Slashdot Mirror
Boston City Government Discovers Email Retention
An anonymous reader writes "The Boston Globe, covering a battle to unseat the 16-year incumbent mayor, has found out that the city has no email retention policy. A city official who receives hundreds of emails a day was found to have only 18 emails in his mailbox. The city has enabled journaling on its Exchange server in response. The Globe also notes that they had to curtail requests for emails under the Open Records law because for each mailbox, 'City officials estimated they would charge $5,000 for six months worth of email.'"
Yes, I know where I am, but if you'd RTFA:
To fight the war on terror, stop being afraid.
Alarmed by the deletion of e-mails that could have contained potentially significant information, administration officials recently instituted a new electronic document retention policy and temporary âoejournalingâ(TM)â(TM) program, to keep copies of every e-mail sent and received by every city employee.
Considering all the news about politicians and their "extracurricular activities", I just had this image of a bunch of emails that were sent and received from escorts and 20 something year old girlfriends or boyfriends. Meaning, they are hiding something and that's why they're deleting them.
Yes, I am very cynical when it comes to politicians.
It's NOT me! It's the meds! I'm on 1000mg of Fukitol.
In the recent debate he claimed there was no evidence he was corrupt. I guess this show's it's 'cause he deletes most of it...
When confronted with the fact that he sold city property to two of his friends for really cheap, he said that it was "only two out of hundreds of deals". I guess it's OK to break the law if you only do it a couple percent of the time?
Best part? He's going to win again.
Seems to me that the bigger the city, the more stupid the voters are...
The real problem is is that law makers (and enforcement) often think themselves above the law. They made/enforced it, so can change/ignore it. Worse, the punishments for such violations is almost always minor. "Whaddyou gonna doo 'bout it?"
A simple answer is to charge felony "obstruction of justice", and have the felony provisions remove from office. This is highly unlikely to happen for reasons of "good buddy" through to not causing excessive fear in the bureaucracy.
Everyone raise their equivalent electronic hands who thinks the City of Boston is going to increase manning for the IT staff to accommodate this increase in workload, scope, and new technology implementation?
No hands. Sucks to be an IT admin for the City of Boston about now.
Every mans' island needs an ocean; choose your ocean carefully.
In the county government (not in Massachusetts) where I work, there is no standard policy. A draft policy was circulated not long ago that would mandate a standard retention policy of 90 days. Some agencies have different policies by law (child support must hold onto e-mail for I think five years, and the district attorney and public defender's offices must keep case-related e-mail in perpetuity), but the 90-day cap was allegedly intended to balance discovery and e-mail storage requirements. Part of the policy suggested that PSTs, forwarding to other e-mail accounts, and saving messages locally should be disabled; the response from one agency was that they should prepare to start spending more on printers, because a lot of material was going to end up in hard copy, especially for those of us working on projects that can take as much as three years to complete. AFAICT, no IT staff were consulted before the draft was written.
You can never go home again... but I guess you can shop there.
Being from Massachusetts myself, I can tell you that Tom "Mumbles" Menino likes to run a tight ship. When someone who works in his office is found to have voted against him, they are fired. It's happened to people who've been working in the Mayor's Office for as long as 20 years. He's a scumbag and needs to seriously get out of the job of ru(in)ning the city.
Thing that gets me is... every re-election, all of Boston's firefighters would throw their weight behind him in support of his bid to run again (despite his promise to only hold office for 4 years when he first ran) and always help him get elected again. Then he does the same thing to them; breaks the promise of newer and better contracts for those brave men and women who fight fires. This year, however, they've apparently woken up and are supporting challengers.
Working in archives as a historian in the past five years, I can tell you that email retention is just the tip of the iceburg. Many, many times I spoke with officials who told me that all of the "old" files I needed were "on the website." I was looking for files and forms produced in the 1990s and 2000s. Very frequently, the files were not "on the website" where they should have been. They were overwritten, or lost in a website redesign, or they were never online to begin with. Sometimes, I could find the file I wanted by using the Internet Archive, but more often, the files were simply lost.
I think the period between 1995 and 2015 will be remembered as a dark age for recordkeeping of all kinds.
