Corporations Face Problems with Employee Emails

TwistedOne151 writes "Law.com has an article outlining how the casual attitude of many employees toward work e-mails has resulted in some thorny problems for corporate in-house counsel. 'It has now become routine even in civil investigations for computers to be subpoenaed so lawyers can look at e-mails and hard drives. And one thing always leads to another. "We have forensic software that shows multiple levels of deletions. It shows thought processes. We can learn far more than from just a document alone," said [Scott] Sorrels. "E-mails have taken over the world."'"

"E-mails have taken over the world"

[El_Muerte_TDS]

Well, in that case, I welcome you, our new overlords.

Re:"E-mails have taken over the world"

[Gideon Fubar]

Well, they're be more accountable and easier to trace than the current lot..

Re:

[Gideon Fubar]

good to know i have fans. ;)

Re:

[Zigmun_Barsac]

"Never complain, never explain and never write anything down." - allegedly Henry Ford

Re:

[defile39]

As opposed to, "We'd better get this on tape." - Richard Nixon

Re:

[ColdWetDog]

/. needs an "Olde & Lame" tag...

Here - you need a humor pill ---> .

That was really pretty good. Now, I'll just get off your lawn and let you just grump on, gramps.

Wait, emails have taken over the world?!

[Seumas]

I thought we just had a slew of articles around the internet telling us that email is dead and it's all about myspace and instant messaging?

Anyway, if you have truly devious intentions, simply use the telephone or speak in person. It works for the president and it has worked for the mafia (at least, it did in GoodFellas).

Re:

[QuantumG]

Old people use email.

Old people have jobs in corporations.

The article is about corporate email.

Do the freakin' math.

Re:

[aproposofwhat]

Old people use email.

What, the article was about Korea?

Re:Wait, emails have taken over the world?!

[cbart387]

Old people use email.

I guess 23 is the new old then.

I'm surprised all the people that use webmail, even compsci students at my college. I think people would not be so swift to abandon it if they used an email client program. Emails in thunderbird are much quicker then using the mess that is facebook. It'll never rival IM but it's pretty darn close.

Re:

[digitig]

Old people use email.

When it's the old people who have the money, and it takes email to get it out of them, the smart young people use email too.

Re:

[SeaFox]

I thought we just had a slew of articles around the internet telling us that email is dead and it's all about myspace and instant messaging?

The King is dead! Long live the King!

Re:Wait, emails have taken over the world?!

[pimpimpim]

A maffia boss in Italy was caught in 2006, he used small paper notes with (sloppily) encrypted messages [theregister.co.uk] on it to send out orders. Apparently it worked for a long time, and would still have worked if he had used better encryption.

Re:

[fuzzybunny]

Many companies, especially financial services providers, are required to record phone calls and maintain the records for several years, so back to the drawing board...

Re:

[RockDoctor]

I thought we just had a slew of articles around the internet telling us that email is dead and it's all about myspace and instant messaging?

That article was about children and the cannon-fodder produced by universities. Real people still use email to prevaricate around the stuff they should have finished last month.

surprise

[wizardforce]

THe one thing that can never really be dealt with in terms of keeping email private is the fact that no matter how much you encrypt, use tor etc. youcan't escape the fact the person at the other end can always make a backup copy. The lesson here? If you really don't want something to get out into the world in one way or another DONT SEND IT.

Re:

[TooMuchToDo]

Reminds me of an old CYA saying:

Never email what you can say over the phone
Never say over the phone what you can say in person

Procrastination

[Anonymous Coward]

Never email what you can say over the phone
Never say over the phone what you can say in person

The preferred mode of communication in the modern world is E-mail, the two modes of communication you suggested are actually considered rude these days. I fully understand people's right to have a paper or E-mail trail to cover their ass, but it still gives me a kick to break the unwritten rule that all communication must be by E-mail'. People get so deliciously annoyed because they know they can't go and justify their objections to direct contact, to their bosses, without admitting that most of their insi

Re:

[Mantaar]

Meh. I think the number one procrastination-trigger around IT-companies is still /. and not e-mails.

