Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
The Courts Government Data Storage Businesses News IT

Deleting Emails Costs Morgan Stanley $1.45B 312

Posted by Zonk
from the that-was-important-and-i-forgot-it dept.
DoubleWhopper writes "The financial giant Morgan Stanley lost a $1.45 billion judgement yesterday due, in part, to their failure to retain old email. The judge in the case, 'frustrated at Morgan Stanley's repeated failure to provide [the plaintiff's] attorneys with e-mails, handed down a pretrial ruling that effectively found the bank had conspired to defraud' their former client. The CEO of a record retention software company noted, 'Morgan Stanley is going to be a harbinger'."
This discussion has been archived. No new comments can be posted.

Deleting Emails Costs Morgan Stanley $1.45B

Comments Filter:
  • Oh crap! (Score:5, Funny)

    by TripMaster Monkey (862126) * on Friday May 20, 2005 @04:56PM (#12594445)

    From TFS:

    The financial giant Morgan Stanley lost a $1.45 billion judgement yesterday due, in part, to their failure to retain old email.


    I'd sure hate to be the system administrator who dropped the ball there...

    "What do you mean we don't have them archived??? You just cost us 1.45 billion dollars!"
    "Don't worry though...you can pay it back....we'll just dock your paychecks by...say...$1000 per pay period. At that rate you can have it all paid back in a little over 55,769 YEARS!!!

    ^_^

    • Re:Oh crap! (Score:2, Interesting)

      by zxnos (813588)
      of course the sys. admin. could have been told to lose the old email or just not retain it...
      • Re:Oh crap! (Score:5, Informative)

        by TheNumberSix (580081) <NumberSix@simpli ... EL.com_minusfood> on Friday May 20, 2005 @05:08PM (#12594554)
        I freely admit I haven't RTFA, but I read some excellent coverage of this story on wsj.com.

        Apparently, Morgan Stanley came forward, said they had produced all the emails. (time passes) They find some more emails and turn them over. (time passes) The find a closet stuffed with backup tapes and turn them over. (Time passes) Morgan Stanley files a document certifying that they turned everything over. (Time passes) Morgan finds even more emails and turns them over. This causes the judge to get annoyed.

        One of the earlier problems was that Morgan had built a database to house old emails and the first time they were told to turnover emails, a sysadmin who was not in a clueful state just searched the database without finding out how much had already been imported into the DB. (Turned out the DB had only had a small percentage of old emails put into it.)
        • Re:Oh crap! (Score:2, Informative)

          by Valegor (693552)
          I have also read the coverage prior. It was more than a closet of additional tapes. They found 1000 tapes in off site storage.
        • It's posts like this that make me want the "+10 Informative, and mod down everything else" option... Oh well.
      • Re:Oh crap! (Score:4, Interesting)

        by mrbooze (49713) on Friday May 20, 2005 @06:19PM (#12595022)
        Almost certainly it was a corporate policy. My own company has had the lawyers pushing for a couple years no to have mandatory email deletion after only a few weeks, and the previous company did the same. Literally, no exceptions, they were going to force IT to auto-delete anything based on age, and the policy was going to be that if people needed to keep an email they should print it out and file it.

        That pressure from the lawyers stopped not too long ago. I guess we have SOX to thank for that.
        • the policy was going to be that if people needed to keep an email they should print it out and file it.

          Ahh yes, the paperless office....
        • Re:Oh crap! (Score:3, Interesting)

          by plover (150551) *
          We have a similar corporate policy, and it's frustrating as hell. I keep emails from the analysts that have important notes regarding projects, and they get auto-deleted after 30 days. It's really tough to work under such stupid conditions.

          I hope this SOX-enforced change comes quickly -- then I can quit violating company policy ( because I'm auto-saving everything with a home-built scraper :-)

    • Re:Oh crap! (Score:3, Funny)

      by RuneB (170521)
      "I know! If we use gmail we'll never have to delete any email ever again! And we can then search old emails more easily!"

      "Whaaaat? But we don't want it to be that easy to search old emails. You're fired!"

    • Re:Oh crap! (Score:3, Funny)

      by nizo (81281) *
      Luckily the sysadmin is also the one who backs up/admins the financial database. Wow lookie here, the sysadmin just gave himself a $1000/month raise.
    • Re:Oh crap! (Score:2, Informative)

      by poot_rootbeer (188613)
      "What do you mean we don't have them archived??? You just cost us 1.45 billion dollars!"

