RE: Spoliation cites
james wrote:
If one keeps records, and suddenly someone sues one, and THEN one starts shredding, yes, then one can get into trouble. If however, one shreds away indiscriminately, on a routine and regular schedule, one is in the clear. As a remailer operator said to the courts "Sorry, I do not keep records".
Now if he had kept records, and then erased them on being summoned to the court, he would have had a problem. But because he erased them routinely, no problem.
If you read any of those cites and shep'd them, you will see there are circumstances where defendants didn't know the documents were relevant to a specific lawsuit. There is support for the words "SHOULD HAVE KNOWN" might NOT equivocate to: "a lawsuit has been filed." Nor even "expect a specific lawsuit." Furthermore, in Lewy, they did adhere to a destruction policy and plaintiffs got a jury instruction allowing for a negative inference. Does this tell you anything? Normally, you consider the following in a retention policy: o pending or threatened litigation = easy answer, keep it. o statute-specific retention requirements = easy answer.... o statutes of limitations = starts getting fuzzy here, usually the length of the relationship, plus the limitations periods.... o real estate = long time. o IP = forever. o email = most say a few weeks, unless it is a complaint, etc. It's not so simple as many think. It's document specific. ------- In certain cases, opponents may argue that the high-risk nature of certain enterprises amounts to a state of continual pending or threatened litigation, although non-specific in nature. They also may argue, as in Lewy, that destruction pursuant to a retention policy and normal business practice -- is not good enough. The court will look beyond the practice to ask if the policy is reasonable GIVEN THE PARTICULAR NATURE OF THE DOCUMENT AT ISSUE. The root of the matter is: SHOULD YOU HAVE KEPT IT? The court seemed to infer in Lewy that the nature of the business and the likelihood of litigation is a consideration. -------------------------------------------------------- Lewy v. Remington Arms Co. 836 F.2d 1104 (8th Cir., 1998) -------------------------------------------------------- ..."We hold that there was sufficient evidence from which the jury could find that Remington knew the M700 was dangerous. The following evidence was before the jury: complaints from customers and gunsmiths that the Model 700 would fire upon release of safety, some of these complaints dating back as far as the early 1970s; .... .....Remington was unable to produce several documents that were destroyed pursuant to Remington's "record retention policy." Remington argues that destroying records pursuant to routine procedures does not provide an inference adverse to the party that destroyed the documents. Smith v. Uniroyal, Inc., 420 F.2d 438, 442-43 (7th Cir. 1970). The record reflects that Remington had its record retention policy in place as early as 1970. In addition, the records that have been destroyed pursuant to the policy -- complaints and gun examination reports -- were kept for a period of three years and if no action regarding a particular record was taken in that period it was destroyed. Vick v. Texas Employment Commission, 514 F.2d 734, 737 (5th Cir. 1975) (records destroyed pursuant to regulations governing inactive records). ...First, the court should determine whether Remington's record retention policy is reasonable considering the facts and circumstances surrounding the relevant documents. For example, the court should determine whether a three year retention policy is reasonable given the particular document. A three year retention policy may be sufficient for documents such as appointment books or telephone messages, but inadequate for documents such as customer complaints. ****************** ...Second, in making this determination the court may also consider whether lawsuits concerning the complaint or related complaints have been filed, the frequency of such complaints, and the magnitude of the complaints. ***************** [i.e., not just lawsuits - complaints. The court probably wanted to know if the defendant was on notice that this information would be sought in future NON-SPECIFIC litigation.] **************** Finally, the court should determine whether the document retention policy was instituted in bad faith. Gumbs v. International Harvester, Inc., 718 F.2d 88, 96 (3rd Cir. 1983) ("no unfavorable inference arises when the circumstances indicate that the document or article in question has been lost or accidentally destroyed, or where the failure to produce it is otherwise properly accounted for."); Boyd v. Ozark Air Lines, Inc., 568 F.2d 50, 53 (8th Cir. 1977) ("We recognize, however, that the destruction of business records may be sufficient to raise an unfavorable inference."). In cases where a document retention policy is instituted in order to limit damaging evidence available to potential plaintiffs, it may be proper to give an instruction similar to the one requested by the Lewys. Similarly, even if the court finds the policy to be reasonable given the nature of the documents subject to the policy, the court may find that under the particular circumstances certain documents should have been retained notwithstanding the policy. ************ For example, if the corporation knew or should have known that the documents would become material at some point in the future then such documents should have been preserved. Thus, a corporation cannot blindly destroy documents and expect to be shielded by a seemingly innocuous document retention policy. Gumbs, 718 F.2d at 96 ("Such a presumption or inference arises, however, only when the spoliation or destruction [of evidence] was intentional, and indicates fraud and a desire to suppress the truth, and it does not arise where the destruction was a matter of routine with no fraudulent intent.") (quoting 29 Am. Jur. 2d Evidence ' 177 (1967)). ### In some high-risk endeavors, opponents may argue that destruction or purposeful non-retention = fraudulent intent. I don't think Remington REALLY wanted to keep those complaints 3 years, James. Ask yourself why they did even that. Look, we are just trying to envision what opponents are likely to try. The outcome will depend on the facts. Finally, the fact that a case (within the range of hypotheticals we have discussed) has not arisen is not dispositive on the issue. If that were the case, James, precedent would have no value, because the law could never move forward. Indeed, precedent, by it's very nature usually involves something novel. Otherwise, it wouldn't get to court, because everybody would know the answer.
