Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Deleting Emails Costs Morgan Stanley $1.45B

Zonk posted more than 9 years ago | from the that-was-important-and-i-forgot-it dept.

The Courts 312

DoubleWhopper writes "The financial giant Morgan Stanley lost a $1.45 billion judgement yesterday due, in part, to their failure to retain old email. The judge in the case, 'frustrated at Morgan Stanley's repeated failure to provide [the plaintiff's] attorneys with e-mails, handed down a pretrial ruling that effectively found the bank had conspired to defraud' their former client. The CEO of a record retention software company noted, 'Morgan Stanley is going to be a harbinger'."

cancel ×

312 comments

Sorry! There are no comments related to the filter you selected.

Oh crap! (5, Funny)

TripMaster Monkey (862126) | more than 9 years ago | (#12594445)


From TFS:

The financial giant Morgan Stanley lost a $1.45 billion judgement yesterday due, in part, to their failure to retain old email.


I'd sure hate to be the system administrator who dropped the ball there...

"What do you mean we don't have them archived??? You just cost us 1.45 billion dollars!"
"Don't worry though...you can pay it back....we'll just dock your paychecks by...say...$1000 per pay period. At that rate you can have it all paid back in a little over 55,769 YEARS!!!

^_^

Re:Oh crap! (2, Interesting)

zxnos (813588) | more than 9 years ago | (#12594456)

of course the sys. admin. could have been told to lose the old email or just not retain it...

Re:Oh crap! (0)

Anonymous Coward | more than 9 years ago | (#12594520)

Many companies have policies AGAINST retaining old email. Most because they view it as potentially incriminating. It's nice to see that now such policies might cost a company bigtime.

Re:Oh crap! (0, Insightful)

Anonymous Coward | more than 9 years ago | (#12594544)

It's nice to see that now such policies might cost a company bigtime.

Why?

Re:Oh crap! (1)

Catbeller (118204) | more than 9 years ago | (#12594669)

Because they are hiding criminal behavior.

Re:Oh crap! (0)

Anonymous Coward | more than 9 years ago | (#12594804)

Hear, hear.

Judging by your sense of logic, I assume you are an Apple-user.

Re:Oh crap! (0)

Anonymous Coward | more than 9 years ago | (#12594676)

Because, y'know, large companies are EVIL and are hurt by large fines. They would never pass the cost onto their customers or fire a couple hundred people to make up the difference.

Re:Oh crap! (5, Informative)

TheNumberSix (580081) | more than 9 years ago | (#12594554)

I freely admit I haven't RTFA, but I read some excellent coverage of this story on wsj.com.

Apparently, Morgan Stanley came forward, said they had produced all the emails. (time passes) They find some more emails and turn them over. (time passes) The find a closet stuffed with backup tapes and turn them over. (Time passes) Morgan Stanley files a document certifying that they turned everything over. (Time passes) Morgan finds even more emails and turns them over. This causes the judge to get annoyed.

One of the earlier problems was that Morgan had built a database to house old emails and the first time they were told to turnover emails, a sysadmin who was not in a clueful state just searched the database without finding out how much had already been imported into the DB. (Turned out the DB had only had a small percentage of old emails put into it.)

Re:Oh crap! (2, Informative)

Valegor (693552) | more than 9 years ago | (#12594656)

I have also read the coverage prior. It was more than a closet of additional tapes. They found 1000 tapes in off site storage.

Re:Oh crap! (0)

Anonymous Coward | more than 9 years ago | (#12594496)

Wow, I can't believe there's anyone who'd actually believe this wasn't deliberate. Corporations never forget, less they want to. Its just good business.

Re:Oh crap! (3, Funny)

RuneB (170521) | more than 9 years ago | (#12594525)

"I know! If we use gmail we'll never have to delete any email ever again! And we can then search old emails more easily!"

"Whaaaat? But we don't want it to be that easy to search old emails. You're fired!"

Re:Oh crap! (2, Funny)

nizo (81281) | more than 9 years ago | (#12594527)

Luckily the sysadmin is also the one who backs up/admins the financial database. Wow lookie here, the sysadmin just gave himself a $1000/month raise.

Re:Oh crap! (2, Informative)

poot_rootbeer (188613) | more than 9 years ago | (#12594558)

"What do you mean we don't have them archived??? You just cost us 1.45 billion dollars!"