In fact, companies lose hundreds of manhours per day to this site...

... which they then invest in adverts here on /.

Wait, I think I got an error in my logic there...

Re:

[Fred_A]

Meh. I think the number one procrastination-trigger around IT-companies is still /. and not e-mails.

That's why I have a script that dumps /. stories in my email.
"Look, I'm working ! It's email !"

Re:

[mpe]

I fully understand people's right to have a paper or E-mail trail to cover their ass, but it still gives me a kick to break the unwritten rule that all communication must be by E-mail'.

Email has the advantage over paper of being time stamped and easily searchable.

People get so deliciously annoyed because they know they can't go and justify their objections to direct contact, to their bosses, without admitting that most of their insistence on E-mail only communication is mostly just an excuse to make it

Re:

[the_rev_matt]

I do configuration management. For years (and possibly decades before I ever came on the scene) it was pretty routine for code to be written, 'tested', and put in production with no paper trail of any sort. We would constantly be pounded on by various business groups for broken code making it to production and the defense of "Well, you told us it passed your test and was OK for production" was worthless because they'd simply deny it.

Maybe you're just lucky and haven't worked in a business environment wher

Re:

[flosofl]

...every time I have tried to use email to justify something the other party said "and you know how easily email can be faked don't you?"

Usually, an enterprise messaging system with integrated digital signatures solves that issue. I *hate* Lotus Notes with an unbridled passion. However, one of the very few things I like about it is how easy it is to have digitally signed messages (and verifying signatures). Where I'm at (a global security group), we mandate that any "official" emails are digitally signed.

Re:

[Pope]

Storing voicemails? No thanks. Approvals here are almost entirely email-based, with multiple signatories. If not, a voice vote is counted on the record by a project manager and all parties are sent copies of the minutes from that meeting. CYA city.

Re:

[the_rev_matt]

The people I work with are entirely unaware that email can be faked. If it's on the computer screen, it MUST be true. They also believe anything they read on the internet.

Re:

[sowth]

Never say in person what you can slurp into their head with your mind control device. Get your tinfoil hats on friends, it's a comin'!!!

Re:

[CastrTroy]

Ok, maybe we don't need to go that far, but how about equipping offices with the cone of silence [wikipedia.org]

third option...

[misanthrope101]

shut the hell up! I always find it weird that people talk so much about the things they aren't supposed to be doing. Yes, you have to be on the same page. But if you and I already know we're doing that thing at that place next week or so, do we need to explicitly say that in a conversation right now?

I've never been involved in crime per se, but I've done stuff I didn't want broadcast (to my parents, employer, then-wife, etc) and the most galling truth is that people can't keep their mouths shut about

Re:

[hoggoth]

I've always said there are only two kinds of secrets: the kind that only one person knows and the kind that everyone knows. The rest is just a matter of timing.

Re:

[ajs]

Actually, if you read the article, the issue of revealing more than you meant to is only half of the scope of the problem. There's also the fact that email isn't seen as formal communication, which means that you can typically find email that's anything but "the truth, the whole truth, and nothing but the truth," and yet it's entered into court records as evidence as if it were.

I think the real problem that we have is that we view email as if it were written communication after the fact, but when we're writ

Re:

[slashbob22]

Actually, if you read the article, the issue of revealing more than you meant to is only half of the scope of the problem. There's also the fact that email isn't seen as formal communication, which means that you can typically find email that's anything but "the truth, the whole truth, and nothing but the truth," and yet it's entered into court records as evidence as if it were.

I think the real problem that we have is that we view email as if it were written communication after the fact, but when we're writing it, most of us think of it roughly the same way that we view casual conversation.

I agree, a quick google isn't revelaing the source, however there was research a few years back that indicated that someone was less likely to lie on email than in a verbal conversation; this is thought to be related to the fact that an email is seen to be a record even if informal.