Since 1930, every mayor of Boston has been a Democrat.
http://en.wikipedia.org/wiki/List_of_mayors_of_Boston
"The average reporter we talk to is 27 years old......They literally know nothing." - Ben Rhodes
The attitude of an entrenched incumbent like Menino is: I've been here long enough to know what works, the systems are working for me, and nobody important (e.g. governor, head of teacher's union) has raised this issue to me face to face, so there is no need to review or upgrade anything. He'll spend the city's money on stuff where he sees a direct political or personal payoff.
For example: a couple years ago he commissioned an architectural study for a brand new city hall on prime waterfront property, because the current building is often mocked for its idiosyncratic architecture. I'm sure he smiled every night as he thought of tourists from around the world looking up at the gleaming "Thomas M. Menino City Hall". Guess who would be picking up the tab. (The project is currently on hold because of the recession).
The advantages of incumbency are huge. The mayor controls the city's resources and can withhold them from the districts of city councilors who publicly oppose him; and of course, he can fire anyone who works for the city of Boston who creates problems for him. He's got his name prominently displayed on every development project in town ("Getting the job done... Thomas M. Menino, Mayor"). Thus, the arc of his tenure has been about consolidation of power and marginalization of potential opponents. Also, the newspaper business has declined for the past ten years or so coinciding with the rise of the Internet, so newspapers have fewer resources to spare on investigative journalism. Of course, all this is not unique to Boston, but applies to most any long-time incumbent mayor.
So what? It shouldn't be left up to the end user to decide whether the email should be retained or not. Who's to say that a message titled, "Here's the $20k bribe for the big dig contract" doesn't contain spam or other "completely inconsequential information"?
How can it possibly cost $5000 to retrieve six months of email? Does this include hiring scribes to transcribe the mail onto parchment scrolls?
Seems to me that the bigger the city, the more stupid the voters are...
You obviously don't understand how machine politics works. Voters are not dumb:
1. individuals allied with the incumbent receive substantial benefit and thus vote for the incumbent
2. those who are not allied are systematically disenfranchised
It's not a matter of dumb/smart, it's a matter of organized/unorganized. Those who are organized (the incumbent) wield significant power to ensure that those without power have difficulty organizing (and thus threatening their power).
Are you kidding? Between Facebook, YouTube, Twitter and Bog Knows What Else, there is so much crap out there that historians will spend lifetimes perusing through 'information'.
And the best part about it is that you don't have to be stuck in some drafty basement near the "Beware of Leopard" sign. You can do all of your 'research' in the comfort of Starbucks or whatever wifi connected place your heart desires. The volume of information will dwarf what the generations before had to work with. Nearly unlimited bytes of data. A field day.
Oh, you wanted useful stuff. Sorry. My bad.
Faster! Faster! Faster would be better!
Like, "Would you like twenty thousand dollar dressing with your Big Dig salad this Friday for lunch?"
I fail to see why it's relevant that an individual end user had only 18 emails when he receives hundreds daily. I would love to have this individual in my organization, less chance of corrupt Outlook .pst files and less to backup from the workstation. Retention policies should have nothing whatsoever to do with what recipients retain in their local mail stores. Retention, compliance, and backup policies are enforced at the server.
The state house (Where they do their business) has a inappropriately (or appropriately name) entrance on the side. It's called "The General Hooker Entrance". (And no, I'm not making that one up. Just google it.) Here's a photo link http://www.madspedersen.com/photos/1267_large.jpg
Did you know 80 to 90% of the moderators on slashdot wouldn't recognize a troll even if one dragged them under a bridge.
must be nice to live in a world without SOX!!
At corporations, ALL non-spam email must be kept for every employee... even the delete stuff for a certain period of time BY LAW. Spam is usually an exception because it's deleted by an automated process BEFORE the end user sees it... hence no action was ever taking on it. Everything else must be retained for 2,7,10, or more years.
I'm not convinced that all the data stored on social media will be around in 10 years time, much less 5 years. Look at the track record: Geocities is being deleted as we speak. Does Friendster have data from 2004 still archived and ready for viewing in 2014? How many thousands of Myspace profiles from early 2009 are already gone? Data on the internet is inherently temporary. I think maybe a decade from now we'll have accepted this problem and worked out some kind of new data retention solution. Until then, we're throwing away all sorts of records that we used to keep.
it's not about IT staff it's about what the business and lawyers need.. sorry. At my company we had a 90 day retention for email inboxes and after that it had to be filed in "retention" folders with the purpose marked or in the case of sales, they probably printed the materials out and put it in a physical file folder for contract purposes.
