Dutch Gov't Has No Idea How To Delete Tapped Calls 186
McDutchie writes "The law in the Netherlands says that intercepted phone calls between attorneys and their clients must be destroyed. But the Dutch government has been keeping under wraps for years that no one has the foggiest clue how to delete them (Google translation). Now, an email (PDF) from the National Police Services Agency (KLPD) has surfaced, revealing that the working of the technology in question is a NetApp trade secret. The Dutch police are now trying to get their Israeli supplier Verint to tell them how to delete tapped calls and comply with the law. Meanwhile, attorneys in the Netherlands remain afraid to use their phones."
You can't make this stuff up (Score:4, Insightful)
Re:not afraid (Score:5, Insightful)
I think you're only looking at the simple case. What about: I find out the intimate details of what you and your client were talking about on the phone and then use those details to dig deeper and find evidence I never would have without that phone call? Then I turn up in court, destroy your case, have nothing but hard evidence and you have no way of knowing that I used your taped conversation to do so (and probably couldn't prove it even if you thought that).
It'd be immoral and illegal but it *would* destroy your case outright and the chances of me getting caught are probably quite low if I'm someone with intelligence and knowledge of legal workings like, say, another lawyer?
Re:not afraid (Score:3, Insightful)
The police wouldn't be dumb enough to use that as evidence.
What they are more concerned about is the police hearing "Oh, you did do it? Right, this is how we'll get you off..."
Once they know you did it, even if they can't use that recording, you can bet your bottom dollar they will put every resource to use in finding the proof you did it, where without that taped call they may see no surface evidence and move on to the next suspect.
Re:not afraid (Score:4, Insightful)
That may be true, but if the police / the prosecution is smart, they don't use the tapped calls themselves as evidence, but simply use them during their own investigation, and to better prepare their rebuttal to the defense attorney's arguments.
Regardless of lawyers' feelings, this is a major violation of a basic right to have a private conversation with your defense attorney. The fact that these calls are tapped at all is outrageous. If those calls were occasionally accidentally stored that would be even more outrageous. But if they are not only recorded but even impossible to delete, ... well I can't think of a word.
Re:Every knows (Score:3, Insightful)
No joke, it's hard (Score:5, Insightful)
Deleting data is really really hard. If one is storing large amounts of data it is difficult to put a system in place which can prove that every copy in your posession has been deleted. Think about the work of sifting through thousands of write-once offline backups, be it tapes or CDs or whatever, locating the data, copying the original minus the data and destroying the originals. If that's not hard enough, what about data that's not in discrete files. Say there's a PostgreSQL database that's zipped and spans a thousand peices of physical media. The only way to delete a record is to load the whole database then redump it. And don't forget about regenerating all the index files. And dealing with obsolete file formats.
This sounds like a stupid problem, but in reality it is really tough to delete something and be certain that you've got it all.
Wish i was surprised... (Score:5, Insightful)
But im not, really. Having worked for the Dutch police twice now, I can safely say that the majority of their IT staff are completely clueless. A few years ago they "outsourced" their IT to a seperate entity to handle all their IT, but this entity was staffed mostly with the people they already had, so there wasn't any actual increase of knowledge (as far as I could tell). They got a nice fat bag of money and an unclear manifest, all paid for by us - the Dutch taxpayer - and this is what we get.
The Netherlands: No privacy, no competence and instead of capable beatcops we get highway robbery in the form of a cop with a lasergun having his daylong break sitting behind a bush next to our highways. And they wonder why the populace is starting to hate law enforcement.
Do yourself a favor and do a search on Google for "C2000", another one of the Dutch police success stories.
I could weep. Or well....puke really.
Delete, Remove, & Drop (Score:5, Insightful)
For those who are offering commands to get rid of the data, you need to understand the why they will not work.
This issue is that the storage system used is designed is such a way that you CAN NOT modify any data once it is written to the disk.
Once the data is written, it can not be modified or deleted. Now, the reasoning behind this is so the police can not digitally manipulate the timestamps or data in any way. This is to protect the integrity of the data so it can withstand legal challenges.
They are faced with a 'catch 22' situation. If they can figure out a way to delete a 'prohibited conversation' they could theoretically modify the data too. Opening up the possibility of having a criminal conversation being invalidated.
Re:You can't make this stuff up (Score:2, Insightful)
Dutch courage eh? /me hands the Dutch legal fraternity a nice, cold glass of encryption.
Seriously, why don't we all just move to encrypted SIP clients? It's not like there aren't a pile of open source ones out there.Yes, it'll never be mass market, but it's now easy enough for anyone clued up enough to know that they need to be using it.
Failing that, there's always encrypted email. Thunderbird + Enigmail is a no-brainer.