      Knowing the financial industry as well as I do, I wouldn't be at all surprised to heat that the executives that failed to create a defensible email retention policy really will end up hanging all of the blame on some poor system-administrating underling who had just done exactly what he had been told to do.
    • Idiot (Score:5, Insightful)

      by pyite69 (463042) on Friday May 20, 2005 @05:10PM (#12594575)
      where are my moderator points when I need them.

      Most companies purposefully choose short retention policies, in an attempt to avoid these kinds of settlements... it isn't a sysadmin's fault.

      The theory was that this would let them discard old emails without having it be intentional obstruction of justice. I guess that theory will be out the window now.
      • it isn't a sysadmin's fault.

        And just what makes you think that the blame that hits the aformentioned sysadmin will be in any way a function of fault?

        where are my moderator points when I need them.

        I think you may have failed to notice my ^_^ that I tacked onto the bottom of my original post. See what it says after 'Score:' up there? That's pretty much what I was going for.

        Try to take yourself a little less seriously.
      • by shanen (462549) on Friday May 20, 2005 @05:29PM (#12594735) Homepage Journal
        What actually strikes me as interesting about this is the battle for control of reality and truth. As you noted, many companies want to delete email quickly, but you ignore the question of why. If they are only doing good and honest things, then (you would think) they should be delighted to be able to conclusively prove their innocence. Yet they want to delete the email?

        Aha! Maybe they aren't so innocent, and the email tends to reveal their real intentions and actions.

        Point one: You can't make a lot of money by being completely and absolutely honest. Just how much a "lot" means is subject to debate. The original quote was $1 million, if I recall correctly, but that isn't so much money these days, so I think it would sound better with $1 billion.

        Point two: I don't really blame them for going along with the modern trend. Look at the political leaders we have these days--and their popular support. I think Cheney is the No.1 poster child for corporate corruption. A few years of government "service", then he goes to Haliburton and rakes in the big bucks, then goes back to politics and starts an unnecessary war that "purely coincidentally" throws billions of dollars back to his old company--which is STILL paying him deferred compensation. However, he'll be back in business before the government has to try and pay the piper. If he lives so long, I'll have to count it as evidence against the existence of a just God. I really think a just God would have thoroughly smitten Cheney a good while ago.

        You'll note that BushCo is also very eager to control their little secrets, and I'd bet they'd be delighted to erase all of their email, too. The next interesting question is whether or not they can do it, given the state of modern technology. How can they make sure someone hasn't burned a CD that contains the truth?

        • by jskiff (746548) on Friday May 20, 2005 @05:40PM (#12594806) Homepage
          I think Cheney is the No.1 poster child for corporate corruption. A few years of government "service", then he goes to Haliburton and rakes in the big bucks, then goes back to politics and starts an unnecessary war that "purely coincidentally" throws billions of dollars back to his old company--which is STILL paying him deferred compensation.

          I hate to defend Dick Cheney, but saying he only has a few years of government service under his belt is flat-out false.

          ==
          His career in public service began in 1969 when he joined the Nixon Administration, serving in a number of positions at the Cost of Living Council, at the Office of Economic Opportunity, and within the White House.

          When Gerald Ford assumed the Presidency in August 1974, Mr. Cheney served on the transition team and later as Deputy Assistant to the President. In November 1975, he was named Assistant to the President and White House Chief of Staff, a position he held throughout the remainder of the Ford Administration.

          After he returned to his home state of Wyoming in 1977, Mr. Cheney was elected to serve as the state's sole Congressman in the U.S. House of Representatives. He was re-elected five times and elected by his colleagues to serve as Chairman of the Republican Policy Committee from 1981 to 1987. He was elected Chairman of the House Republican Conference in 1987 and elected House Minority Whip in 1988.
          ==

          From Whitehouse.gov [whitehouse.gov]
        • by Python (1141) on Friday May 20, 2005 @05:56PM (#12594914)
          You'll note that BushCo is also very eager to control their little secrets, and I'd bet they'd be delighted to erase all of their email, too. The next interesting question is whether or not they can do it, given the state of modern technology. How can they make sure someone hasn't burned a CD that contains the truth?

          Simple, this administration has a policy not to use e-mail. No e-mail, no records. No records, no scandals.

