Feeds

Climategate ruling: FOIA requests cover backup servers too

'We didn't delete the emails, but we don't have them'

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

Data seekers win a victory

Last June, Keiler won a FOIA victory by obliging CRU to disclose the data set Jones had sent to Georgia Tech to anyone who asked for it. But CRU still refused to disclosed some information - specifically, any instructions accompanying the release of data to Georgia Tech. The University of East Anglia argued that the emails were probably not 'held', and so could not be disclosed.

Keiller appealed, and the University enlisted an expensive battalion of lawyers to defend the case. Keiller's account (with Andrew Montford) of the Tribunal can be found here.

In summary, Judge Hamilton presiding over the Tribunal comprehensively rejected CRU's defence, and ordered the University to provide a copy or mirror of the backup server, and an independent contractor to examine it.

The University had delegated the job of finding the missing email to the man who had deleted it - Professor Jones. He also agreed it was inconsistent of UEA to argue that it did not believe the missing email contained any instructions or stipulations. Jones had made the claim that these instructions were only imparted verbally.

Nor was the Judge impressed by UEA's technical defence:

The Tribunal were rather disconcerted by the evidence adduced by the UEA on this issue. Jonathan Colam-French had almost no knowledge of the CRU’s back-up system and was simply unable to answer several pertinent questions.

There was one noticeable absentee from the Tribunal: Professor Jones himself. Keiller and Montford note he has never made a statement under oath.

It should be noted that public bodies can still refuse to disclose information - under Section 12 of the 2000 Freedom of Information Act - if the cost of compliance exceeds "the appropriate limit".

A cynic may expect the cost of performing backup server searches to rocket, overnight.

What do you think? ®

Bootnote

After the first batch of Climategate emails surfaced, they contained what the Information Commissioner's office described as evidence a breach of the Act. MPs demanded an enquiry, which was held in March 2010. At this enquiry, Lord Acton, The University of East Anglia's Vice Chancellor, testified that no emails had been deleted. How could he do this?

We now know this was a semantic deception. The Palutikof email describes staff moving all their emails to memory sticks. As David Holland summarises:

"How else could Acton tell Commons Select Committee that they didn't delete anything, that we [UEA] have all the emails and they can be read. What Russell and Acton didn't tell MPs or the Information Commissioner, is that they were on memory sticks and backups."

Useful and interesting links

The Tribunal Ruling PDF
Keiller's account of the Tribunal
McIntyre reconstructs the excuses: here and here

Internet Security Threat Report 2014

More from The Register

next story
MEN: For pity's sake SLEEP with LOTS of WOMEN - and avoid Prostate Cancer
And, um, don't sleep with other men. If that's what worries you
Voyager 1 now EIGHTEEN LIGHT HOURS from home
Almost 20 BEEELION kilometres from Sol
Jim Beam me up, Scotty! WHISKY from SPAAACE returns to Earth
They're insured for $1m, before you thirsty folks make plans
ROGUE SAIL BOAT blocks SPACE STATION PODULE blastoff
Er, we think our ISS launch beats your fishing expedition
Comet Siding Spring revealed as flying molehill
Hiding from this space pimple isn't going to do humanity's reputation any good
BAE points electromagnetic projectile at US Army
Railguns for 'Future fighting vehicle'
OK Google, do I have CANCER?
Company talks up pill that would spot developing tumors
LONG ARM of the SAUR: Brachially gifted dino bone conundrum solved
Deinocheirus mirificus was a bit of a knuckle dragger
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.