Re:

[badasscat]

I think the real problem that we have is that we view email as if it were written communication after the fact, but when we're writing it, most of us think of it roughly the same way that we view casual conversation.

On the other hand, those that do consider it formal communication can use this to their advantage.

My bosses hate email and when they do write it, they often use it like IM - one line of almost incomprehensible gibberish. They try to give any instructions they need to in person. But that leads

Re:surprise

[ZombieRoboNinja]

I hear this sort of advice on Slashdot a lot. "If you don't take [insert privacy procedure here], you're ASKING to get caught!" "Don't say anything over email you wouldn't shout in a crowded room!" And so on.

It's kind of dispiriting to me that so many people consider this an acceptable status quo. That you're not allowed to use the Internet, the DOMINANT new form of communication, the one that was supposed to "free" us somehow, without the expectation that everyone from Big Brother to your kid sister is watching over your shoulder.

Re:surprise

[Hebbinator]

I think you missed the point-

The "take privacy procedure" and "dont email anything you dont want to get in trouble for" advice in this case is not being applied to the general public - its for emails at WORK.

The internet was not made so you could say things that make you liable at your job and get away with it. Read the article - it effectively equates interoffice emails to official business. You are "allowed" to use the internet, and you can use it to communicate freely and easily; however, you can neither use company email anonymously nor without consequence, because it creates a permanent record.

I think that its reasonable to say "dont write anything in a COMPANY email that could get you fired/ be used in a lawsuit" just like you wouldnt write those kinds of things in an office-wide memo. Your work email is not private, it belongs to the company, which makes you and the company both responsible for it.

Re:

[Intron]

Suppose a typical situation comes up at work, you want to fire seven US Attorneys for example. Easy solution - don't discuss it on the work email! That should be obvious. Just use a separate external email address that is on a server where you can easily delete the contents. C'mon. Security 101.

Re:

[NateTech]

With mounting evidence that illegal wiretapping of any network imaginable is commonplace, do you really think the line ends at Company mail, in the long term?

Re:

[Yvanhoe]

Well, it all boils down to the "don't tell secrets to people who can't keep a secret". And also : "People who are not good at IT don't know how to hide things from a court of law". So don't do unlawful things with them.

Re:surprise

[somersault]

This message will self destruct in 5 seconds. And will neuralyse you. Don't know why we bothered to send it.

Encryption serves a slightly different purpose

[dhavleak]

Encryption is more about making it impossible (or at least computationally expensive) to scan your email for 'flagged' stuff, and making it hard for people to accidentally forward confidential information. For example, if I forward a 'Company Confidential' encrypted email to someone outside of the company, they cannot get a decryption license because my company's AD doesn't recognize them, so it prevents me from shooting myself in the foot and brining my company down with me.

Now having said that, if there i

That's only half the story

[Moraelin]

Now I didn't RTFA, but even the summary seems to say a bit more. For a start, that they can look through deleted drafts on your hard drive and see what the email looked like before you actually edited and sent it. Or even if you don't send it at all.

Plus, screw email, we've already seen this kind of thing happen with edited Word documents, Excel files, or PDFs. Stuff that was never actually sent or published in any way is dug out of the document and used against you.

E.g., I remember a somewhat recent story on The Register where a politician was under fire over a donation she originally said she knew nothing about, but a some looking through the document history later, it looked like she or maybe her husband had a note in the document at some point to check if that's ok.

And now I'm all for accountability in politics, but there's nothing to say that it can't apply to your joke mailing list just the same.

E.g., basically, if your client sues your company about bad support, any emails where you told a coleague that that client is an asshat and shouldn't be taken seriously, can get dug out and used against you. That much was probably clear to you too. But here's the more important part: even if you _didn't_ actually send that email, if at some point you saved a draft, that too can be dug out and used as hint about your thought processes.

So it seems to me like the danger is even more insidious. Even if you think thrice before thinking an email, well, computers got us trained that all sort of transient information can be stored there for later. Even stuff you never intended to send, or notes to self for later, or whatever. Even trivial stuff that people used to just hold in their head, is now somewhere on the computer because it's easy to do so. And stuff that people would first roll around in their head before writing on paper, now gets written anyway and edited later, because it's easy to do so.