        • "You can't make a lot of money by being completely and absolutely honest."

          Then you shouldn't make a lot of money. The end does not justify the means.
        • --which is STILL paying him deferred compensation.

          Which is totally irrelevant because he gets deferred compensation whether he does them favors or tells them to stick a large object in a small orifice.

          GWB doesn't email (for record-retention reasons discussed), and iirc Condi doesn't email too much either. Powell was a big emailer, and Karl Rove is too.

          All companies large and small, and virutally all individuals in their private lives, have done illegal things of all sorts of magnitudes. Ever mow some

    • More like:

      MorganStanley suit: Look, heh, heh, couldn't we have just lost those emails the court wants?

      Morgan Stanley sysadmin: Maybe, if I just got a $1M raise.
    • Not the sys admin (Score:3, Insightful)

      by Synn (6288)
      2 months ago I was in a tech presentation meeting where there was company promoting their email retention software(sat between the world and the email host, saving all the emails that went through in a read only state). It was specifically aimed at recovery for just this sort of investigation.

      The problem wasn't the sys admins, they all saw the need for it, the road block is convincing these companies to buy the needed systems.
    • At that rate you can have it all paid back in a little over 55,769 YEARS!!!

      Would be nice to have that kind of job security... (---office space)
  • by Anonymous Coward on Friday May 20, 2005 @04:57PM (#12594453)
    Only another $39 billion in the bank.
  • Big investment firms like Morgan Stanley are obligated by law to retain lots of records. This is more of an "Almighty Buck" type of story, IMO.
    • I don't know what the law is over in the USA,

      Certainly in the UK, **every** company, big, small, soletrader, partnership, whatever, MUST keep complete financial records for a minimum of six years.

      Is that similar to the USA laws?
      • There are similar laws here. Are emails financial records?
      • by whoever57 (658626) on Friday May 20, 2005 @05:17PM (#12594637) Journal
        Leaving aside your apparent confusion between emails and financial records, from TFA:
        Banks and broker-dealers are obliged to retain e-mail and instant messaging documents for three years under U.S. Securities and Exchange Commission rules. But similar requirements will apply to all public companies from July 2006 under the Sarbanes-Oxley corporate reform measures.
        This document [filescan.com.au] discusses email archiving requirements, including an EU-wide requirement for ISPs to keep copies of emails for 1 year.
      • by Anonymous Coward
        The basic requirement of brokerage firms is to supervise their brokers, and retain records of communication between their representatives and their customers. This has long meant that all written correspondence between a representative and a customer had to be reviewed by a supervisor, and retained for three years (and be readily accessible by regulators for the first year).

        By the late '90s, e-mail was becoming common, there was no consistent approach to rule compliance, and the SEC had to decide once and
  • by COMON$ (806135) on Friday May 20, 2005 @04:58PM (#12594461) Journal
    I deleted an e-mail that gave me $10 off at tigerdirect...dont think I will ever recover.
  • Does this mean that if we want to sell a company a larger mass storage device all we have to do is deluge them with pertinant email with large attachments? How long would it take before they would be forced to upgrade?
    Afterall the best way to drum up more business is with deceptive or dishonest tactics.
  • by Anonymous Coward on Friday May 20, 2005 @04:59PM (#12594474)
    Wow. I can delete mine for free.
  • by TedTschopp (244839) on Friday May 20, 2005 @04:59PM (#12594475) Homepage
    I know that where I work there is a basic 6 month email retention policy, which states that all email will be deleted if it is 6 months old. I have always wondered if and when this will change.

    There is probably an opportunity here for a company to come up with an extension to an email system which will manage keeping old emails. Something which will allow for the catagorizing of unstructured data. That way the system can trash the not to serious emails and keep the 'important' ones.

    Ted Tschopp
    • by Valegor (693552) on Friday May 20, 2005 @05:15PM (#12594617)
      EMC and Veritas have both bought companies(Legato and KVS) that provide not only this type of service, but also single instance storage. If someone sends out an attachement to 50 people, only one is actually put into storage. There are other vendors that have similar products, but these are the only two I have first hand knowledge of. The best practice if you are not legally required to keep e-mail(as financial institutions are by SEC requirements) seems to be a short retention policy. If you do not keep the e-mail then it cannot be used against you. It is also best to enforce the policy because if it is discovered that you have the e-mail then you are required to produce it. Financial industries however are required to keep all electronic communications for atleast 3 years, but that extrends to 7 if the data in question is in litigation.
    • "Compliance" is already a mini-industry with the usual big players and plenty of startups.

