Feeds

Climategate ruling: FOIA requests cover backup servers too

'We didn't delete the emails, but we don't have them'

  • alert
  • submit to reddit

High performance access to file storage

Data seekers win a victory

Last June, Keiler won a FOIA victory by obliging CRU to disclose the data set Jones had sent to Georgia Tech to anyone who asked for it. But CRU still refused to disclosed some information - specifically, any instructions accompanying the release of data to Georgia Tech. The University of East Anglia argued that the emails were probably not 'held', and so could not be disclosed.

Keiller appealed, and the University enlisted an expensive battalion of lawyers to defend the case. Keiller's account (with Andrew Montford) of the Tribunal can be found here.

In summary, Judge Hamilton presiding over the Tribunal comprehensively rejected CRU's defence, and ordered the University to provide a copy or mirror of the backup server, and an independent contractor to examine it.

The University had delegated the job of finding the missing email to the man who had deleted it - Professor Jones. He also agreed it was inconsistent of UEA to argue that it did not believe the missing email contained any instructions or stipulations. Jones had made the claim that these instructions were only imparted verbally.

Nor was the Judge impressed by UEA's technical defence:

The Tribunal were rather disconcerted by the evidence adduced by the UEA on this issue. Jonathan Colam-French had almost no knowledge of the CRU’s back-up system and was simply unable to answer several pertinent questions.

There was one noticeable absentee from the Tribunal: Professor Jones himself. Keiller and Montford note he has never made a statement under oath.

It should be noted that public bodies can still refuse to disclose information - under Section 12 of the 2000 Freedom of Information Act - if the cost of compliance exceeds "the appropriate limit".

A cynic may expect the cost of performing backup server searches to rocket, overnight.

What do you think? ®

Bootnote

After the first batch of Climategate emails surfaced, they contained what the Information Commissioner's office described as evidence a breach of the Act. MPs demanded an enquiry, which was held in March 2010. At this enquiry, Lord Acton, The University of East Anglia's Vice Chancellor, testified that no emails had been deleted. How could he do this?

We now know this was a semantic deception. The Palutikof email describes staff moving all their emails to memory sticks. As David Holland summarises:

"How else could Acton tell Commons Select Committee that they didn't delete anything, that we [UEA] have all the emails and they can be read. What Russell and Acton didn't tell MPs or the Information Commissioner, is that they were on memory sticks and backups."

Useful and interesting links

The Tribunal Ruling PDF
Keiller's account of the Tribunal
McIntyre reconstructs the excuses: here and here

High performance access to file storage

More from The Register

next story
Fancy joining Reg hack on quid-a-day challenge?
Recruiting now for charity starvation diet
Red-faced LOHAN team 'fesses up in blown SPEARS fuse fiasco
Standing in the corner, big pointy 'D' hats
KILLER SPONGES menacing California coastline
Surfers are safe, crustaceans less so
Opportunity selfie: Martian winds have given the spunky ol' rover a spring cleaning
Power levels up 70 per cent as the rover keeps on truckin'
Discovery time for 200m WONDER MATERIALS shaved from 4 MILLENNIA... to 4 years
Alloy, Alloy: Boffins in speed-classification breakthrough
Elon Musk's LEAKY THRUSTER gas stalls Space Station supply run
Helium seeps from Falcon 9 first stage, delays new legs for NASA robonaut
Top Secret US payload launched into space successfully
Clandestine NRO spacecraft sets off on its unknown mission
New FEMTO-MOON sighted BIRTHING from Saturn's RING
Icy 'Peggy' looks to be leaving the outer rings
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.