Feeds

Allchin named, as proof of MS email destruction policy is sought

In addition to the undeliberate policy...

  • alert
  • submit to reddit

HP ProLiant Gen8: Integrated lifecycle automation

Evidence of a Microsoft corporate policy to destroy sensitive or incriminating emails is being sought by a US Court. Last week Judge Frederick Motz of Baltimore District Court ordered Microsoft to search backup tapes for evidence that in 2000 Jim Allchin instructed employees to destroy emails relating to the company's negotiations with Burst, which is currently suing Microsoft alleging theft and anticompetitive conduct.

A key part of Burst's case is its claim that having stolen its technology, Microsoft systematically destroyed emails relating to talks between the two companies. Last autumn Burst's lawyers were pointing to a suspicious gap in the email traffic Microsoft had handed over to them, and pointing out that it is scarcely credible that six key Microsoft executives who'd been involved had all decided to delete their Burst emails at the same time. Such claims, however, are based merely on the strong suspicion that such emails must have existed; to know for sure that particular emails existed, well, you'd have to know they existed, right?

In February Burst's lawyers served a motion to have Microsoft compelled "to produce Jim Allchin email directing Microsoft executives to destroy all 'business-related' emails." This is the precise wording used in a court document which Robert X Cringely spotted going by. Pretty much on his own Cringely has been keeping tabs on the Microsoft/Burst/email issue, and he surmises that the choice of wording here may have been a deliberate ploy to get Allchin's name connected to the emails in public. You can read his reasoning for this here.

If such an email can be found or be shown to have existed, then it will help Burst's case greatly and the ripples could spread far wider, given that the widespread application of a policy of destruction would have implications for dozens of lawsuits that are already done and dusted. But in some senses such an email would simply provide a shortcut to a truth Burst has already gone a considerable distance towards establishing: Microsoft's email archival policies are laughable, incredible to an extent that would have sent Judge Thomas Penfield Jackson up the wall, across the ceiling and down the other side (note the headline on this Cringely piece), and have the net effect of either destroying or making impossible to find historical email traffic.

One may speculate as to why this might be, but we doubt very much that Microsoft's own attorneys would argue about this being the state that exists. In a courtroom session last August, Microsoft attorney John Treece went into some considerable detail in explaining the mechanics and operation of Microsoft's backup systems. These are used to back up employee data, which is then stored on DLT tapes. Post April 2000 the servers ceased to accept files with the extension .PST (Exchange format backup files you use to backup your email), and prior to this it had been company policy not to store .PST files this way anyway. The rationale is that the intent of this system is disaster recovery, not archive, so from an administrative point of view it's actually logical for Microsoft to try to stop its staff using the system for archive.

There are however a couple of weird extra baroque features here. Microsoft denies having any indexes or having a policy of keeping indexes, and it claims it also has no way to know which particular system a given employee might have been using at any particular time. So the effect is that an email backup would only exist if the employee hadn't been conforming to company policy, and that in the case of the Burst emails Microsoft would have to search 25,000 DLT tapes to find out. So searching for a particular email here involves looking through a huge pile of stuff for something that oughtn't to exist there, while you don't know for certain if it ever existed in the first place. Treece points out that it would be an exercise of doubtful value that could only be conducted at huge expense to Microsoft, and his logic here is impeccable.

But hang on, we hear you say, if you're not likely to find emails there because they're not supposed to be there, then where are they supposed to be? OK, Microsoft's backup systems may operate to weird standards of cataloguing that are little known elsewhere in the wonderful world of networking, but what about its archiving systems? We're glad you asked about that.

Microsoft's policy regarding archiving of emails appears to be to leave it up to the individual employee. As Treece explains it, "You would keep them [the archived emails] on your own PC or laptop hard drive, or you could send them to archives." So it's up to the individual employee to decide when they want to delete emails (during the DoJ trial one exec said he deleted his emails every two months), whether they want to archive them, and presumably where they put the archive. Judge Motz asked Treece for more details at this point, but he didn't have any. He did however make it clear that the individual employee would have to specifically decide to archive emails - discoverable archives at Microsoft therefore only exist through happenstance, not company policy, and if you're trying to to archive it as a .PST (which would seem logical), you ain't going to be archiving it on the backup systems, because they don't take .PSTs.

So probably, if you're trying to track an email that might or might not have existed, you are very likely to be heavily reliant on what the employee has to say about it. The system does not specifically search out and destroy incriminating emails, but it tends towards their destruction (in of course the unlikely event that such things could exist at Microsoft). As Motz said, "You might, you know, some of these people have -- you've got to assume they're going to tell the truth and say, yeah, there was e-mail, and that somehow got deleted..." Spencer Hosie, for Burst, responded: "Your Honor, here's my reaction to that. First, taking, say, Mr. Friedman's [Friedman is one of the employees involved, but no longer works for Microsoft] deposition, Mr. Friedman, what sort of e-mail did you send back on this issue in 2000? I mean, is he going to be able to remember? Is he going to be -- and I have nothing to hold him." And Motz again: "Then one goes with the presumption that people tell the truth. You know, I -- and I'm, none of us, well, all of us believe in honor." ®

* The court records throw up a couple of errors, which is common enough, but there's one we just have to add to our collection of treasured mistranscriptions. Hosie is reported as saying: "And, of course, there are numerous findings of fact that deal directly with streaming media as a meddle ware that had potential of eroding the applications entry." WMP is meddleware - how true, how very true...

Related links:

Cringely column, 28th August 2003
Microsoft response at Dave Farber's site
Cringely responds to the response

The Power of One eBook: Top reasons to choose HP BladeSystem

More from The Register

next story
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
Captain Kirk sets phaser to SLAUGHTER after trying new Facebook app
William Shatner less-than-impressed by Zuck's celebrity-only app
Do YOU work at Microsoft? Um. Are you SURE about that?
Nokia and marketing types first to get the bullet, says report
Microsoft takes on Chromebook with low-cost Windows laptops
Redmond's chief salesman: We're taking 'hard' decisions
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
EU dons gloves, pokes Google's deals with Android mobe makers
El Reg cops a squint at investigatory letters
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.