The 90 day camp is cute and common because people think by deleting everything they're spared discovery/FIOA requests.. but that's very not true. If a project takes 3 years then the entire correspondence must be kept for the 3 years, plus the historical period after the project is done. Electronic cleanup doesn't exempt you from discovery or FIOA requests for information you are obligated to keep. Filing stuff in paper means that a clever lawyer can compel the court to shut you down while they dig through your file cabinets for information..and it automatically puts you in contempt-of-court should a judge order 91 day old emails produced (like what's going with Apple vs. Pystar)
And when facebook closes down in 2014? They have no retention policy, they have no open file formats for exporting to archivists.... when they go bankrupt and the power company turns out the lights that information's just gone. Poof.
It's all electronic and there are no mandates to keep information in useful formats. If they're following Google's model then they don't even keep "backup" tapes they just keep information in three or more redundant parts of their cluster when one box fails they trash it and install a new node that rebuilds. When the bills stop being paid and the system is farmed out for scrap pieces those RAIDS full of data are totally useless.
No one ever said that a firefighter had to be smart. All that is required is that he is ballsy, understands how fires work, how to control fires, and is able and willing to obey orders.
I speak as a graduate of the U.S. Navy's finest fire fighting training. ;^)
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Does it reasonably cost $5000 in man hours to retrieve 6 months worth of emails from one persons mailbox in Microsoft Exchange?
Excuse me - I was certified as an EMT in 1980. Again, you don't need to be exceedingly smart to be an EMT. A certain APTITUDE is required, and moderate intelligence, but not enough to qualify as particularly "smart".
Go blow smoke somewhere else, alright?
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
No one ever said that a firefighter had to be smart. All that is required is that he is ballsy, understands how fires work, how to control fires, and is able and willing to obey orders.
I speak as a graduate of the U.S. Navy's finest fire fighting training. ;^)
With all due respect, Navy firefighters have it easy. All you need to put out the fire is a corkscrew long enough to bore through the hull.
how many pairs of boxer shorts should you own?
You also need to be certified as a First Responder, because quite often you're the first on the scene and that means you're the first to provide medical support. So, yes, firefighters DO need to be smart.
The ability to take training does not imply "smart", at least not in the way I understand the word. In my experience, the average firefighter is just about average in intelligence, or perhaps slightly above-average. A few are very smart, and a few are dumber'n rocks. This seems t'be true in virtually every profession that isn't pure manual labor but doesn't require much in the way of critical thinking.
Yeah... haven't you heard? Laws are for the "little people", not for the all-knowing, all-caring Government.
Generally speaking, employees shouldn't be able to delete email or other communication period. They should be able to remove it from their personal inbox, to prevent clutter, but SOX retention should be getting handled at the server level. Employees shouldn't be handling their own data retention at all.
To fight the war on terror, stop being afraid.
ROFLMAO - good one.
Problem is, when I've sunk my home, my working space, my battle station, my EVERYTHING, where do I put my sorry dumb ass? Oooops!
I'll admit that maybe we do have it easier than civilian firefighters. We drill, and we drill, and we drill. With all the practice, directed by sadistic SOB's in officer's uniforms, there isn't a square inch of the ship that we aren't intimate with. A dozen men on each team with that sort of training means we can handle a lot of stuff that a civilian would walk away from.
But, again, where would we walk to?
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
This number sounds designed to scare off requests to me.
www.voiceofthehive.com - Beekeeping and Honeybees for those who don't.
You said it like it's a bad thing...
Faster! Faster! Faster would be better!
Still think someone's being extra sneaky?
Do what the hardcore recovery people do. Plan it in one log at a time, recover and merge out. (Yes, I've heard of people doing this). Entities journaling this way have to enforce dumpster retention until backup. That way a person can't shift delete away the evidence.
www.voiceofthehive.com - Beekeeping and Honeybees for those who don't.
Ummm.... No. If you did that, you would flood the ship, sinking it. It may not be as big a deal if you're moored to the pier, but if you're at sea, that would be Bad News indeed.