And then used as some kind of proof of how your train of thought went. Which was a rather private thing before.

Worse yet, it's now all in one place. So even if previously you'd keep your private thoughts in a diary, chances are it wouldn't get shown in court unless your character makes any difference (e.g., if you pleaded entrapment.) Or they might want to see your letters to your accountant, but not your letters to your mistress. Nowadays that hard drive is one big pot with _everything_. (Again, even transient stuff you deleted long ago and forgot that it was ever on that computer.) Once you got ordered to hand it over, someone _will_ poke his/her nose through everything on it. From business stuff, to your reminders in Outlook to go to Alcoholics Anonymous, to joke lists you're on, to God knows what else.

Sure, most of it probably won't be allowed in court or even presented. But you never know what might anyway. E.g., if you were hit with a sexual harassment or discrimination lawsuit, your porn browsing history or subscription to some dumb blondes jokes list might be interesting after all.

At any rate, _someone_ out there might end up knowing more about you than you thought possible. Even if you think twice before hitting the Send button.

Re:

[lar3ry]

It gets worse than that.

The article refers to forensic software that can track deletions and thought processes. That's speaking specifically about Outlook, which uses Word as its mail editor. Think of it; Word keeps track of all changes to a document (that's how "Track Changes" works). Even if you DON'T send it, the forensic software might spot a message you NEVER INTENDED to send.

The reality is that this cannot be avoided. If your company mandates Outlook, then the only way you can escape this "thought

Aww, poor corporations.

[evanbd]

Shall I shed a tear because you have more trouble hiding things from the public?

Re:

[CarpetShark]

Precisely. Corporations were invented to serve the public, not the other way around.

That said, this does raise important privacy issues for individuals. Nothing that GPG + secure deletion can't solve though, if anyone could make a decent email client that took the donkey work out of using GPG.

Hiding the truth

[TheSciBoy]

My reaction as well, so corpoprations now have a new problem: they can no longer hide their illegal practices from the legal system. Shock! Horror! What injustice!

Am I the stupid one here or is this in fact a good thing for corporations? Maybe now corrupt practices will become so dangerous that the people that remain employed might actually be the honest people (gasp).

You are wrong about one thing though, corporations were never invented to serve the public, they have no other purpose than to make money f

Re:

[QuantumG]

Yeah, makes me wonder how many cases of "oops we broke the law" have been exposed by email trails. If the matter is handled well, and this can be shown to the court, the person suing may well get less money than if there had not been an email trail and the court/jury had to just assume the worst. Of course, in a perfect world, it wouldn't be possible to accidentally break the law.. but we live in a society where most everyone has broken one law or another.

Re:

[coolGuyZak]

You are wrong about one thing though, corporations were never invented to serve the public, they have no other purpose than to make money for their owners (which in a lot of cases are stock holders). That's it. They can have statutes and whatnot that say that they should give back to the community and serve the countries they work in or whatever but that's just dressing on top of the one basic tenet: make money for your owners.

Incorrect, sir. Exhibit A: The not-for-profit corporation [wikipedia.org]. Such corporations inc

I stand corrected

[TheSciBoy]

You are correct in that there is a special case. I stand corrected. However, this hardly nullifies the rest of my argument, but thank you for pointing this out. I hadn't thought of that.

Re:

[freedom_india]

Not For profit corporations do not mean they don't or can't have profits.
Income-Expenses=Surplus.
THis surplus is treated as Profit when it is paid out as dividends.
It is treated as just excess (not taxable) when it is re-invested.

The original purpose of ANY corporation is to act as a front to the actual investors; the fall guy who goes down financially should something bad happen.

However, in past 100 years, since the Rail Robber Barons, and others, the assault on judiciary to treat a corporation as natural

Re:

[coolGuyZak]

Whoops! strike that example, then. :)

Re:

[SL Baur]

Nothing that GPG + secure deletion can't solve though, if anyone could make a decent email client that took the donkey work out of using GPG.