      Email is so small that it's cheaper to keep everything.
    • by darkmeridian (119044) <{moc.liamg} {ta} {gnauhc.mailliw}> on Friday May 20, 2005 @05:43PM (#12594827) Homepage
      The Sarbanes-Oxley Act requires all public companies to maintain records for three years. Six months is a problem. What happened to Morgan Stanley, however, is not simply that it failed to keep the records. Rather, it kept on saying that it could not find the files. There is a rather reasonable rule of evidence that says failure to produce evidence in your possession without a reasonable excuse for that failure (like there was a non-suspicious fire, or 9/11) can lead to the presumption that that evidence would have vindicated the position of the opposing party. For instance, pretend a supermarket has a security camera that I claim recorded the store clerk beating me. I want the tape to prove the unprovoked attack. If the store says it lost the tape and the judge believes that this was a pretext for destroying evidence, he may make a pre-trial ruling that the tape would show an unprovoked attack against me by the clerk.
      • The Sarbanes-Oxley Act requires all public companies to maintain records for three years. Six months is a problem.

        Unless the GP's employer is in the financial/accounting field I do not believe this Act applies.

        As long as the retention policy is documented and enforced you can pretty much go as short as you want (unless of course there is a requirement from an outside agency ).

        I maintain the ISO 9000 and environmental compliance documents and records at work so I know a little...
    • This is actually trivial, just pass the email through a program that just dumps the email in a directory and then run a cron job which deletes files older then X amount of days.

      When I was running qmail I did this with qmailscan, when I switched to postfix I did it with maildrop. It's trivial.

      You could also use dbmail to store all your email in a database too.
  • and just didn't serch them after their primary servers were destroyed. I think the problem was in not turing over what they had. Or to but it in lawyer terms the e-mails were "discoverable" (that is avilable in some form and relevant) and were not "produced" (turned over to the other side) http://litsupportguy.typepad.com/litigation_suppor t_guy/2005/05/the_woodshed_re.html [typepad.com]
  • They deserved it. (Score:4, Interesting)

    by bogaboga (793279) on Friday May 20, 2005 @05:02PM (#12594503)
    With hard disks as cheap as they are, and the advanced archiving capabilities of todays' software, I wonder why they would delete these emails except for the purpose of destroying/frustrating investigations.

    Even in a "third world" country I visited recently, they had emails dated 1997, stored on a Slackware box!

    This time, I agree with the US justice system. They deserved it...I am sorry to say.

    • Even in a "third world" country I visited recently, they had emails dated 1997, stored on a Slackware box!

      Trust me, people in third world countries aren't the only ones with 8 year old email messages. Though maybe I can use that info to tease some of my users so they will clean up their mailboxes the next time they whine about how long it takes for their mail client to start up. Then again these are the same users who freak out when I go to empty their trash; apparently some of them store messages they car

      • We have a 300MB cap on our email boxes at work. When it gets full people can't send any more mail and I tell them to delete some of transfer it off the system.
        So I had one user who said "I always delete email and it still says I have to much."
        I took a look on her system and saw that she had decided to use the "Deleted Items" box as a filing system. She had a whole heirarchy of folders in deleted items, nicely sorting her "deleted" mail.
        Is it just me or is "Deleted Items" about the stupidest name? I mean if
    • Our enterprise email system at Local University puts the responsibility of archiving email on the user. This is because it's not so much a space issue as it is a "live" space issue. Keeping accessable the archives of all emails from the past year isn't so big a deal. Keeping accessable the archives for everyone over their entire careers with out institution would be a big deal. (And yeah, for people who write grants, carry out research, and author publications, its usually important to be able to go *al
      • That kind of policy is so far away from being acceptable for a bank or brokerage it aint' funny. With something like a grant (with a very few exceptions) there really isn't very much money at stake so no cares very much.
    • "This time, I agree with the US justice system. They deserved it...I am sorry to say."

      why would you be sorry to say that?

      do you think that all government is out to get you? do you think the justice system as there to hate?

      jeez, people like you just look for things to hate about the American system, then get all pouty when it works.
    • With hard disks as cheap as they are, and the advanced archiving capabilities of todays' software, I wonder why they would delete these emails except for the purpose of destroying/frustrating investigations.