You guys keep telling us we are not allowed to routinely purge records,
You keep speaking in absolutes. It's more complicated.
But if you routinely destroy records on the basis that all records of type Y more than X days old shall be destroyed, unless there is some specific reason for keeping them, routine, regularly scheduled erasure of logs, then you are not destroying them in specific anticipation of a lawsuit. You may well be destroying them in general anticipation of the general possibility of lawsuits, as Microsoft quite obviously is, as most companies quite obviously are, but Microsoft is not destroying them in specific anticipation of a specific lawsuit, so they are in the clear.
See above. ~Aimee
-- On 5 Aug 2001, at 5:07, Aimee Farr wrote:
If you read any of those cites and shep'd them, you will see there are circumstances where defendants didn't know the documents were relevant to a specific lawsuit.
That summary of those cases seems misleading to me. You yourself have acknowledged that standard best practice legal advice is to routinely purge all internal email after a few weeks. That does not sound not compatible with your summary above of those citations, and it is incompatible with the positions taken by Sandy and Black Unicorn. Most of the postings issued by you three, particularly those issued by Black Unicorn, sound to me as if they were issued in ignorance of the standard and legally recommended practice, that you were unaware of standard best practice on the topic on which you were posting. To repeat: If it is legal to routinely purge all internal email, it is legal to publish thoughtcrimes on freenet, legal for remailer operators to keep no logs. If it ever becomes illegal, the lawyers will go looking for records of deep pockets first, and go after the remailer operators later. We do not have to worry about mandatory remailer logs, until after the lawyers have successfully enforced mandatory recording of all indications of deep pockets. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG rz25ERk2AhUYlyVa+bptsmwFk4GPnsFcuOKIu4CG 4FGjwWSSPJFC3LQUmXNIITgeThxTqDx73aiC1gwaT
James wrote: --
On 5 Aug 2001, at 5:07, Aimee Farr wrote:
If you read any of those cites and shep'd them, you will see there are circumstances where defendants didn't know the documents were relevant to a specific lawsuit.
That summary of those cases seems misleading to me.
Obviously. James, you are like a snappin' turtle. You just won't let go. I could move you with a stick.
You yourself have acknowledged that standard best practice legal advice is to routinely purge all internal email after a few weeks.
Yes. Unless it is of special relevance. For example: Dear company: I just wanted to write you and tell you that the microwave that I bought from you exploded. Thought you should know. Nobody was hurt, thank goodness! Maybe something is wrong with it? Thanks, Mrs. Smith The above wouldn't just be any old email now would it?
That does not sound not compatible with your summary above of those citations, and it is incompatible with the positions taken by Sandy and Black Unicorn.
No.
Most of the postings issued by you three, particularly those issued by Black Unicorn, sound to me as if they were issued in ignorance of the standard and legally recommended practice, that you were unaware of standard best practice on the topic on which you were posting.
No.
To repeat: If it is legal to routinely purge all internal email, it is legal to publish thoughtcrimes on freenet, legal for remailer operators to keep no logs.
If A is L, than B and C are L?
If it ever becomes illegal, the lawyers will go looking for records of deep pockets first, and go after the remailer operators later. We do not have to worry about mandatory remailer logs, until after the lawyers have successfully enforced mandatory recording of all indications of deep pockets.
Somebody give me a stick! James, truly, I see the point you are trying to make and the logic you are trying to apply. We will see what the courts do. ~Aimee
On Sunday, August 5, 2001, at 03:01 PM, Aimee Farr wrote:
Yes. Unless it is of special relevance. For example:
Dear company:
I just wanted to write you and tell you that the microwave that I bought from you exploded. Thought you should know. Nobody was hurt, thank goodness! Maybe something is wrong with it?
Thanks,
Mrs. Smith
The above wouldn't just be any old email now would it?