Knowing the financial industry as well as I do, I wouldn't be at all surprised to heat that the executives that failed to create a defensible email retention policy really will end up hanging all of the blame on some poor system-administrating underling who had just done exactly what he had been told to do.

Idiot (5, Insightful)

pyite69 (463042) | more than 9 years ago | (#12594575)

where are my moderator points when I need them.

Most companies purposefully choose short retention policies, in an attempt to avoid these kinds of settlements... it isn't a sysadmin's fault.

The theory was that this would let them discard old emails without having it be intentional obstruction of justice. I guess that theory will be out the window now.

Re:Idiot (1)

TripMaster Monkey (862126) | more than 9 years ago | (#12594640)

it isn't a sysadmin's fault.

And just what makes you think that the blame that hits the aformentioned sysadmin will be in any way a function of fault?

where are my moderator points when I need them.

I think you may have failed to notice my ^_^ that I tacked onto the bottom of my original post. See what it says after 'Score:' up there? That's pretty much what I was going for.

Try to take yourself a little less seriously.

Yes, but when the madmen are running the asylum... (5, Interesting)

shanen (462549) | more than 9 years ago | (#12594735)

What actually strikes me as interesting about this is the battle for control of reality and truth. As you noted, many companies want to delete email quickly, but you ignore the question of why. If they are only doing good and honest things, then (you would think) they should be delighted to be able to conclusively prove their innocence. Yet they want to delete the email?

Aha! Maybe they aren't so innocent, and the email tends to reveal their real intentions and actions.

Point one: You can't make a lot of money by being completely and absolutely honest. Just how much a "lot" means is subject to debate. The original quote was $1 million, if I recall correctly, but that isn't so much money these days, so I think it would sound better with $1 billion.

Point two: I don't really blame them for going along with the modern trend. Look at the political leaders we have these days--and their popular support. I think Cheney is the No.1 poster child for corporate corruption. A few years of government "service", then he goes to Haliburton and rakes in the big bucks, then goes back to politics and starts an unnecessary war that "purely coincidentally" throws billions of dollars back to his old company--which is STILL paying him deferred compensation. However, he'll be back in business before the government has to try and pay the piper. If he lives so long, I'll have to count it as evidence against the existence of a just God. I really think a just God would have thoroughly smitten Cheney a good while ago.

You'll note that BushCo is also very eager to control their little secrets, and I'd bet they'd be delighted to erase all of their email, too. The next interesting question is whether or not they can do it, given the state of modern technology. How can they make sure someone hasn't burned a CD that contains the truth?

Re:Yes, but when the madmen are running the asylum (4, Informative)

jskiff (746548) | more than 9 years ago | (#12594806)

I think Cheney is the No.1 poster child for corporate corruption. A few years of government "service", then he goes to Haliburton and rakes in the big bucks, then goes back to politics and starts an unnecessary war that "purely coincidentally" throws billions of dollars back to his old company--which is STILL paying him deferred compensation.

I hate to defend Dick Cheney, but saying he only has a few years of government service under his belt is flat-out false.

==
His career in public service began in 1969 when he joined the Nixon Administration, serving in a number of positions at the Cost of Living Council, at the Office of Economic Opportunity, and within the White House.

When Gerald Ford assumed the Presidency in August 1974, Mr. Cheney served on the transition team and later as Deputy Assistant to the President. In November 1975, he was named Assistant to the President and White House Chief of Staff, a position he held throughout the remainder of the Ford Administration.

After he returned to his home state of Wyoming in 1977, Mr. Cheney was elected to serve as the state's sole Congressman in the U.S. House of Representatives. He was re-elected five times and elected by his colleagues to serve as Chairman of the Republican Policy Committee from 1981 to 1987. He was elected Chairman of the House Republican Conference in 1987 and elected House Minority Whip in 1988.
==

From Whitehouse.gov [whitehouse.gov]

Re:Yes, but when the madmen are running the asylum (1, Insightful)

jbolden (176878) | more than 9 years ago | (#12594819)

Bush is the first president to routinely destroy large quantities of documents. So he can get away with it. The fact is the president can pretty much get away with anything when the opposition party is filled with wimps and his own party is in favor of his acts.

