Psystar Case Reveals Poor Email Archiving At Apple 123
Ian Lamont writes "Buried in the court filings of the recently concluded Psystar antitrust suit against Apple is a document that discussed Apple's corporate policy regarding employee email. Apparently, Apple has no company-wide policy for archiving, saving, or deleting email. This could potentially run afoul of e-discovery requirements, which have tripped up other companies that have been unable to produce emails and other electronic files in court. A lawyer quoted in the article (but not involved in the case) called Apple's retention policy 'negligent.' However, the issue did not help Psystar's lawsuit against Apple — a judge dismissed the case earlier this week."
Re:If Litigation is required. (Score:4, Insightful)
It's probably more to say "if you think you will get busted you're not allowed to start removing things", not "you can't remove anything because some day in a time far far away someone may want to look you up."
Re:email is for communication... not documentation (Score:5, Insightful)
But that doesn't equate to legal requirements for a company to retain ALL email.
No it doesn't. But there are two issues with email. First is that if you don't have a standard policy for retention/destruction of email (or network share backups or whatever), it opens you up to allegations that you destroyed evidence after a lawsuit was filed. If people can delete things at any time, it makes it hard to show if it was coincidence that your VP just happened to delete all that relevant stuff after a suit was filed or not. With a standard policy, if everyone complies, then this matter is much more cut and dry.
Second is Sarbanes-Oxley compliance. I know a lot of companies have banned external instant messenging because of retention concerns related to Sarbanes-Oxley (since you can't easily log AIM and other IM discussions). I'm a bit surprised that Apple hasn't got policies in place given their issues with improper options in the past. Similar laws, I guess they didn't take the scandal very seriously.
Re:email is for communication... not documentation (Score:1, Insightful)
Archiving documents, meeting notes and phone conversations is routine at many firms. It's not uncommon for executives and employees to keep logs of all phone calls (typically who was on the call and what was discussed) and meetings. In some firms written meeting notes are kept in bound, page-numbered noteboots so it's clear if a page has been added or removed.
Any conversations at the executive level, and anything that may end up in court should be noted on a calendar--who was in the meeting and what was discussed.
As annoying as they are, those MS Outlook invites that are archived by the Exchange server really are valuable.
Re:e-dicovery? (Score:3, Insightful)
Bah, don't worry about the executives. They already have a entire language of obfusciation and everybody else just posts the dirt to their MySpace blog.
It's not that I'm worried about executives. It just feels both pointless and overly intrusive to me, which is a bad sign for any government policy. From there, it seems a small step to require Internet providers or search engines to start logging the same sort of data. It doesn't really seem all that far-fetched. [npr.org]
5th amendment doesn't apply to corps... (Score:1, Insightful)
It's generally in the best interest of a company to just give up everything and follow the rules procedure in the USA.
If a judge finds out that a company is taking evasive action or has put in a policy in place to deliberately hide information from the court, then that company is going to get banged and banged hard. And if a you are judge, you can bang a company for a long, long time.
There are just some judges who will just look at a company, sigh, and say "what are you guys in trouble for now?" The lawyers for the company bring changes of underwear.
Re:email is for communication... not documentation (Score:3, Insightful)
Typical e-mail systems treat messages as messages, and not documents. Its made evident by the email address itself: someone@domain.net -- not alot of meta-data in there. Just a person at a place.
what blows me away is when companies that do make an effort to archive e-mail messages, insist that the operation be performed at the client, via CC or message forwarding (the cost savings technique). Sounds ripe for abuse if you ask me.
Lets face it: e-mail is too big to fail! Therefore (Satan get behind me) we must force it to do all the things it may or may not be suitable for.
Re:email is for communication... not documentation (Score:1, Insightful)
First is that if you don't have a standard policy for retention/destruction of email (or network share backups or whatever), it opens you up to allegations that you destroyed evidence after a lawsuit was filed. If people can delete things at any time, it makes it hard to show if it was coincidence that your VP just happened to delete all that relevant stuff after a suit was filed or not.
Seems there are two policies that should be used:
(1) Delete when read -- e-mail messages must be deleted as soon as they are read, once a message has been opened, it must be immediately purged. AND
(2) No text from any e-mail may ever be copy&pasted into another document.
By having a rule that there be no retention, and enforcing it with software (policy settings that ensure a message is deleted as soon as it is closed after opening)
There can be no allegation that the message was intentionally deleted in order to destroy evidence.
Comment removed (Score:5, Insightful)
Re:Retention policy? (Score:1, Insightful)
Good reason not to even use email (Score:3, Insightful)
Re:email is for communication... not documentation (Score:4, Insightful)
Re:e-dicovery? (Score:2, Insightful)
why should a corporation have the right to free speech? or perhaps a better question might be, why would a corporation need the right to free speech?
a person's right to free speech may be encroached if they, say, create a film that offends some special interest groups or portrays a powerful corporation in a negative light. a lawsuit might be filed against the filmmaker in an attempt to silence him. in this case it would be a matter of free speech.
now, how would the issue of free speech ever arise regarding an abstract commercial entity like a corporation? is the corporation going to become sentient and issue a press release on its own? or publish a book that it wrote itself?
as a commercial entity, the only legal rights a corporation can really have is property rights. and even that is somewhat questionable. really what happens is that some business owner wants to protect his personal or business assets against lawsuits, so he creates a dummy corporation as a legal surrogate to eliminate personal liability for his actions. that way, if he ever gets sued his personal assets and his business are buffered from any legal action.
Why keep emails? (Score:3, Insightful)
Why would Apple bother to keep emails when they already know that the risk of the email being used against them is far worse than the penalty for not keeping them.
Re:email is for communication... not documentation (Score:3, Insightful)
"Should" be used? That may be the best policy for limiting discovery in lawsuits, but it would seriously damage the operation of the business. I can't immediately resolve an issue emailed to me most of the time, and I rely on saving emails with important information for later use. I'd say these are pretty common ways that people use email.
You want to mitigate legal risk, not necessarily eliminate it.