That would be Mailcrypt plus whatever your favorite emacs lisp mail program is, available for well over a decade now and as transparent as it's going to get. When I was still actively following the cypherpunks mailing list, I participated in a public test of a fully encrypted mailing list managed by a special version of majordomo. Gnus 5 & Mailcrypt handled it like a champ.

Re:

[CarpetShark]

I think you just made my point for me ;)

Re:

[Martian_Kyo]

my thoughts exactly...this is only a problem because the way they do business. I know the world isn't simple black and white, but some companies use that as an excuse to do...just about anything.

I say these employee mails, might be more of solution then a problem.

Damn the man. Save the empire

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[darkmeridian]

This comment was long overdue. The article ostensibly dealt with computer privacy, but the real topic is how to avoid leaving fingerprints when using your work e-mail. In other words, corporate counsel is teaching their bosses how to avoid writing "the smoking gun memo." Remember--it's not destroying evidence if you're just telling them not to create evidence in the first place! I recall being a part of conversations along the lines of, "It's your practice and habit to not save drafts of documents you creat

Lawyer's advice: be two faced

[QuantumG]

If it's off the record, don't write it. Pick up the phone or better yet, walk over. Don't hit the send button in the heat of anger.

Or here's an idea.. don't be a backstabbing two faced liar. Office politics is one of the many reasons why I am happy to work from home more often than not. If you're getting angry about someone go have it out with them. If you're getting all steamed up about decisions made by others, remember your place, get over it, or stop being so serious - it's just a job.

My personal favorite is the few times I've had to voice concern over the possible legal implications of a particular action. I've had people IM or call me instead of replying to emails because they don't want to be "on the record". To which I have said in the past: "oh, don't you know the IM is logged?" or "You know, if you don't reply to my email and clear this up than all that will be 'on the record' is my concerns and none of your explanations."

Of course, there are people who think its okay to break the law, just so long as no-one finds out about it. To those people I don't send email - I send it direct to the CEO.

Re:Lawyer's advice: be two faced

[Riktov]

Of course, there are people who think its okay to break the law, just so long as no-one finds out about it. To those people I don't send email - I send it direct to the CEO.

In most companies such people typically are the CEO.

Re:

[misanthrope101]

Yep, and they got that way by being the most comfortable with hedging the line, and the most skilled at getting away with stuff. Great sociopaths make great CEOs--it's just that their kink is money, which is a fixation society tends to admire rather than censure. I don't think the public was all that furious at even the Enron guys--the closer the stink got to the Bush administration, the more people dismissed it as "political," like Whitewater.

Re:

[speculatrix]

In a previous job I was a s/w developer, and I had a particularly troublesome boss. The sort who would say "let me know if any problems at all arise" and then at reviews would say "you kept telling me all the problems that came up", or "I want to hear solutions not problems". Anyway, he had a habit of telling people by phone to do things which were against procedures if it would help up meet deadlines, saying that we didn't have to be so rigid; if things went wrong he'd immediately blame the developers.

On

Re:

[Shajenko42]

This is also good practise if, say, you have to ring the bank with some issue of policy or a dispute and they tell you something which you think might be rescinded later - write and say "in according with telephone conversation on Xth of $Month you told me blah blah and this means I shall ...." - and ensure you keep signed and dated copies... months later if they change their mind you can point to the letter and say that since they didn't countermand it, the contract as offered in the letter stands.

IANAL,

Re:

[speculatrix]

implied contract? yes you can, your bank and credit card company do it all the time - send you notice of change of t's and c's, you could write and refuse, but then essentially you're giving notice of intent to terminate the contract. In my example, what you are doing is turning the verbal contract into a written one by putting it in writing, your supplier (bank etc) then has to refute your written version of their contract.

