably so that no "paper trail" would be left behind. Indeed, instead of a paper trail, in each case, the investigators requested relevant emails
but it was found that those emails were handled on the RNC machines and thus were destroyed.

So part of the legacy of the Bush Administration is a blueprint for obstruction of justice.

I disagree that this is a non-story. I worry that this will now be added to the toolkit of future administrations. Every administration will thinks it knows best for the country and some will want to get around all these pesky laws.

Re:Not really the point

[jackpot777]

HIPAA states that medical records must be held for years. Even after a patient dies, records could be audited up to two years after a patient's death.

http://www.hipaadvisory.com/regs/recordretention.htm

There are many policies that facilities will be required to have based on the new HIPAA regulations. Facilities should consider having a policy that specifies how long to retain or keep the medical records. These are known as retention periods. Many states have their own state specific law. Many hospitals and other facilities have one policy that lists all records and documents in their facility and not just medical records. According to the proposed privacy regulation, documents relating to uses and disclosures, authorization forms, business partner contracts, notices of your information practice, responses to a patient who wants to amend or correct their information, the patient's statement of disagreement, and a complaint record must be maintained for 6 years. (See 64 Fed. Reg. 59994). This is the federal statute of limitation for civil penalties. (42 CFR Part 1003). It is the amendment why hospitals and other health care providers maintain medical records as well as billing records on Medicare (Title XVIII), Medicaid (Title XIX), and Maternal and Child Health (Title V) for at least 6 years. Records must also be retained for two years after a patient's death under HIPAA. The Medicare Conditions of Participation, section 42 CFR 482.24 (b), states that all hospitals must retain medical records in their original or legally produced form for a period of 5 years.

Disclaimer: I am a document specialist for a company that itself specialized in business processes for major Part C and Part D health providers. So I know this stuff.

So having you say this is a non-story, based on you citing that records must be adequately destroyed without first stressing that those destroyed records had to be on file, and available at a moment's notice, for YEARS, is disingenuous at best.

It's a story PRECISELY because of th amount of time the records HAD to be retained.

http://www.washingtonpost.com/wp-dyn/content/article/2008/01/21/AR2008012102070_pf.html

The administration's e-mail policies have been repeatedly challenged by lawmakers and open-government groups, in congressional hearings and in court. Two groups, the National Security Archive and Citizens for Responsibility and Ethics in Washington, have accused the White House in lawsuits of violating the Federal Records Act because of what they say is its failure to preserve millions of e-mails, a charge the White House rejects.

The White House's record-keeping problems have thrown new attention on a gap in statutory language covering the retention of presidential records.

"If it is a presidential record, then it does need to be retained. It doesn't matter what the format is -- e-mails can be records," said Susan Cooper, a spokeswoman for the National Archives and Records Administration. But the agency has no power to intervene if an administration is not preserving presidential records, inadvertently or not, Cooper said.

The law governing nonpresidential federal records is stronger. The National Archives can demand an explanation from any federal agency that it suspects is mishandling records, and it can request a Justice Department probe. Private parties can sue to force compliance with federal records laws, but not the presidential-records statute.

So what happens if a probe is launched? Well, thanks to Sarbanes-Oxley (and the fuck up that was Enron, with BushCo's friend Kenneth Lay), Chapter 73 of USC18 (United States Code 18, Obstruction of Justice) was beefed up. Specifically Section 1505.

1505. Obstruction of proceedings before departments, agencies, and committee

Re:A way to check...

[SL+Baur]

Name the last independent President. William Howard Taft http://www.whitehouse.gov/history/presidents/wt27.html

Dumped by his handlers when he refused to be a typical President and was replaced by Woody Wilson who blessed us with the Federal Income Tax, the Federal Reserve and after running as "The President who kept us out of war", gave us World War I.

It's very sad that we have to go back a hundred years to find an honest President and I guess that proves your point.

Re:A way to check...

Most people who want power want it for a personal reason. They believe they are right, they are better, they can do better.

