Jim Choate wrote :
On Tue, 5 Dec 2000, John Young wrote:
But that is trivial compared to your claim that you decide what is evidence and that it then becomes illegal to alter or destroy it. That appears to be playing cop without the authority.
No John, that is not my claim. You wish it were I bet. You need to adjust your meds again.
The destruction of property or materials which are evidence of a crime is itself a crime if done intentionally to cover up that crime.
To prove destruction of evidence you must prove that it existed in a form that was retrievable ( good luck ) and then that its destruction was done by a person who was aware of the crime ( not always so in the networking world ) for the purpose of concealing the crime( burden of proof on you ). I clean disk space randomly and not according to any schedule. Erase away, but not on the evil MS platform. Mike The whole idea that a government can assert some sort of eminent domain over all communications is offensive beyond words.
On Tue, Dec 05, 2000 at 06:06:41PM -0800, mmotyka@lsil.com wrote:
To prove destruction of evidence you must prove that it existed in a form that was retrievable ( good luck ) and then that its destruction was done by a person who was aware of the crime ( not always so in the networking world ) for the purpose of concealing the crime( burden of proof on you ). I clean disk space randomly and not according to any schedule.
Readers interested in this somewhat nuanced topic might find the text "Destruction of Evidence" by Jamie Gorelick (yes, THAT Jamie Gorelick) of interest; it's out of print but still findable through used book sources; publisher is Wiley & Sons, ISBN 0471611387. -- Greg Broiles gbroiles@netbox.com PO Box 897 Oakland CA 94604
On Tue, 5 Dec 2000 mmotyka@lsil.com wrote:
To prove destruction of evidence you must prove that it existed in a form that was retrievable ( good luck ) and then that its destruction was done by a person who was aware of the crime ( not always so in the networking world ) for the purpose of concealing the crime( burden of proof on you ). I clean disk space randomly and not according to any schedule.
Erase away, but not on the evil MS platform.
Actually all you have to prove is it existed, say you find a body with a big hole that was caused by a gun. Hiding/destroying the gun down would be a crime at that point. If they could prove that you did the crime through other means, and that the crime was commited with a gun (which follows you had the gun at one time) then they could nail your slimey ass to the wall without ever laying hands on the gun. Similarly, grinding off s/n's, wiping disks (which your statement above would qualify as evidence), etc. to modify or otherwise alter the evidence would also be criminal. It's even a crime to destroy evidence in a civil (ie non-criminal) case. ____________________________________________________________________ Before a larger group can see the virtue of an idea, a smaller group must first understand it. "Stranger Suns" George Zebrowski The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------
----- Original Message ----- From: "Jim Choate" <ravage@einstein.ssz.com> ...
It's even a crime to destroy evidence in a civil (ie non-criminal) case.
That's why you hear about companies creating "data retention" policies. They're not really about "retention". The company sets standards that stipulate what records should be kept, how long, and most importantly to the company that they should be destroyed after the official retention time has passed. By setting forth such a policy they can tell a plaintiff "We're sorry, we don't have those documents/e-mails/data anymore. That data has been destroyed per our records retention policy". If they can prove that they have a policy and are following it, they can't be accused of destroying evidence. Nifty Huh ? In defense of companies, it keeps ambulance chasers from subpoenaing ALL the company's records and then finding some information (a disgruntled employee's e-mail rant), that taken of context, makes the company appear guilty. After e-mails were used by the DOJ as "evidence" that Micro$oft was guilty of "anti-competitive" practices, it was quietly proposed by legal department at a company I know of that the e-mail system be configured to automatically delete users e-mail after a set time period, and not allow the easy off-line storage of messages. It was handily rejected by the IT department as impossible to implement and shouted down by many managers who didn't want their CYA e-mails automatically deleted. Neil M. Johnson njohnson@interl.net http://www.interl.net/~njohnson PGP Key Finger Print: 93C0 793F B66E A0C7 CEEA 3E92 6B99 2DCC
At 09:35 PM 12/5/00 -0600, Neil Johnson wrote:
After e-mails were used by the DOJ as "evidence" that Micro$oft was guilty of "anti-competitive" practices, it was quietly proposed by legal department at a company I know of that the e-mail system be configured to automatically delete users e-mail after a set time period, and not allow the easy off-line storage of messages. It was handily rejected by the IT department as impossible to implement and shouted down by many managers who didn't want their CYA e-mails automatically deleted.
That's one of the applications that Disappearing Ink's system is designed for. Email is stored in encrypted form, with the decryption requiring an access key from Disappearing or a similar corporate server, and the access key is regularly destroyed unless there's a specific order to retain it. This doesn't stop you from saving the mail outside the system, and it doesn't stop a court order from saying "keep all your current and future email", but it means that routine mail is routinely deleted, unless you go out of your way to move it to your CYA server or your Keep_for_later_use storage. But it substantially reduces the risk of fishing expeditions going after everything you've ever written and every backup tape you've got. Does this integrate well with Microsoft Outlook Mail gi-mongous undocumented-binary-format mailboxes? (Actually, it probably does quite well - not clear if it works well with the Exchange mail server, but MS already encourages people to use binary proprietary attachments instead of inline text. You do have to deal with the network firewall issue, but I think they've got proxy capabilities.) Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
participants (5)
-
Bill Stewart -
Greg Broiles -
Jim Choate -
mmotyka@lsil.com -
Neil Johnson