Which is why important letters and notifications which may be relevant in some future case are almost always sent via registered mail, served in person, and so on. \ There is a big difference between a legal notice like "You are hereby notified of a possible defect in your Whackomatic product and copies of this letter have been sent to your legal offices and with the Better Business Bureau." and "Hey, I hope you kept that e-mail I sent you last year." LIkewise, communications are frequently channeled to specific addresses ("Send product warranty queries to ....") and are even discarded ("Unsolicited manuscripts and letters sent to Big Studio, Inc. are destroyed"). Now, is there some _specific_ legislation requiring either these kinds of "records retention" or "manuscript submission" policies? Maybe in some cases, by direct legislation. Certainly not for remailer logs, which is the point James and others of us have been making. Is there a _custom_ for some of these policies? Sure. Lawyers probably keep most letters which come to them...but probably don't worry about e-mail too much. (I used to correspond with several lawyers. Should I expect that they kept my e-mails? Of course not.) What about the role of _technology_? With the technology of formal letters, printed on formal legal department letterheads, and with filing cabinets in offices across the land, the _technology_ fits with the _custom_ of filing every letter received. With e-mail, which is ephemeral, subject to inadvertent erasure (hit the wrong key and it's gone), subject to erasure or misfiling during housecleaning, hard disk crashes, reformattings, or just plain switching mailers, there is much less expectation of permanence. (By the way, I am using the "three legs" of LAW, CUSTOM, and TECHNOLOGY, as outlined by Larry Lessig several years ago (and presumably recapped in his recent book, "Code," which I haven't yet picked up except in bookstores. I don't agree with Lessig's conclusions, but I felt his analysis was a useful one. I wrote a couple of articles on how his model fits with my own models (very similar, though I don't claim Lessig was influenced by me, even though we overlapped for a while on Cyberia).) Getting back to remailer logs for a moment, why is a remailer any more responsible for keeping detailed logs than a person like me is for keeping logs of what mail I received, whom I bounced it over to, and so on? The fact that Robb London might be "very interested" in where I bounced Jim Bell's mail to does NOT mean I had any obligation to keep detailed records, presumably in a form not subject to erasure or loss through routine misadventures of the computer kind. And as James keeps ragging about, if they haven't gone after Microsoft for "spoliating" as MS got rid of old e-mail and limited employee planners and notes, they surely can't go after the operator of the noisebox remailer, for example, for failing to keep logs of all traffic from May 19, 1999 to May 24, 1999. (And, by the way, conventional remailer logs, it would seem, would be of incoming traffic and outgoing traffic. The guts of the "request-remailing-to" operation, in either Cypherpunks Type I or 1 or Mixmaster remailers happens inside another program. It would take extra twiddling of the logging software to actually add a report saying "Incoming message #71734 was pooled and was sent out 23 minutes and 18 seconds later as outgoing message #70219." Standard Unix or Linux logs should not be very helpful, and keeping them is not required by any current statute. (CALEA may have stuff in it about logs, but the LEAs have yet to push in this direction. Certainly an ex post facto laws penalizing someone for violating CALEA when no CALEA standards/precedents are established would be a reach.) --Tim May
To add to what I said earlier: On Sunday, August 5, 2001, at 03:36 PM, Tim May wrote:
On Sunday, August 5, 2001, at 03:01 PM, Aimee Farr wrote:
Yes. Unless it is of special relevance. For example:
Dear company:
I just wanted to write you and tell you that the microwave that I bought from you exploded. Thought you should know. Nobody was hurt, thank goodness! Maybe something is wrong with it? .... The above wouldn't just be any old email now would it?
Which is why important letters and notifications which may be relevant in some future case are almost always sent via registered mail, served in person, and so on. \
There is a big difference between a legal notice like "You are hereby notified of a possible defect in your Whackomatic product and copies of this letter have been sent to your legal offices and with the Better Business Bureau." and "Hey, I hope you kept that e-mail I sent you last year."
By the way, my insurance companies, financial advisors, and real estate agents will NOT take e-mail orders or instructions. Morgan Stanley Dean Witter, for example, will NOT take orders or instructions in e-mail. Reasons for this are obvious. Now someday there may be a more robust _technology_ for ensuring receipt of e-mail (return receipts and digital signatures go a long way, of course, toward this end). This may then change the _customs_ of users of e-mail. And then the _law_ may evolve to fit these changes in technology and custom. But this is now. --Tim May
----- Original Message ----- From: "Tim May" <tcmay@got.net> To: <cypherpunks@lne.com> Sent: Sunday, August 05, 2001 3:36 PM Subject: Remailer logs
On Sunday, August 5, 2001, at 03:01 PM, Aimee Farr wrote:
Yes. Unless it is of special relevance. For example:
Dear company:
I just wanted to write you and tell you that the microwave that I bought from you exploded. Thought you should know. Nobody was hurt, thank goodness! Maybe something is wrong with it?
Thanks,
Mrs. Smith
The above wouldn't just be any old email now would it?
Mr. May replies:
Which is why important letters and notifications which may be relevant in some future case are almost always sent via registered mail, served in person, and so on.
...and why some lawsuit attracting materials are sent via remailers. And this I think is the point.