Let's be honest: I look at the current administration and I'm quite sure I could do better - and I'm an anonymous troll typing this post with my dick.

2000 version of the Nixon tapes

[spineboy]

I'm fairly sure that a lot of damaging info to the current administration would be found on those drives.

Privacy for ordinary citizens is a right, but our officials that WE ELECT, their job is our business and we should have the right to know what they do. If they've done nothing wrong, then why hide anything. This does not apply to citizens on ordinary, routine matters e.g. we should not have to voluntarily have our cars searched cause we're innocent.

We elect our officials - they work for us, and therefore need to have accountability.

Presidential Records are Public Records

[soren100]

This is a non-story, and the only reason it's being pushed time and again is as a kludge to try to attack Bush. I'll admit there are a hell of a lot of reasons to attack Bush (the bribery and scams over illegal immigration/amnesty alone!), but this one isn't it. This is either a troll or you're willfully ignorant, but I'll bite.

The reason that this is a huge issue is that the destruction of presidential records is illegal. The Presidential Records Act mandates that all records from the President and Vice President are owned by the public, and that the President is not allowed to destroy any records without specific authorization from the Archivist of the United States stating that the records do not have any historical, informational, or evidentiary value.

There is a great desire on the part of many Americans to impeach Bush for his part in prosecuting the disastrous $2 Trillion+ debacle, the Iraq War, which is currently sinking our economy. Nixon wss easy to impeach because he left a lot of evidence in the form of tapes for his prosecution, but Bush and Cheney are not making that mistake -- they have both had very "convenient" situations where their records regarding among other things the Iraq War planning that have been "accidentally" destroyed.

If the American people were to have more evidence about White House activities, there would be many more people joining Scooter Libby in jail, and we would find out more about things like "ex" gay prostitute Jeff Gannon's entries and exits at the White House .

Re:How they are destroyed

[RobertM1968]

Why not just write 0s or 1s all over writeable area? I mean each and every sector on each track on each platter. Why all the grinding and shredding? Unless it is somehow possible to recover WIPED data, it should not be neccessary..

It is possible to still retrieve the data. A hard drive never, ever, ever has a zero or one written on it. Instead (if I can accurately sum this up in a non-technical way that doesnt invalidate my answer), it has a close to "0" or close to "1" written. Much like how certain electronic chips (that lets say are +5 = on, 0 = off) arent truly at +5 or zero. A "threshold value" is used to determine on or off.

In the case of hard drives, assuming "0" and "1" are the desired results, a zero gets "written" to the disk (which ends up being a .0020919) or a one gets written (which ends up being a .98298329) - gotta remember it's not an actual number written - it's something that (loosely) corresponds with a voltage/magnetic resistance that indicates 0 or 1 when compared to a threshold... thus .1 or less may be 0, .9 or more may be 1, and anything inbetween indicates errors.

The government (various parts - the requirements vary) mandates multiple wipes, because there are recovery tools out there, that by reading the actual magnetic/electrical value can interpolate what the data was after a single wipe. The reason apparently being, setting from "1" to "0" (or vice versa) leaves enough of the residual one to determine it was a one.

Thats (I can guarantee you) a very poor attempt at explaining it, but the basic theory behind what I am trying to say is correct...

A better idea would be to read up on it for a better explanation...

http://en.wikipedia.org/wiki/Data_remanence

Data remanence is the residual representation of data that has been in some way nominally erased or removed. This residue may be due to data being left intact by a nominal delete operation, or through physical properties of the storage medium.

Scroll down the article to the section on "The Gutmann Method" to see why (a format is not acceptable means of wiping a drive).

A key point to this discussion is that "as of Nov 2007, overwriting is no longer a DoD-acceptable sanitization method for magnetic media. Only degaussing or physical destruction is acceptable." (Wikipedia)

This I find interesting timing, since it coincides with many requests for info and/or discovery of such info - that now, the DoD requires to be non-recoverable...