See me and raise me (1)

Doc Ruby (173196) | more than 9 years ago | (#12594597)

More like:

MorganStanley suit: Look, heh, heh, couldn't we have just lost those emails the court wants?

Morgan Stanley sysadmin: Maybe, if I just got a $1M raise.

Not the sys admin (2, Insightful)

Synn (6288) | more than 9 years ago | (#12594644)

2 months ago I was in a tech presentation meeting where there was company promoting their email retention software(sat between the world and the email host, saving all the emails that went through in a read only state). It was specifically aimed at recovery for just this sort of investigation.

The problem wasn't the sys admins, they all saw the need for it, the road block is convincing these companies to buy the needed systems.

Re:Oh crap! (1, Funny)

Anonymous Coward | more than 9 years ago | (#12594699)

we'll just dock your paychecks by...say...$1000 per pay period. At that rate you can have it all paid back in a little over 55,769 YEARS!!!
Now that is what I call job security.

frist postar (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12594447)

SUP

MY TAINT ITCHES... REAL BAD (-1, Troll)

Anonymous Coward | more than 9 years ago | (#12594449)

OMFG

RUB IT WITH A BRILLO PAD (-1, Troll)

Anonymous Coward | more than 9 years ago | (#12594739)

or if that fails try putting a galvinized nail up your pee hole, another up your bung hole and attaching them to a car battery. Works for me!

Poor Morgan Stanley (3, Funny)

Anonymous Coward | more than 9 years ago | (#12594453)

Only another $39 billion in the bank.

Time Study Analysis on the Cubicle Slaves (1, Insightful)

Cryofan (194126) | more than 9 years ago | (#12594681)

Yep, it's like the olden days, now that they have essentially busted the unions. We are headed back to the bad old days of time study, 16 hr days, 6 day weeks, etc.

Pretty soon if you get a bad mark on your time study, you will be up for 39 lashes.

Over in Europe, meanwhile, they work 20% less year than we do.

Re:Time Study Analysis on the Cubicle Slaves (2, Insightful)

mpost4 (115369) | more than 9 years ago | (#12594754)

Over in Europe, meanwhile, they work 20% less year than we do.

And have what, 20% unemployment rate? No thanks, I'd rather work 20% more then not at all.

Not only that, they got overcharged (0)

Anonymous Coward | more than 9 years ago | (#12594823)

I'd have deleted every email they ever saw for only $725 million. Along with every other file on every one of their systems.

For $725 million, I'd have even dynamited some of their servers.

Heck, for that much I'd have even thrown in a building or two getting bulldozed.

Not really the best use of the "YRO" category (5, Insightful)

Rude Turnip (49495) | more than 9 years ago | (#12594457)

Big investment firms like Morgan Stanley are obligated by law to retain lots of records. This is more of an "Almighty Buck" type of story, IMO.

Re:Not really the best use of the "YRO" category (1)

norfolkboy (235999) | more than 9 years ago | (#12594536)

I don't know what the law is over in the USA,

Certainly in the UK, **every** company, big, small, soletrader, partnership, whatever, MUST keep complete financial records for a minimum of six years.

Is that similar to the USA laws?

Re:Not really the best use of the "YRO" category (1)

Rude Turnip (49495) | more than 9 years ago | (#12594580)

I'm referring specifically to investment banking firms that are regulated by the Securities and Exchange Commission (govt body) and/or the National Association of Securities Dealers (industry watchdog). Morgan Stanley would be in that boat.

As to other companies, it varies by laws and industry guidelines. Generally, there is no requirement, but for tax purposes, one would be wise to hang onto his records.

Re:Not really the best use of the "YRO" category (0)

Anonymous Coward | more than 9 years ago | (#12594612)

Financial records and email are two different things, obviously. If you RTFA -- financial firms were required to keep email for three years. That requirement is being extended to all public companies this summer.

Re:Not really the best use of the "YRO" category (2, Insightful)

Surt (22457) | more than 9 years ago | (#12594633)

There are similar laws here. Are emails financial records?