Re:

[Shajenko42]

Again, IANAL:

yes you can, your bank and credit card company do it all the time - send you notice of change of t's and c's, you could write and refuse, but then essentially you're giving notice of intent to terminate the contract.

You had previously entered into an explicit contract with them (opened an account), and I'm sure somewhere in their terms it says they can change the contract by giving notice. You can make silence the condition of accepting these new changes in your original contract - you c

Article reads like a 'cry wolf'

[cerberusss]

If you read the article, it talks about the thorny problems that legal people have with e-mail. The following absolutely shocking examples are given:

• catty comments or frankly inappropriate language
• They call people names
• They make inappropriate comments
• "can you believe that [expletive] is complaining about this?"
• "I can't believe she's pregnant at such an inconvenient time at work."

I was like Oh My God, can you imagine the billions and billions of dollars that must be pumped into lawsuits regarding these comments?

Nope, me neither.

Re:

[QuantumG]

You are kidding right? Everyone who gets dismissed from a reasonably high paying job in the USA is required, by their insurance company, to file a grievance. That's how the "income protection" scam works. From the customer's point of view you're just paying a premium to ensure you'll be able to meet your mortgage repayments should you lose your job. From the insurers point of view you're paying for your legal fees in advance so they can reclaim your future mortgage repayments from your employer.

Each of

Re:

[tbannist]

Then your legal system is broken.

I know that's not news, but still...

Re:

[bkr1_2k]

What insurance company are you talking about? Seriously, I've never heard of an insurance company that required that.

Simple Solution

[evilviper]

You know, if the saying is good enough for taking away the public's privacy and civil liberties, it's surely good enough to apply to corporations:

If you aren't doing anything wrong, you've got nothing to hide.

If companies would just STOP COMMITTING CRIMES, it wouldn't matter that all their e-mails are on disk.

Are we supposed to feel bad that e-mail is allowing companies to be caught red handed, and forcing them to answer for their crimes?

Re:

[L.Bob.Rife]

Two points...

First, there are so many obscure laws, sometimes it all boils down to a simple case of willpower. If some government official has a hard-on against you or your company, they will find SOMETHING they can charge you with. There are various laws per state (especially California), that a company could easily overlook without a massive legal department looking into all possiblities. And frankly that is beyond the scope and financial ability of most companies. At my own company, we spend a substa

Re:

[Damocles the Elder]

If you aren't doing anything wrong, you've got nothing to hide.

The problem with this is that you're saying everyone with access to these records is trustworthy. Which they aren't. The same argument and reply goes to ISPs logging emails and the government wiretapping without a warrant.

Re:Simple Solution

[Cutterman]

Cardinal Richelieu said, "Give me six lines written by the most honest man, and I will find something in them to hang him."

As true now as it was then.

Re:

[bkr1_2k]

Except this isn't always about "committing crimes" but civil issues. He said she said crap that is used in courts to civilly damage a company for some perceived grievance about "fair employment" practices.

People can't take responsibility for being the douchebags they are so they want someone to blame when they get fired. Instead of changing their behavior they point the finger and say "he fired me because he thought I was a douchebag. That's not fair" And other idiots eat it up and award ridiculous winn

Compare/contrast the corporate and public arenas

[damburger]

If a government wanted to stop people sending embarrasing e-mails (Hey, they are using OUR telecoms infrastructure!) then you would call them tyrannical. But hey, if a government ran eveyr aspect of life on its territory through an autocratic, undemocratic heiracrhy you would probably cry foul too. Apparantly theres two sets of rules.

And before you inevitably say that people are free to leave a corporation - the fact is that in a world of massive debt and no safety net, your only other option is jumping t

Solution?: Use DRAM SSD for email storage

[Zymergy]

What about the option of using an (albeit more expensive) (Volatile) DRAM-based SSD for your email servers?
If *someone* subpoenas it, kindly provide it (unplugged) with the any passwords and a full set of encryption keys...
(Assuming there are not already laws prohibiting a corporation from using a faster (700-1400MB/s @ 3s), more reliable (protected with both ECC and RAID), higher I/O preforming (3 million random IOPS), volatile DRAM SSD array for their email storage?)
"Here is my untouched email server storage device all boxed up and sealed as required per your subpoena order..."