      I'm sure I might have some e-mail from 1997 on some 5.25 inch ESDI hard disc somewhere. I might even have an ISA ESDI controller, and with enough luck, I might and I stress might be able to find a motherboard that will actually use the ESDI controller. And who knows, it might be the right controller
  • by Anonymous Coward
    My old company did not back up email by design. That way if the company was sued, there was no endless searching through back up tapes for something possibly incriminating. When we had a legal dispute, the company lawyers would tell us all to search the email on our PC's for certain works and forward any hits to them.
  • by Cr0w T. Trollbot (848674) on Friday May 20, 2005 @05:04PM (#12594530)
    "...my client will never receive millions of dollars from a Nigerian Prince, nor will he have the larger penis he's always wanted!"

    Crow T. Trollbot

  • Sarbaines Oxley (Score:5, Interesting)

    by Mentaljock (875172) on Friday May 20, 2005 @05:06PM (#12594545)
    (I work at a Bank) Since Sarbaines kicked in, we have to keep a backup of every single file you use for work purposes, not just email. This means archiving every word doc, spreadsheet, database...etc. Starting January 1, they also blocked our access to all external sources of email and external instant messaging clients as well. After seeing this judgement, now I understand why.
    • This fine isn't due to Sarbanes-Oxley. Sarbanes-Oxley (SOX) non-compliance fines don't even kick in for publicly traded companies with a cap >$42million until the end of June, with some companies getting an extension as of may 5th for another 6 months if they use a calendar year for financials. Publicy traded companies with a cap $42million have a longer timeline before SOX is in effect.

      Additionally, SOX doesn't specify what the retention policy is or the length required (with some exceptions re: financ
  • by downsize (551098) * on Friday May 20, 2005 @05:08PM (#12594555) Homepage Journal
    ok being serious (no more shinyfeet plugs), I used to work as an admin where the retention policy was 1 year. however, that just meant you rotated the tapes for 1 year. the email growth rate was very small (even though there was 1,000s each day), it was the files that grew beyond the retention. even the attachments and email boxes with 1+GB were safe, as 20 years of email fit onto a single DLT4.

    granted, MS, er Morgan Stanley is a much bigger company, but I find it very hard to believe that any retention policy would include email, that has got to be their smallest backup.
  • by Eberlin (570874)
    A government entity sends out an all-staff e-mail saying that in order to conserve space, we are to clean out our e-mail. Trash bin should be cleared out, important documents are to be printed out, filed, and then deleted off the system.

    I've always thought that storage was cheap nowadays and that clearing out e-mail boxes was moot. I suppose there's some merit to it as there's definitely space to be reclaimed from the activity...but is it really worth that much considering a couple of hundred bucks would
    • Disk space is cheap.

      But having the email program dig through years and years and years of email just to get the stuff you received today pisses a lot of people off.

      The issue isn't really about disk storage. The issue is that many mail systems are not setup with "live" data disks and "archived" data disks. Everything goes on the live drives unless the user archives it off to a safe location.

      But then how do you make sure you have a backup of that archived data?

      Currently, we're taking the approach of copyi
  • by richardmilhousnixon (515595) on Friday May 20, 2005 @05:09PM (#12594563)
    I was a client of MS/DW. I kept trying to let my financial advisor know about this wonderful pill that would make his penis bigger, and I get the feeling that MY emails were deleted as well!
  • by SoupIsGood Food (1179) on Friday May 20, 2005 @05:10PM (#12594572)
    I think the issue is "selective memory loss" - Microsoft plays this card all the time in court. Emails from a relevant time period are "deleted" when convenient, while older or newer or even contemporaneous mail is saved... the judge in this case was simply smart enough to call shenanigans.

    You can delete old email if you're that hard up for space, just have a rock-solid deletion policy you can prove you adhered to in a court of law.

    It also helps to audit your archives and backups regularly, and document what data was lost when. 'Cuz face it, every admin at some point or other loses some data to corruption, hardware failure, bookeeping mixups or user error. Knowing what you forgot and when you forgot it can help in situations where not having the data on hand can cost a billion bucks or so.

    SoupIsGood Food

    • by Anonymous Coward
      You can delete old email if you're that hard up for space, just have a rock-solid deletion policy you can prove you adhered to in a court of law

      We have a rock solid deletion policy, we delete all incriminating e-mails.

