Feeds

How key Microsoft legal emails 'autodestruct'

Redefining document retention policies...

  • alert
  • submit to reddit

High performance access to file storage

The latest court documents to be unsealed by Judge Frederick Motz in Burst.com's suit against Microsoft paint a picture of Microsoft document handling procedures which destroyed the very emails that were likely to be most relevant to several antitrust actions, Burst's included. According to Burst's lawyers Microsoft's status as "a defendant in major antitrust cases since at least 1995" means that it has a duty to preserve potentially relevant evidence. But "Microsoft adopted policies that, to put it mildly, encouraged document destruction from 1995 forward."

Microsoft is still resisting Burst's attempts to have it hand over documents defining its retention policies, but a Burst brief of 27th September puts forward a forensic examination of the net effect of whatever these policies might be, accompanied by a certain amount of rolling of eyes. We, and the technology press in general, are indebted to PBS columnist Robert X Cringely for his dogged and single-handed pursuit of Burst v Microsoft. You can read his take on the latest developments here, and links to the court documents here.

As Microsoft's retention policies remain for the moment a closely-guarded secret it would be absolutely wrong of us to draw any inference as to what they might be solely from what happens. What happens, though, is pretty damn peculiar. The system as a whole defaults to swift destruction of employees' emails, while there is clear evidence that Microsoft takes a very narrow view of whose documents may be relevant to a particular case. In some cases its choice of 'relevant' employees to be subject to retention seems perverse and misleading.

So in the normal course of events documents would be destroyed swiftly, documents would be saved only by a document retention notice, and if document retention notices were not sent to the right people (the Burst brief argues that they were not), then by the time those people were properly identified the documents would almost certainly have been destroyed. Microsoft exec Jim Allchin, who seems to be shaping up as a star exhibit, instructed Windows division employees in January 2000 to delete emails from their hard drives after 30 days. "Do not be foolish," he said, "do not archive your e-mail." In response to emails about this instruction Allchin sends another which confirms the existence of an "official policy" on document retention sent company-wide in the summer of 1996, and says that this is the only written policy. Allchin however reiterates his 30 day instruction, adding an exception only for those who "have received specific instructions from Legal to retain certain documents or email that may be related to pending litigation. These instructions override the general policy."

Microsoft has not yet yielded the 1996 policy, but Allchin's reference to it plus his insistence on 30 days suggests that the general policy was 30 days, from 1996 onwards. The retention of legally-relevant documents is therefore clearly dependent on Legal sending retention notices to the right people at the right time. Burst's brief at this point notes that Microsoft has confirmed it did not produce any of the Allchin email string in 12 prior cases, including DoJ v Microsoft, on the basis that, it claims, nobody asked for them. But in Sun v Microsoft, Microsoft undertook to "produce documents concerning Microsoft business policies, procedures or guidelines for document retention, to the extent such documents exist, for the period January 1, 1998 to November 30, 2002." This period covers the Allchin string, but the string was not produced, so when Microsoft confirmed that it had completed the production of documents, it was not telling the truth.

The general policy, if it is the policy, of 30 days covers local storage. Email could also be saved on the Exchange servers. Microsoft however enforces rigorous limits on employee storage on these servers, and on average there appears to be space for about a month's emails per employee. No storage allocation left, no email until you delete some. In addition, emails could be saved on servers maintained by the Operations Technology Group. But as made clear previously in this case (reported here), company policy is that emails should not be archived on these servers. This policy was strengthened by the addition of the words "Due to legal reasons..." in 1997, but weirdly, Microsoft claims that this bit was made up by information technology employee Candy Stark, purely to add weight to her campaign to save on storage costs. In fairness, therefore, we should consider the possibility that many other apparently incriminating things in surviving emails have been made up too. Is there a company policy on when to believe what an exec is telling you? And if there is, has it been made up? Frightening, isn't it?

But the Burst brief declines to believe Stark made it up, and suggests the "legal reasons" may track back to the elusive 1996 policy, which again is cited by Stark.

Archive location number four at Microsoft is provided by the servers maintained by the IT person for each individual business group. The servers most relevant to the Burst case were maintained by a Mr Ochs, who did not receive a retention notice, and who testified to routinely destroying documents on the servers. These are the very servers Microsoft has previously said it cannot reasonably search for documents, because it does not know who uses which servers.

The brief puts forward several examples of cases where Microsoft failed to identify relevant employees and send them retention notices. In response to a DoJ request in 1997 it failed to identify Chris Phillips and his boss Eric Engstrom, although Phillips had led negotiations with RealNetworks and the ensuing deal was sometimes referred to internally as "the Chris Phillips deal." Microsoft did identify the in-house lawyer brought in to draft the contracts, but not Phillips or Engstrom, so both destroyed their emails. Neatly, as a Microsoft attorney the lawyer's emails were protected by attorney-client privilege, so Microsoft doesn't have to release them. Similarly Engstrom emails relevant to Intel's decision to drop development of its JMF Java Media Player have been destroyed.

The Burst brief only asks for Microsoft's retention policies to be produced in camera, so even if Redmond does cough up there's no certainty we'll ever know if they explain the apparent weirdness of Microsoft document and archiving policies. But if Microsoft does have a policy to diligently retain relevant documents, well, it clearly needs to write a new policy that works instead. We at The Register have a humble suggestion. Seeing Rick Rashid of MS Labs is in the habit of touring the world telling people that storage is now pretty well cheap enough for you to just record your whole life in a lifeblog, couldn't everybody at Microsoft just... ®

Related links

Allchin named, as proof of MS email destruction policy is sought
Cringely PBS column
Links to court documents

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
Microsoft: Windows version you probably haven't upgraded to yet is ALREADY OBSOLETE
Pre-Update versions of Windows 8.1 will no longer support patches
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Windows XP still has 27 per cent market share on its deathbed
Windows 7 making some gains on XP Death Day
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
US taxman blows Win XP deadline, must now spend millions on custom support
Gov't IT likened to 'a Model T with a lot of things on top of it'
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.