There is a big difference between a legal notice like "You are hereby notified of a possible defect in your Whackomatic product and copies of this letter have been sent to your legal offices and with the Better Business Bureau." and "Hey, I hope you kept that e-mail I sent you last year."
Yes, but in two of the cases I cited no such notice was sent or required. Moreover, the remailer operator is in a much _worse_ position with respect to this issue. How can he or she know which emails are of potential probative value to a court? The remailer operator who gets a _single_ complaint arguably should have to retain _all_ logs and correspondence indefinitely after that and archive it as he/she is on notice that one or more might be infringing and he/she has no ability to distinguish which one will be important- at least under this argument.
LIkewise, communications are frequently channeled to specific addresses ("Send product warranty queries to ....") and are even discarded ("Unsolicited manuscripts and letters sent to Big Studio, Inc. are destroyed").
But now we are talking about communications sent through third parties with much more established content immunity (postal service, common carriers, etc.) Remailers don't seem to be at that level yet. We are also moving the discussion to the potential liability of a company who receives these things, a direct party to the suit, rather than where it was originally, on the potential liability of a third party for "spoliation" of "evidence" they wittingly or unwittingly handled. Making comparisons to Big Studio, Inc. and such avoid the basic point I think. Big Studio, Inc. for one- has a much more legitimate set of reasons to have a _document_ destruction policy. Storage costs and etc. Now, Big Studio, Inc. has even _less_ reason to destroy email. It's easy to archive, bits don't weigh much (anything), it's cheap compared to paper storage and CD-Rs have a good shelf life (15-50 years I think I once read? Your mileage may vary). What compelling reason does Bob's garage housed remailer service have to destroy information related to the content that passes his wires. The first and most obvious answer is the exact and stated purpose of the remailer- obscuring information about that content's source, destination and etc. This is the problem. Impossible to deal with? No. Criminal? Maybe, but the circumstances would have to be extreme. Potentially the subject of a costly civil suit? Potentially. Potentially subjecting the remailer operator to subpoena or other nonsense? Definitely. Already happened. It's like someone (Mr. May?) once said about y2k: It's not the odds, it's the stakes. A little insurance goes a long way. With respect to third parties it's clear that liability for spoliation can exist. It's also clear that that can be based on mere negligence. It's also clear that there need be no proceeding in progress. The third party can be entirely ignorant of a potential case. All of this is worrisome.
Now, is there some _specific_ legislation requiring either these kinds of "records retention" or "manuscript submission" policies? Maybe in some cases, by direct legislation. Certainly not for remailer logs, which is the point James and others of us have been making.
Specific legislation? Not needed. Of course the first thing we look for is specific legislation- that makes the job easy. The reality is that there is rarely a statute that speaks directly to a new issue like the liability of remailers for "infringing" content or thought crime distribution. If there were lawyers wouldn't be needed. (That would be a nice change). On the flip side it means that prosecutors, in the absence of a specific statute, are going to stretch what they have and that legislators (trying to keep up with the lack of specific statutes for technical issues) will write nice broad laws to keep the prosecutors (which they once probably were themselves) happy. Also remember, that criminal liability (which would be covered by statute) isn't necessarily all we are worried about. For the graduate student/salaryman remailer operator civil liability would be much the same problem, if not worse since if it got to that point the powers driving civil litigation would probably be better funded and incented than would the feds _and_ in some cases (copyright, DMCA, Antitrust etc.) will _also_ have the feds to play with. Combine copyright with DMCA, Adobe and a remailer and you have something potentially really ugly for a remailer operator. He/she might not even be the focus of the suit, but get steamrolled in the process- typical.
Is there a _custom_ for some of these policies? Sure. Lawyers probably keep most letters which come to them...but probably don't worry about e-mail too much. (I used to correspond with several lawyers. Should I expect that they kept my e-mails? Of course not.)