    • There are rules about retention that are beyond normal companies since they are dealing with money. In most normal cases, you could have a retention policy of 1 week and that'd be fine. So long as your policy was consistent and was something that existed before you were asked for the documents you aren't likely to have any problems.

      I mean we get subponea'd for e-mails every so often and we give them what we can. If that's nothing, they are fine with that. The important thing is that we are truthful and con
  • by WAR-Ink (876414) on Friday May 20, 2005 @05:10PM (#12594577)
    That is the question. The answer is keep it, for a while.

    Email records can be subpoenaed just like anything else. If it benefits your case, it would be nice to have, if it hurts our case, it would not be so nice to have.

    When I write computer use policies, I recommend keeping it for 1 to 2 years. Depending on the type of business that might get extended out much longer. A start-up company might want to keep it 10 or more years to cover any possible arguments with their VCs over who owns the IP.

    So why not keep it forever? Unless you want to have the lady sueing you for sexual harassment making your companies email part of the public record, you might want to set some limits.

    The key is to document, in writing, what that limit should be. For example, maybe put it in your companies Computer Use policy. You have one...right?
  • How about MS? (Score:3, Interesting)

    by Nom du Keyboard (633989) on Friday May 20, 2005 @05:12PM (#12594588)
    So when will Microsoft have to comply with these requirements? I heard they've been reportedly flouting the e-mail retention rules for by designating some completely unrelated person(s) as the project leads so that if they ever get called to turn over "relevant e-mails on specified projects", they turn over ones for people who where truly not involved while destroying the incriminating ones.

    This came out during a trial where MS appeared to partner with a software company on smartphones, and then terminated the agreement after seeing the technology. Shortly afterwards they announced their own product that had suspiciously similar features to the technology of the cut-out company.

    • As soon as a Microsoft employee steps forward and says he did such a thing people will go to jail. The civil system in general isn't well set up for criminal behavior.
  • I recently had an overnight IT job at a local Morgan Stanley office to covert their network from Token Ring to Ethernet. The funny thing was that the motherboard for all the computers had a built-in Ethernet port, and the relatively new building was wired for Ethernet, but they had Token Ring installed everywhere. Their technology upgrade cycle must be about 20 years long.
  • by bobalu (1921) on Friday May 20, 2005 @05:19PM (#12594655)
    I worked at a large broker, and they had to be able to come up with a two-week old email immediately, a year old email within two weeks, etc., back to like seven years I think.
  • Now so many people send HTML email around with lovely (read: badly jpegged text, tacky looking) signatures, background patters (to impede readability) and animated smilies scattered around the letter (to make you look even less mature) it's actually a big deal to keep all these letters. Where the text doesn's sum up to more than 1k, we've got a 100k email that all my users want to keep on our poor exchange server FOR SEVEN YEARS.

  • by tshak (173364) on Friday May 20, 2005 @05:30PM (#12594741) Homepage
    Can someone with more legal understanding than myself please explain why emails can be considered as hard evidence?

    1) They can't be authenticated: There's no way to prove if the email was written by the person on record.

    2) The contents can not be validated: There's no way to prove that the contents were not altered in transit.

    To me, email is so easy to spoof that I would take anything I got from such "evidence" with a huge proverbial bucket of salt. Furthermore, I know that institutions such as Morgan Stanley are required to keep certain records on hand but considering the fragile nature of email I find it quite odd that companies would be required to keep it around. Do IM conversations fall into the same category?

    Call me ignorant (I am), but this issue really confuses me. It's not like Morgan Stanly destroyed a bunch of notorized documents.
    • IANAL either but I've had to live through discovery on a few occasions for work.

      The question as to "if something is worthy evidence" really doesn't apply during "discovery". People can request all kinds of things and generally they seem to get their way if the things requested can even reasonably be material to the case.

      If it's "good" or "authentic" is a question that happens at trial, not discovery.

      That's why discovery is so freaking awful. It is time-consuming and dreadful, since there's such a w
    • by jbolden (176878) on Friday May 20, 2005 @05:57PM (#12594917) Homepage
      Lots of other things considered "hard evidence" don't meet those standards either. The threee big standards for rejecting evidence are:

      irrelevant,
      immaterial
      violates rules against "hearsay"

      Judges and courts are fine dealing with information that may or may not be true. They are set up to evaluate those sorts of things.
    • Can someone with more legal understanding than myself please explain why emails can be considered as hard evidence?

