Electronic Mail: From Computer to Courtroom.

• Author: DIGILIO, JOHN J.
• Position: Brief Article

AT THE CORE

THIS ARTICLE EXAMINES:

* the legal discovery, admission, and use of electronic mail as evidence

* the role of records and information professionals in the discovery process

* how records and information professionals can prevent the discovery of damaging electronic mail

New forms of records creation are being developed, implemented, and incorporated into information systems regularly. Information that was once solely documented on paper is now created and stored on tapes, disks, and drives. Print copies, once signed, sealed, and delivered, now traverse the office -- and the world -- on cables, lines, and via satellite transmissions.

Although not yet realized in practice, talk of the "paperless office" continues to permeate the rhetoric of business and technology markets. Do these changes trouble records and information managers as much as they seem to fascinate them? Records and information managers should not only be concerned, but they should be preparing for the challenges of new technologies.

One area to which records and information managers should pay special attention is the use of electronic records in the litigious context. In the past, when a corporation or business was a party to litigation, it was often forced to make the contents of its paper recordkeeping system available to the court. Paper documents were seized and the contents scoured for information relevant to the complaint in the action. If a document was of use to the court, it was often admitted into evidence.

This procedure is still the standard for procuring documentary evidence from corporations. However, with the growing reliance of the business world on electronic records and information, a new ingredient has been added to the mix. How does one seize and make use of potential evidence that is intangible or "virtual"? The same technological advances making electronic records possible are also providing the means of making use of those records in court. A nightmare of electronic incrimination may lay in ambush for the unsuspecting, unprepared records and information management professional.

E-mail: How America Does Business

Most large companies now have their own custom-designed and internally managed computer networks (Goldstein 1994), and most of the staff is online to some extent. In many corporations employees use e-mail as their primary mode of intraoffice communication (CCQ 1995). E-mail is an attractive mode of communication because of the many benefits it has to offer:

* It is easy to use and manage.

* It requires little preparation.

* It makes the message-delivery process nearly instantaneous.

* It allows work to be done asynchronously.

E-mail has virtually revolutionized the way humans communicate, both at work and at home. Its popularity will continue to grow.

Yet, as with almost anything designed to make life and labor easier, e-mail has inherent in its nature the potential for abuse and disaster. As such, it must be used judiciously. In the context of the business and legal worlds, records and information professionals and those they serve should be aware of at least one major pitfall: If litigation occurs, a company's adversary may be able to obtain those bits and bytes that flow through its network and reside in its systems. Through the process of pretrial discovery, parties may be able to get access to their opponents' electronic records (CCQ 1995). One may not be able to see them or touch them in raw form, yet be compelled to produce them for the court.

The National Archives and Records Administration (NARA) defines e-mail as "a document created or received on an electronic mail system, including brief notes, more formal or substantive narrative documents, and any attachments that may be transmitted with the message." NARA defines an electronic mail system as just that: A system used to create, receive, and transmit messages.(1) Other systems, such as those used solely for file transfer or data collection, are not included in the definition. NARA's definition is also certainly not the only one. The only requirement is that e-mail be transmitted as or with a message over a system designed for such transmission.

What seems to make e-mail so popular is its simple and seemingly transitory nature. People will often write things in e-mail that they would never consider putting into other forms of writing. In fact, research has shown that people tend to think of electronic communication as more of a conversation than a correspondence. As one observer put it, "people do not `write' to their friends on the Internet; they talk" (Giese 2001). Words on paper are permanent and can easily serve as physical evidence of what was said. E-mail, however, seems to have all the ease and intangible nature of oral communication without the physical finality of writing. As yet another writer points out, e-mail essentially blurs the lines between the written and oral worlds (CCQ 1995). People with a tendency to replace telephone calls with e-mail messages have a tendency to be less careful with what they are willing to type. They use e-mail as if they were speaking rather than writing.

The reality of this supposed transitory nature is simply that e-mail is not as ephemeral as it seems. E-mail is potentially more permanent than a telephone call or even a written memorandum. Paper documents can be gathered up and destroyed easily and with near permanence. With an e-mail message, depending on the number of recipients and whether the author or system retains a copy, the problem of multiple copies digitally "lying around" is almost always present. One cannot see these duplicates as easily as they might see a written memo. If those electronic messages are not destroyed, however, and the company has a policy of backing up its computers' data, then those copies will only multiply (CCQ 1995). Ironically, the backups that are considered a matter of company security can actually become a matter of corporate liability.

Some companies store all significant files on a central system as well as allow users to retain files on their personal computers (Frisman 1995). The handling of those copies is a major concern. Who has access to destroy them? Where do the backups go? How long are they maintained? Records and information management professionals clearly have their hands full in assessing work processes and communication flows in order to understand where these e-mail messages are to be stored.

The very idea that an e-mail message is easily destroyed is problematic and erroneous. To the average electronic mail user, destroying an e-mail message means "deleting" it. This perception is a dangerous misunderstanding of the technology. The most deceptive parts of any computer network may very well be the "delete" keys. When an e-mail message is just deleted, it is not erased (Jacobsen 1995). Deleting only signals the computer that the space required to store the message is no longer needed. The space is so marked, but the data that occupies it continues to exist until the computer overwrites it with new data. In this "deleted" form, e-mail is still discoverable, albeit through an involved and expensive process (Frisman 1995).

Pressing the "delete" key can be like playing technological Russian roulette. The most classic example of the gun going off, in our time, occurred during the infamous Iran-Contra scandal of the Reagan era. National Security Advisor John Poindexter spent more than 15 hours deleting more than 5,000 sensitive e-mail messages only to learn that backups had been made and that anything that had been deleted but not overwritten might be recovered (Wallace 1997). Called the "PROFS" case in honor of the IBM e-mail system then employed, Armstrong v. Executive Office of the President(2) is discussed later.

Another dangerous misunderstanding in the corporate context is the degree of privacy involved in the e-mail process. Users tend to use e-mail freely under the misconception that what they are sending and receiving is actually private (Jacobsen 1995). This perception, in most instances, is clearly not the case. The Electronic Communications Privacy Act of 1986 provides for the ability of an employer to monitor the e-mail transmissions of employees. Employers can monitor an employee's e-mail when 1) monitoring is justified by the employer's legitimate business interest or 2) when the subject matter relates to that interest. Anything the employer allows to exist is discoverable. Electronic mail receives even less privacy protection than telephone calls simply because it can be easily stored (Frisman 1995).

Privacy becomes a paramount concern when one considers exactly what types of information can be gleaned from a simple e-mail message. Somewhere within the bits of data surrounding the message, searchers can find information on the sender and recipients, dates and times of sending and receipt, and even on retrieval of the message (Dreyer 1996). These bits...