There are some similarities between shipboard firefighting and fighting a house fire, but on shore, firefighters generally don't have to worry about flooding the only thing between them and a very long swim (or worse).
When politicians are involved, everyone loses.
Because of this sort of training, I knew my way around Spru-cans pretty well. You forgot to mention that there are parts of our "home" that we KNOW are hazerdous for any number of reasons, even more so if they are flooded or on fire.
We have to know how to handle different classes of fires AND how to get them under control quickly, without endangering the rest of the ship.
Submariners have other problems to deal with too.
When politicians are involved, everyone loses.
Publicly traded corporations. I work at a 10,000 employee company not covered under SarbOx.
It is cowardly, and a betrayal of whatever it means to be a Jew, to act as a white man
-James Baldwin
You need to be smart enough to not accidentally kill a person - that's a lot more intelligent than 80% of the population, in case your eyes have been welded shut the past three decades.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Jesus Christ, have you ever heard of a joke?
Most of that 80% of the population that is likely to kill a patient is likely to do so out of ignorance - not stupidity.
The most likely scenario for killing your own patient is carelessly moving a patient who has a spinal injury. Given one short semester in a classroom, all but the stupidest can be trained to recognize patients at risk of spinal injury, AND trained to move those patients relatively safely.
Again - I say that high intelligence is NOT required of either a firefighter, or a first responder/EMT.
I wonder how many people of average or even below average intelligence are scared away from these professions by people who assume that high intelligence is required? Granted, an idiot is going to be worthless - no, worse than worthless - in these fields. But, a high IQ is NOT a necessity.
Just average people who can safely operate motor vehicles, handle firearms, cook, and care for children are smart enough to become EMT's, and even nurses and paramedics. Or, firefighters. Or, even cops.
I mean, it isn't like an EMT has to INVENT a procedure or method to save a life. He only needs to apply methods and procedures that other people have invented, and passed on to him, through training. The motor head who can tune his own car up has the intelligence to kickstart a heart - if someone just shows him how, and he cares enough to pay attention.
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
I work in e-discovery technology related to all sorts of email formats, and I think there might be a lot left to be discovered.
With Exchange, when one hard-deletes (shift-delete or delete from "Deleted Items" folder) an email (plain delete is a soft-delete, which only moves the email to "Deleted Items" folder), the email is not __really__ deleted. It's put in the system dumpter/tombstone. Now the default retention policy of such messages on Exchange server is 7 days, so if they have weekly backup, it's pretty easy to dig out those deleted emails.
I guess now they should hire a e-discovery firm and if they have any email backup tapes, I am sure a lot more emails can be discovered.
You need to be smart enough to not accidentally kill a person
Wow. That really is smart!!
Spam is usually [...] deleted by an automated process BEFORE the end user sees it
holy hell, i have heard of this mythical land but i never knew it to be true!
I'm an actual municipal IT critter in Mass, though from a teeny tiny town that barely warrants the one full time IT position I fill. It would be great if the Sec of State could cite this two year rule somewhere in the Mass General Laws or his office's edicts on email retention because all previous guidance from the state has been that email follows the same retention requirements as other documents, which generally means that only official materials like a meeting agenda need to be retained. (The state's guidance also clearly indicated that any retained emails need to be printed out and not retained as email.) The last guidance I saw was also that email was a format, not a document type. You based retention on what was in the contents of the email, not on the basis of it being an email. The other side of that is that almost any sort of actual policy communication in email is not allowed at all because if a majority of committee members communicate in email or any other online format, it constitutes a meeting subject to open meeting laws which means it needs to be formally posted ahead of time. That formal posting, signed by a committee secretary and stamped by the town clerk would be an example of an official document that would have to be retained. But requiring a physical signature guarantees that it isn't applicable to email.
But any non-trivial employees is dealing with multiple types of email. My boss may deal with contracts for purchasing software such as terms and conditions and those are mostly sent via email now days. You may have HR reports under a different retention. You may have environmental/insurance/osha reporting forms that you need to keep record of emailing to the appropriate officers, etc. Some things have to be kept for 5 years, some "forever".
You are correct that the server handles the actual retention but the user still has to file/identify it appropriately in the first place or it gets the "default" treatment.. which could cause problems.