Well, given that there are at least 3 examples I know of where e-mail destruction (even in Microsoft's case where it was made to look "routine" and linked with a newly developed policy) was used successfully to impose sanctions or modify jury instructions I think there is ample precedent for concern. Also, as I've pointed out, destruction policies do help some, but not all _that_ much and the only reason they help is because the large company has a legitimate reason for the policies (storage costs, maintenance costs, sorting costs- mostly costs). Again, Bob's remailing service isn't going to have that argument (of course the battle of the experts might ensue where Bob, at his own expense and with the $67.50 legal defense fund raised by the cypherpunks hires Mr. Trei or someone similar to testify about how these are normal and best practices- but I'd be surprised if that made a whole lot of difference). Let's just try to step out of techno-think here for a second. If you tell joe sixpack that Bob is running a service that strips off the headers of email for the purposes of rendering the sender anonymous (not to mention all the other things mixmaster does far beyond this simple measure) and that Bob not only full well knew this but fully intended to provide this service- add to that the fact that it would be pretty easy to show that remailer operators knew (or should have known) that their service was highly likely to attract illicit or otherwise litigation attracting content (this is the point right?)- I think it's a pretty safe bet joe sixpack is going to nod his head a lot at the prosecutor despite the objections of all these young whipper-snapper techno-weenies making clever "but it's not REALLY destroying the data, its just making it totally inaccessible for 900 years without the right key" arguments. Now that's just joe sixpack. I haven't even gotten to thinking much about what a judge will think of what the prosecution will inevitably call an "evidence destruction engine." Here's how I might play this out as a prosecutor: Mr. Smith, you run a service called the "nobody" mixmaster remailer? And this service destroys identifying information from incoming electronic mail before passing it on to the next destination? So the purpose of this service is to mask the identity of the sender? If say, I wanted to send a death threat, this would mask my identity fairly well? I could probably get away with that then, couldn't I? The police would be powerless? The FBI? Indeed, your service been carefully designed with that kind of threat model in mind? And are you aware of any legal proceedings involving other remailers? Are you aware of a similar service offered called the "Free Zone at blah@blah.net? So you aren't aware of the legal complications involving that remailer and the Church of Scientology? Your honor, I'd like to introduce Exhibit D, conversations on a mailing list discussing the design of the mixmaster remailer in which the designers and other participants discuss mixmaster remailer use in deterring legitimate law enforcement and civil investigations and the Scientology incident specifically. I'd also like to introduce Exhibit E, a list of the email addresses of recipients on that list during these discussions. If the witness could please read line 453, highlighted on the sheet there. Is that your email address? Does that refresh your memory, you _were_ on this mailing list during these discussions weren't you? So you were aware of these design criteria, to deny identifying evidence to lawful authorities or civil litigants? Excuse me, to provide the users with.... total anonyminity. I'm sorry. Mr. Smith, do you charge for users of the remailer? So is it safe to say that you don't intent to profit from this service? Then your motivation for running the service is... to help people destroy evidence then? Ok, sorry your honor, withdrawn. Then your motivation for running this service is definitely not for profit? You're a good citizen, as it were? Yes, of course you are. You destroy all logs about users of the service, isn't that correct? Excuse me, you "fail to record" any information about users of the service? I'm confused. Someone sends an electronic mail to your service, it has a "reply to" or a "from" header on it when it arrives, correct? But before sending it on to its destination, you destroy this information, correct? Excuse me. Delete it. Whatever. I see. So people would use this service to mask their identity, if they didn't want to be responsible for the content they are sending perhaps? And someone committing a crime, something untraceable, they would be able to hide behind your service wouldn't they? But that is a risk of running the service yes? What about, say a drug deal? A death threat? Something libelous? So wouldn't it be safe to say that a reasonable person might expect some abuse of such a service by criminals? Isn't it true that you have an abuse@blah.net address to deal with this precise eventuality? So you expected there might be legal problems? blah blah blah Now, I've omitted the witnesses responses, the myriad of objections and such that such an exchange would certainly create, but I think it makes a point. Whatever the outcome of this exchange in terms of the record the 50+ year old gray haired Reagan appointee behind the bench and the idiots who couldn't figure out how to dodge jury duty are going to get a pretty distinct impression of this service. It just plain looks bad. This is what I have to keep pointing out. It doesn't _matter_ if its technically kosher. It just plain looks bad. I'd be surprised of some of the jury members didn't write their congressmen insisting a law be passed to rid us of this scourge of remailers after a clever prosecutor got to them. We need to work hard on making remailers look better in this kind of a scenario. Granted it's extreme, but that's how cypherpunks define their threat models- no? Overkill is our friend in security design, plus, it's usually pretty cheap to add 64 bits to a key. I've only thrown this example together using typical prosecutorial tricks (use of the word "mask" instead of hide, use of the word "destroy" instead of strip, work in a parade of horribles, etc. etc.) that came to me off the top of my head. Yes yes, armchair lawyers, I've lead the witness a few times and such to keep the space down, but I could get it all in with twice the space if I really wanted to. So could any good courtroom lawyer. I'm sure someone who had prepared carefully would be plenty more sophisticated about it, and run the witness into plenty more traps than I bothered to get into.
What about the role of _technology_? With the technology of formal letters, printed on formal legal department letterheads, and with filing cabinets in offices across the land, the _technology_ fits with the _custom_ of filing every letter received. With e-mail, which is ephemeral, subject to inadvertent erasure (hit the wrong key and it's gone), subject to erasure or misfiling during housecleaning, hard disk crashes, reformattings, or just plain switching mailers, there is much less expectation of permanence.
