Feeds

Climategate ruling: FOIA requests cover backup servers too

'We didn't delete the emails, but we don't have them'

  • alert
  • submit to reddit

Remote control for virtualized desktops

Data seekers win a victory

Last June, Keiler won a FOIA victory by obliging CRU to disclose the data set Jones had sent to Georgia Tech to anyone who asked for it. But CRU still refused to disclosed some information - specifically, any instructions accompanying the release of data to Georgia Tech. The University of East Anglia argued that the emails were probably not 'held', and so could not be disclosed.

Keiller appealed, and the University enlisted an expensive battalion of lawyers to defend the case. Keiller's account (with Andrew Montford) of the Tribunal can be found here.

In summary, Judge Hamilton presiding over the Tribunal comprehensively rejected CRU's defence, and ordered the University to provide a copy or mirror of the backup server, and an independent contractor to examine it.

The University had delegated the job of finding the missing email to the man who had deleted it - Professor Jones. He also agreed it was inconsistent of UEA to argue that it did not believe the missing email contained any instructions or stipulations. Jones had made the claim that these instructions were only imparted verbally.

Nor was the Judge impressed by UEA's technical defence:

The Tribunal were rather disconcerted by the evidence adduced by the UEA on this issue. Jonathan Colam-French had almost no knowledge of the CRU’s back-up system and was simply unable to answer several pertinent questions.

There was one noticeable absentee from the Tribunal: Professor Jones himself. Keiller and Montford note he has never made a statement under oath.

It should be noted that public bodies can still refuse to disclose information - under Section 12 of the 2000 Freedom of Information Act - if the cost of compliance exceeds "the appropriate limit".

A cynic may expect the cost of performing backup server searches to rocket, overnight.

What do you think? ®

Bootnote

After the first batch of Climategate emails surfaced, they contained what the Information Commissioner's office described as evidence a breach of the Act. MPs demanded an enquiry, which was held in March 2010. At this enquiry, Lord Acton, The University of East Anglia's Vice Chancellor, testified that no emails had been deleted. How could he do this?

We now know this was a semantic deception. The Palutikof email describes staff moving all their emails to memory sticks. As David Holland summarises:

"How else could Acton tell Commons Select Committee that they didn't delete anything, that we [UEA] have all the emails and they can be read. What Russell and Acton didn't tell MPs or the Information Commissioner, is that they were on memory sticks and backups."

Useful and interesting links

The Tribunal Ruling PDF
Keiller's account of the Tribunal
McIntyre reconstructs the excuses: here and here

Internet Security Threat Report 2014

More from The Register

next story
Antarctic ice THICKER than first feared – penguin-bot boffins
Robo-sub scans freezing waters, rocks warming models
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Your PHONE is slowly KILLING YOU
Doctors find new Digitillnesses - 'text neck' and 'telepressure'
Reuse the Force, Luke: SpaceX's Elon Musk reveals X-WING designs
And a floating carrier for recyclable rockets
NASA launches new climate model at SC14
75 days of supercomputing later ...
Britain's HUMAN DNA-strewing Moon mission rakes in £200k
3 days, and Kickstarter moves lander 37% nearer takeoff
Bond villains lament as Wicked Lasers withdraw death ray
Want to arm that shark? Better get in there quick
prev story

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.