504GB of DRAM would make a *nice* email storage device... (Violin 1010) http://www.violin-memory.com/products/violin1010.html [violin-memory.com]

Re:

[Fred_A]

Seems like an elegant (if somewhat expensive) solution for the problem in the more risky cases :)

Re:

[REBloomfield]

http://www.zdnet.com.au/news/software/soa/US-ruling-makes-server-RAM-a-document-/0,130061733,339278641,00.htm [zdnet.com.au]

Re:

[Chris Mattern]

Don't be ridiculous. You subpoena *information*, not hardware. You present them with a hard drive that's been wiped of its data, even if you wiped it merely by unplugging it, and you've erased subpoenaed data, and you are in a WHOLE lot of trouble, including, quite possibly, criminal prosecution and jail time.

Chris Mattern

Re:

[Forbman]

Actually, no, you can subpoena the hardware, so that the drives can be ghosted by a 3rd party, gone over by a forensic examiner, etc. Doesn't mean that that the hardware has to leave the facility... If it is a specific hardware device, more or less unique or too expensive to duplicate, then the hardware can be possessed until information has been retrieved from it or it is no longer required to be used to extract the data.

Wouldn't work, and you'd be in deep trouble

[cheros]

You are not asked for the hardware, you are asked for the information.

That means that you are to provide a non-volatile copy. If you try to pull this stunt you're IMHO most likely ending up with a charge for destroying evidence, and you can ask "Oops I shredded Enron docs again" Anderson what happens next..

In the UK you can make their life a bit more difficult by storing part of your recovery (backdoor) crypto key abroad. It's not unreasonable to be slow at that point because you have to recover the key p

Re:

[AndersOSU]

That should work fine for your private email server, however, public businesses are subject to a whole host of records retention guidelines, for the specific purpose of feeding discovery if they're ever sued. Just as it is illegal to shred business records, it is also illegal to delete business related emails.

Re:

[Chris Mattern]

That should work fine for your private email server, however, public businesses are subject to a whole host of records retention guidelines,

Public business are subject to tighter rules on record keeping than private persons, true. But if it's shown you deleted information after the subpoena for it was served, it doesn't matter what you are, your ass is grass.

Chris Mattern

Re:

[Forbman]

It's not illegal to destroy documents via shredding, as long as it is done consistently per policy that also conforms to whatever regulatory requirements are in place. Same goes for e-mail retention. Of course, nothing is more terrific for a company involved in a lawsuit in discovery feeling confident that a particular e-mail thread being looked for was erased per said e-mail retention policy, only for it to show up in one of the employee's (maybe the jerk's administrative assistant's) local e-mail archive

corporations are the problem

[m0llusk]

The closed and criminal nature of most corporations is the core problem. If they were open about what value they were providing and how then there would be no problem with remarks about corporate processes and performance being written in e-mail or any other medium prone to sharing and archival.

Multiple levels of deletion??

[gweihir]

He must be talking about filesystem metatdata. For modern HDDs, you cannot see how often something was deleted, or hwat was there before....

Hello 1998

[brunes69]

...I think your missing article is here.

WTF is this? Shouldn't this article be about Facebook or some other latest and greatest technology?

How have any of these email issues changed in the past 10 years?

This is a bad thing?

[rtechie]

And this is a bad thing.... why? Because it's easier to catch crooked companies (all of them) breaking the law?

The article literally consists of corporate lawyers whining about how email makes it harder to conceal criminal actions because they can be found in discovery. Contrary to what the article seems to imply, very few court cases involving email discovery are based on harassment claims. Mostly they're about companies try to screw each other on business deals. For the most part, it's perfectly LEGALLY s

Re:

[Anonymous Coward]

But...but...if lawyers can subpoena e-mails...and emails control the world....

Re:

[Brian Gordon]

THOUGHT PROCESSES?!?!?