But that's going away slowly. The EPM, digital signatures, archival services, all of these things are moving towards permanence, not away from it. I can find ancient posts I forgot I even wrote from years back on google or anywhere else. I can't find any of the paper copies of papers I wrote from back then anymore in anything less than 2 hours of looking. I'd say digital technology is doing just fine in this regard. Sure, there's bit rot, but it's closely coming to be not much more significant than microfiche run, or paper mold, perhaps even less so with the introduction of cheap CD-R technologies and coming cheap DVD-R technologies. If anything the persistence of archives and search engines is having the reverse effect, one of the reasons I started using a nym in the first place, one of the reasons I continue to. Also, courts are constantly whining about the potential destruction of evidence in such a way that it's caused major erosions of the 4th. No-knock searches are primarily justified at the threat of lost evidence to the court. E-mail and electronic data is the ultimate threat for lost evidence. It takes just a power interruption to destroy all the information (read: evidence) on a poorly (properly?) designed system. Doesn't that make you wonder if eventually, over the next several years these sorts of things are going to be taken much more seriously? When there is no more "smoking memo" because the office is mostly paperless, the smoking e-mail is going to be the king of the Hollywood courtroom drama scene. Expect e-mail to get more, not less onerous for people handling it. [Good stuff about Lessig removed]
Getting back to remailer logs for a moment, why is a remailer any more responsible for keeping detailed logs than a person like me is for keeping logs of what mail I received, whom I bounced it over to, and so on?
Because the case is much easier to make that a remailer operator knew or should have known that there was the potential for content coming across his service to be the subject of a dispute. That's the whole point of the remailer. It shifts the risk and costs of investigation to the remailer operators, from the sender. It follows that in the efficient market the remailer operators are the best able to deal with that risk and those costs, hence their willingness to shoulder that burden. I think today that's not necessarily so and given that the risk of handling illicit information has geometrically increased over the last few years (DMCA etc. etc. ad nauseaum) it only follows that remailer operators should follow suit and augment their risk management efforts. The inescapable reality- despite all the window dressing we might put on them- is that remailers perform a single function- making email untraceable- from which a few purposes legitimate- free speech, recovery groups, human rights, whistleblowers- and illegitimate- libel, copyright violation, etc.- may stem. I'm going to take the liberty of pointing out (without taking a position one way or the other) that even the _legitimate_ purposes are somewhat at odds with the interests of courts and the judicial system. Specifically, someone admitting they have just bought and currently possess 2 grams of cocaine on narcotics anonymous and god if they aren't trying to resist using it if only their NA buddy would answer the phone- is a contemporaneous admission of a felony (to wit: possession of narcotics) in which a court has a legitimate interest in preserving the evidence for (whatever you think of drug laws or the jurisdictions of courts and etc.) Whistleblowers are probably in violation of an NDA somewhere. They are circumventing law for the "higher good." That "higher good" is generally going to be a matter of perspective and it will vary in its weighted importance depending on the individual. (One man's freedom fighter, another man's terrorist, etc.). Remailers are a "short circuit" of some of the really poor and unfortunate outcomes of all information being traceable and available to courts. (Insert discussion of importance of anonymity and its critical role in everything from political speech to the founding fathers, the federalist papers etc.) But let's be frank and recognize that not everyone, particularly non-cypherpunkish types, will appreciate that or consider that a "good thing"(tm). To these people a prosecutor's description of an "evidence destroying engine" is going to probably stick- even if it was objected right out of the record (which it may or may not have been) and the jury instructed to disregard it (which they may or may not have been). Some of the high end plaintiff's lawyers I've encountered and worked with will actually test their catch phrases ("evidence destroying engine") on focus groups to see what sticks- what they can slip in that will stay with jurors even if they can't read it in the record later. Sometimes they will do these things by adding in what they know about the jurors. GM and Hogan & Hartson were very good at this- using demographic information about the jury to tailor "objected away" comments to stick in the minds of mothers, single working professionals, etc. right to the end.
The fact that Robb London might be "very interested" in where I bounced Jim Bell's mail to does NOT mean I had any obligation to keep detailed records, presumably in a form not subject to erasure or loss through routine misadventures of the computer kind.
Depends on how you want to define obligation. Do you think a manufacturer of a product has an obligation to keep old design notes around for over a decade even when their attorney tells them they can toss em? Do you think a car dealer has an obligation to keep around every used car they ever get their hands on, instead of selling them, on the off chance they might be evidence in a suit? Do you think Microsoft has an obligation to keep every single email they ever sent just in case they one day get sued for Antitrust? I don't. Courts have all found some level of obligation (of varying severity/intensity) in these examples. I think they are all patently silly. I think they are bad law. Doesn't change the fact that they are precedent. The key factor in all these is that information a court wanted seemed to be in the possession or control of these parties at one time or another. A remailer operator, in my view, is much likelier to be in a position to handle such information, or be seen as a potential source of the information, than the same individual not running a remailer.