      1) They can't be authenticated: There's no way to prove if the email was written by the person on record.

      2) The contents can not be validated: There's no way to prove that the contents were not altered in transit.


      I'm certainly not a lawyer, but I do maintain everything technology related here at a large law firm.

      A lawyer once asked me to try and dig up some really old email from y
  • Good....FINALLY! (Score:5, Insightful)

    by PortHaven (242123) on Friday May 20, 2005 @05:32PM (#12594756) Homepage
    Think about it...

    If it can cost Morgan-Stanley $1.5 billion for not storing email. And 90% of email is SPAM. The risk of deleting/filtering SPAM and losing valid email is going to be too risky.

    Therefore, it will become extremely cost effective for Morgan-Stanley (and other large firms) to hire lobbyists to make unsolicited SPAM (with no valid return email addresses) illegal, criminal, and enforced.

  • by nokiator (781573) on Friday May 20, 2005 @05:39PM (#12594805) Journal
    Of course, not being able to produce all the e-mails requested by the court was only one of the reasons for the $1.45B judgement.

    I wonder what would be the long term costs of keeping every piece of e-mail that is sent and received at a large financial organization like Morgan Stanley? To be useful in the context of an unknown future legal case, the e-mail would not only have to be backed up but also needs to be organized in some fashion. And it will accumulate over years. What happens if some piece of e-mail that is crucial to a case happened to be classified as junk? Does this mean that the company will have to keep every piece of junk mail received just in case?

    A couple of companies I worked for lately had an ever increasing emphasis on cutting expenses in areas like manufacturing and R&D, but the expenses associated with trying to "look good" in reference to new legislation like the Sarbanes-Oxley act was virtually uncapped. According to the company Legal Counsel, if they have to go to court, showing that the company hired $1000/hr consultants to decide the record retention policy would be important. Apparently, what the company did nor did not do is not nearly as important as the company to be able to show that best effort along with the prevalent industry practice at the time was put in.

  • Someone has to tell them :

    2213.404838 megabytes (and counting) of FREE storage so you'll never need to delete another message.

    :)
  • by jbolden (176878) on Friday May 20, 2005 @06:14PM (#12594992) Homepage
    For a large business knowing all the places something might be backed up and how the servers connect to one another requires a great deal of institutional knowledge. Even knowing how to find this sort of thing out requires institutional knowledge and time. Which is to say an experienced system's analyst with the time necessary to do this project and lots of other expert system admins, network admins, etc... for him to talk to.

    This is exactly the kind of "fat" that Morgan Stanley and other companies got rid of 4 years ago. They couldn't answer the question because they no longer understand their email system because they fired everybody who had the broad and deep knowledge. They no longer have people on staff who have the experience in doing this sort of research and they don't have the other kinds of experts available to do it in reasonable time.

    But they would much rather pay the fine than admit this under oath.

  • Being able to keep backups, for any business, should be an easy and no-brainer thing to do. I can see why, for certain information, certain companies would want to have a policy limiting the time period, but for the technical side of things, there isn't any reason that a business couldn't backup all of their systems. In the end, it all comes down to $$$.

    However, what is available for us ordinary users? When I mean "ordinary", I am not just speaking of "Joe Sixpack's" machine (who may or may not care about h

  • I know more than a couple particularly large corporations have both technical implementations and strict policies about making it non-trivial to keep email. Currently, any email that sits in my mailbox for more than 90-days unless I back it up gets automatically deleted. This is not due to storage/budget constraints, but entirely due to some perceived decreased liability.

    I wonder if this judgement will make them rethink their hopes that if they throw it away it can never come back to haunt anyone..
  • The idea seems to be to keep everything that shows what was communicated between some people, so how about:
    • All post it notes
    • All printed documents that have scribblings/notes on them (which makes them different from the on disk version)
    • Flip charts used at presentations
    • Take a copy (photograph) of black/white boards used in presentations
    • Blotting/doodle paper

    And that does not cover the most important communication mechanism of all: Speech, so should we insist on audio recorders:

    • In all offices
    • On all

Stinginess with privileges is kindness in disguise. -- Guide to VAX/VMS Security, Sep. 1984

Working...