IT Jobs
Deletion is not enough
Electronic destruction is needed - but must be stopped instantly when required
By Chris Mellor | Techworld
Published: 04:00 GMT, 04 January 07
Electronic documents are both more and less than paper documents. In the physical world paper documents exist. Burn the paper and the document is gone, leaving no trace, except ash and, possibly, references to it in other paper documents.
In the world of bits that ain't necessarily so. Delete a computer document and you delete an entry for it in the file system's index. The document contents, the stored bits, remain on a hard disk drive and there they stay until written over by some new file. An electronic document also exists as temporary files in a PC that has created or accessed it. They can also exist in backup container files.
Strictly speaking, when you delete a file it isn't deleted at all. A set of entries in an filesystem index is deleted but nothing else is. The original document contents are still recoverable by disk forensic software. The copies of it in temporary files can be found by other forensic software. Naturally copies of it in backup container files can also be found if looked for.
But what does this matter in any practical sense?
An article in a US legal review discusses this situation. First of all it uses the analogy of putting paper documents in a garbage bin that is not actually emptied until it is full up and space needs to be reclaimed for electronic document deletion. If you really want to delete a paper document you shred it. Therefore, to really delete an electronic document you must digitally shred it, wherever it exists.
The US courts recognise that document deletion is legitimate. It is unreasonable to expect documents, paper or electronic to be held for ever unless there are regulations governing their retention. Deletion of non-regulated electronic files is right and proper with one exception.
Wherever there is a reasonable expectation of legal activity that can require a file to be accessed then that file should not be deleted. If such deletion is detected then the courts will assume that it was done deliberately to thwart the legal activity and are likely to impose penalties.
If forensic software discovers copies of deleted documents which are deleterious to a party's case in a legal action then the courts will take a very dim view of that.
Consequently it is necessary to have a company-wide document deletion policy that enables an instant and totally effective 'litigation' hold to be put on individual document deletion.
The more rigorous and effective a company's document deletion policy with, for example, electronic wiping of deleted files, temporary cache emptying and metadata removal, the more rigorous the litigation hold needs to be.
Computer file systems are not designed to provide total and actual document deletion. If they were then, when a document was deleted each and every copy of it in cache, in backup sets, together with metadata referencing it, would be electronically over-written. Where regulations dictate that documents should be deleted, for example, due to data protection concerns, then, arguably, they should be really deleted.
This is an as-yet untested area by the courts, I believe. They may well take the view that, for example, an individual's privacy is protected well enough by standard electronic document deletion, aka filesystem index entry deletion, with no need for electronic shredding.
But let an individual whose privacy has been infringed with adverse results, let such an individual sue the offending company after such an incomplete document deletion process and things may change.
What seems to be clear is that, as legal oversight of organisations and their files is extended, then document deletion needs to be governed by clear policies that recognise what electronic file deletion means and say openly what should be done and not done.
As the law's influence creeps further into digital documents and records then software will have to adapt so that companies can defend their document retention and deletion policies as 'reasonable'.
Irritatingly the law does not clarify what is actually reasonable in any individual circumstance. It is interpreted 'on the fly' by judges in the courts applying the general provisions of a law in specific instances. If you are likely to be affected by these matters then get in touch with your company lawyers.
Add your commentComments