And as James keeps ragging about, if they haven't gone after Microsoft for "spoliating" as MS got rid of old e-mail and limited employee planners and notes, they surely can't go after the operator of the noisebox remailer, for example, for failing to keep logs of all traffic from May 19, 1999 to May 24, 1999.
But they DID go after MS. And MS was almost sanctioned for it and it _was_ in the jury instructions. Remember also that Microsoft lost at trial. Moreover MS knew this was a potential problem and therefore specifically did _not_ have an email destruction policy in place before the suit- at odds with some of the fervent (and totally unsupported) claims by persons here that they did. They had a very aggressive e-mail _retention_ policy. As early as 1992 they asserted that all U.S. emails were preserved for fifteen (15) years. (!) See e.g.,: Los Angeles Times, November 5, 1998. See Also Generally: Wendy Goldman Rohm's outstanding book "Microsoft File: The Secret Case Against Bill Gates." Microsoft then instituted a far less inclusive "retention policy" (See Caldera v. Microsoft) and also an "upgrade policy." As it happened the "upgrades" didn't convert over the old mail. This was the subject of the potential sanctions and quite a to-do at the time. Mind you, these were all in the context of "routine" destruction. Since then I understand from third parties that they have changed their policy and now archived email is pretty much allowed to slowly rot and general disinterest paid to archives, no policy is actually implemented- much better looking really. Just careless, not malicious.
(And, by the way, conventional remailer logs, it would seem, would be of incoming traffic and outgoing traffic. The guts of the "request-remailing-to" operation, in either Cypherpunks Type I or 1 or Mixmaster remailers happens inside another program. It would take extra twiddling of the logging software to actually add a report saying "Incoming message #71734 was pooled and was sent out 23 minutes and 18 seconds later as outgoing message #70219."
A compelling technical argument. Not so compelling without lots of expert testimony in court. _I_ agree with you, Mr. May. I'm pointing out that we need to find ways to give remailer operators more shielding than these kind of technical arguments- which courts do not traditionally have an easy time understanding. (Napster, MPAA, RIAA, Microsoft, etc.).
Standard Unix or Linux logs should not be very helpful, and keeping them is not required by any current statute. (CALEA may have stuff in it about logs, but the LEAs have yet to push in this direction. Certainly an ex post facto laws penalizing someone for violating CALEA when no CALEA standards/precedents are established would be a reach.)
Again, the fact that no statute exists hardly gets you out of the woods- none of the cases I cited rely on a statute to impose sanctions, except for the relevant rules of civil procedure and potentially obstruction of justice, which is such a catch-all that it can be applied here. (CALEA is dead at sea- and I hope it stays that way). Mr. May later comments:
By the way, my insurance companies, financial advisors, and real estate agents will NOT take e-mail orders or instructions. Morgan Stanley Dean Witter, for example, will NOT take orders or instructions in e-mail.
My broker, banker, and financial advisors all will accept signed email instructions from me. I rarely give instructions this way, however- that's personal preference. They are not the only ones either. I know of three large trading operations that use email now to deal with large contract trades. (They used to use fax). Moreover they keep archives for 10 years of all their customer e-mails.
-- On 5 Aug 2001, at 18:32, Black Unicorn wrote:
Yes, but in two of the cases I cited no such notice was sent or required. Moreover, the remailer operator is in a much _worse_ position with respect to this issue. How can he or she know which emails are of potential probative value to a court?
If you knew beans from shit, you would know that puts him in a much better position on this issue. No possibility of guilty mind. He cannot be intentionally destroying evidence. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG b/ClMIY27s2DMQtvnXlpQWZGSjat1cjm/g+dX/zX 4G0us9N4kZ7YRQGwSQzQC9ktxLx3CBXpuaml6TgmW
-- James A. Donald:
You yourself have acknowledged that standard best practice legal advice is to routinely purge all internal email after a few weeks.
Aimee Farr wrote:
Yes. Unless it is of special relevance.
If one is operating a company, the guy who purges the email on the mail server is not expected to know or care what is of special relevance -- he just purges it by date. If he knew what he was purging, and chose to purge one thing and not another, his decisions would cause no end of legal troubles. The whole point and purpose of the purging is to ensure that those inconvenient emails that so embarrassed Bill Gates will be GONE, emails that most certainly were of special relevance. The whole point and purpose of Microsoft's new policy on email is to avoid a rerun of the Bill Gates courtroom saga, so that there will be no inconvenient specially relevant emails about Windows XP in the way that there were highly inconvenient specially relevant emails about Windows Explorer. And if it is legitimate for companies to avoid the Bill Gates experience by purging mail files, then it is legitimate for them to avoid the Bill Gates experience by encrypting with perfect forward secrecy, and all the rest of the cypherpunks program is similarly legitimate.