Re:

[Gideon Fubar]

Certainly it can be done in real time.. by your standard everyday keylogger. Of course, installing keyloggers on ALL your employees machines, and having complete access to everything they write does raise some thorny questions.. Not to mention that someone has to actually assess the data.

This really doesn't look like it's going to take corporate email security to a new level.. individual profiling, however, might be a different story.

Re:

[mollymoo]

It's machine time you're devoting and machine time is cheap. It takes the human a few minutes to start it going and the machine does the rest. I fairly recently had my NSLU2 (a tiny Linux box with a 266mHz ARM processor and 32 MiB of RAM) unzip a 57 GiB file. It took it five days. It took me less than 30 seconds.

Re:A few rights

[MLease]

My company owns my email like they own the oxygen I breath while I am working. In other words- they don't.

You do not become a street whore simply by agreeing to work for someone. Companies don't understand this. If allowed, they would claim every last cell of your body as their property.

While I agree with the second paragraph, I take issue with the first. If you are using company email servers and equipment, they do own the email. You don't get a free ride just because you work for the company. Everything you do on their systems has to follow their acceptable use policy, if they have one.

-Mike

Re:

[davetd02]

To be more precise, the problem is that the company you work for wants to read your email. The problem reference in TFA is that somebody else wants to read your email. The usual scenario is that somebody is suing the company you work for and has demanded all the company's email as part of discovery; your employer is going to fight hard to stop your email from being disclosed, but the other side might still get it.

So it's not a Big Brother problem in the sense that your own boss is watching you, it's a Big

Re:

[davetd02]

Insert "not" in the first sentence, to read:

To be more precise, the problem is not that the company you work for wants to read your email.

A tag broke, I apologize for not hitting "preview."

Re:

[mcvos]

My company owns my email like they own the oxygen I breath while I am working. In other words- they don't.

If you are using company email servers and equipment, they do own the email. You don't get a free ride just because you work for the company. Everything you do on their systems has to follow their acceptable use policy, if they have one.

Not to mention the fact that the air you breath also comes from their AC units.

Re:

[ladybugfi]

>If you are using company email servers and equipment, they do own the email.

This is much dependent on your location and may be quite true in the US. However, there are quite civilized countries in the world where this is not true. For example, in Finland, your e-mail box on the corporate servers is protected by privacy laws to be your personal area.

In practice this means that if anyone else wants to access your e-mail, you must be asked consent. If you get hit by a car and end up comatose and thus incap

Re:A few rights

[speculatrix]

if you farted (break wind) at work, your employer would own the chemical formula. You can bet that if farts had useful chemical properties, you'd be plumbed in the moment you arrived at work!

Re:

[Belial6]

Of course it is, after all, it's "on a computer", so it has different rules than all of the other forms of correspondence that came before it.

Re:

[davetd02]

Not really -- if you used a typewriter a physical letter on company letterhead and sent it inter-office then it'd be just as discoverable in litigation as an email. The question here isn't who "owns" the document, it's whether a party to litigation can get access to it. Your employer is likely going to try to protect your privacy by preventing the document from being discovered.

It's not a question of ownership at all, it's a question of access and the discovery process in litigation. The whole point of di

Re:

[Fred_A]

Emails you send and receive using your work email account are your company's property by law.

Precision : true in the US, not necessarily elsewhere.

Re:

[nasor]

I think you missed the point here. We're talking about emails etc. that are related to lawsuits. If you are subpoenaed and required to hand over your computer harddrive as part of the discovery process, you are required to hand over your encryption keys too. PGP etc. wouldn't do you any good.

Re:

[nasor]

Remember, we're talking about civil court, not criminal court. You can try to plead the 5th, but refusing to hand over your keys is probably a great way to ensure that your side looses the lawsuit.

Re:

[Lehk228]

If, as an engineer, you signed off on the final product and it failed it doesn't matter what concerns you expressed to management, you signed off on it, it's your ass facing the negligent homicide trial.