Dear company:
I just wanted to write you and tell you that the microwave that I bought from you exploded. Thought you should know. Nobody was hurt, thank goodness! Maybe something is wrong with it?
Thanks,
Mrs. Smith
The above wouldn't just be any old email now would it?
Defence: "I am sorry. All our email is routinely deleted. All complaints corresponding to a single bug are summarized into a single entry in our bug database, and we have given you that entry. This alleged message would appear to correspond to bug Microwave#38 in our bug database, which we kept and gave you as part of your discovery process, giving you an accurate good faith account of all our knowledge of problems with our product. You will notice that our bug fix database records our prompt and effective resolution of the problem to which this alleged email appears to refer. " Accuser: "You threw away inconvenient evidence!" Defence: "No we did not. We kept it for some time, then recorded it in summary form, to render a large number of events as a small number of intelligible issues. This enabled our management to handle what would otherwise be an intolerable flood of information, and now it is producing similar benefits in this courtroom, since going through each complaint separately in the court room would have run up tens of millions of dollars in legal fees, which was of course your intention." Do you think this conversation is going to get the company in trouble for destroying evidence? I very much doubt it. (Well it would if defense spoke so plainly, but like Herodotus, I represent defence saying what he means, instead of what he would actually say.) More importantly that internal email from the VP of engineering that says "About the damned exploding microwave -- only customers that are so moronic they leave forks in the microwave and then blithely ignore the sparks, smoke, and balls of flame for the next ten minutes get that problem -- serve the damned idiots right" will never appear in the evidence, even though it is a lot more specially relevant than any one letter of complaint about an exploding microwave oven. James A. Donald:
Most of the postings issued by you three, particularly those issued by Black Unicorn, sound to me as if they were issued in ignorance of the standard and legally recommended practice, that you were unaware of standard best practice on the topic on which you were posting.
Aimee
No.
I am unable to reconcile Black Unicorn's recent post, where he denounces almost the entire cypherpunk program as illegal by current legal standards and a manifestation of foolish ignorance of the law and obstinate refusal to take his wise advice, with the conjecture that Black Unicorn is aware of current recommended best practice in record keeping. If current best legal practice in record keeping would delete those inconvenient emails that so embarrassed Bill Gates, then current best legal practice in communication would encrypt them with perfect forward secrecy if they had to go outside the Microsoft LAN. If current best legal practice is to promptly purge old emails whose significance no one knows or cares, then current best legal practice is for remailers to routinely purge their logs. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG iNKRBgKrV7axkgj4JHrXK/1gfRpclWOQfEDw2/RU 4OSuu1OR1f+CYF/jeQpbgk6WEMCzQItifTJZeqiHV
James wrote:
I am unable to reconcile Black Unicorn's recent post, where he denounces almost the entire cypherpunk program as illegal by
No, he didn't. You extrapolate all of our comments out of context.
current legal standards and a manifestation of foolish ignorance of the law and obstinate refusal to take his wise advice, with
His advice about "not amusing" judges is most sage, I promise you.
the conjecture that Black Unicorn is aware of current recommended best practice in record keeping.
James, I am "no longer amused." ~Aimee
-- James A. Donald:
Black Unicorn's recent post, where he denounces almost the entire cypherpunk program as illegal by current legal standards and a manifestation of foolish ignorance of the law and obstinate refusal to take his wise advice,
Aimee Farr:
No, he didn't.
Every time you say "no he did not say that:", he promptly says it again in an even more extreme form, and you promptly announce you agree with him. That business about the "judge not being amused" is just the same old argument "If you use crypto that shows you have something to hide -- therefore you dare not use crypto". Lawyers have no special qualifications and authority to make such an argument, and when they make it should be met with the same ridicule as any other ignorant doofus who makes it. Most big companies, companies with pockets so deep that they attract lawsuits like flies, have decided it is better that the judge suspects they have something to hide, than that the judge knows full well that they have something they damn well should have hidden, and those deep pocketed companies routinely, on a regularly scheduled basis, in accordance with widely circulated company policy, do all the things that Black Unicorn has been telling us we must not do. No doubt it is true that one can be sued for shredding records that an enemy lawyer would have preferred one to keep, and such a lawsuit might well succeed, but a jew can be sued for discarding a ham sandwich, and such a lawsuit might well succeed also. Companies with deep pockets, continually besieged by hostile lawyers subpoenaing all sorts of information, do not seem as impressed by the fearful terror of failure to amuse judges as Black Unicorn tells us we should be. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG qmqbBFh1cJXpXWWSgMDC1f/66EGe34m2h/FZ8PkK 4WyQu6INj4rCPdEIuSJx4RNcQIVL6ovZsuoo63Dee
participants (4)
-
Aimee Farr
-
Black Unicorn
-
jamesd@echeque.com
-
Tim May