Re:Not really the best use of the "YRO" category (4, Informative)

whoever57 (658626) | more than 9 years ago | (#12594637)

Leaving aside your apparent confusion between emails and financial records, from TFA:
Banks and broker-dealers are obliged to retain e-mail and instant messaging documents for three years under U.S. Securities and Exchange Commission rules. But similar requirements will apply to all public companies from July 2006 under the Sarbanes-Oxley corporate reform measures.
This document [filescan.com.au] discusses email archiving requirements, including an EU-wide requirement for ISPs to keep copies of emails for 1 year.

I know how they feel (5, Funny)

COMON$ (806135) | more than 9 years ago | (#12594461)

I deleted an e-mail that gave me $10 off at tigerdirect...dont think I will ever recover.

In related news (-1, Troll)

Anonymous Coward | more than 9 years ago | (#12594462)

Recent studies suggest that you can suck my cock. Or as the nurse put it, bend over and drop trou.

I am never deleting my spam again (3, Interesting)

multi-flavor-geek (586005) | more than 9 years ago | (#12594469)

Does this mean that if we want to sell a company a larger mass storage device all we have to do is deluge them with pertinant email with large attachments? How long would it take before they would be forced to upgrade?
Afterall the best way to drum up more business is with deceptive or dishonest tactics.

Deleting Emails Costs Morgan Stanley $1.45B (5, Funny)

Anonymous Coward | more than 9 years ago | (#12594474)

Wow. I can delete mine for free.

Re:Deleting Emails Costs Morgan Stanley $1.45B (2, Funny)

SydShamino (547793) | more than 9 years ago | (#12594713)

You should offer to contract with them. Clearly their in-house IT is too expensive. Yet another opportunity for corporate outsourcing...

Email retention Policy. (4, Interesting)

TedTschopp (244839) | more than 9 years ago | (#12594475)

I know that where I work there is a basic 6 month email retention policy, which states that all email will be deleted if it is 6 months old. I have always wondered if and when this will change.

There is probably an opportunity here for a company to come up with an extension to an email system which will manage keeping old emails. Something which will allow for the catagorizing of unstructured data. That way the system can trash the not to serious emails and keep the 'important' ones.

Ted Tschopp

Re:Email retention Policy. (4, Informative)

Valegor (693552) | more than 9 years ago | (#12594617)

EMC and Veritas have both bought companies(Legato and KVS) that provide not only this type of service, but also single instance storage. If someone sends out an attachement to 50 people, only one is actually put into storage. There are other vendors that have similar products, but these are the only two I have first hand knowledge of. The best practice if you are not legally required to keep e-mail(as financial institutions are by SEC requirements) seems to be a short retention policy. If you do not keep the e-mail then it cannot be used against you. It is also best to enforce the policy because if it is discovered that you have the e-mail then you are required to produce it. Financial industries however are required to keep all electronic communications for atleast 3 years, but that extrends to 7 if the data in question is in litigation.

Re:Email retention Policy. (1)

SGGent (824566) | more than 9 years ago | (#12594624)

Actually you are better off with a blanket policy in writing that's enforced than a pick-and-choose policy. Who is to say what email isn't important to you might be important to the courts, SEC, FBI, etc.. If you have a blanket policy that really is enforced its a pretty good CYA defense.

Re:Email retention Policy. (1)

ahbi (796025) | more than 9 years ago | (#12594625)

I would guess, that the problem isn't in the standard corporate 6 month retention policy, but in not making an exception to the policy.

So, I would guess that Morgan has the usual X months retention policy, but someone forgot to flag these emails as possible evidence and therefore exempt from that policy.

You can delete whatever documents you want as long a you are not doing so when the documents could be needed for reasonably immenent litigation. So, if no one is reasonably [FN1] likely to sue you about email X, you can delete it. However, once someone has started to make legal threat that are credible, if you destory the email the judge can determine that you willfully destoried evidence.

[FN1] reasonable as in probable.
Not, the planet COULD blow up tomorrow. Not, I COULD get hit by a bus. But, I ordered something on-line last week and it could arrive today.

PS:
Anyone know a a decent Firefox (Win32) speel checker that works in forms liek Slashdot's? I really don't care enough to open Word to fix my typos and other errors.

Re:Email retention Policy. (0)

Anonymous Coward | more than 9 years ago | (#12594670)

You can try SpellBound. I believe it is as spellbound.sf.net.

Re:Email retention Policy. (1)

Wesley Felter (138342) | more than 9 years ago | (#12594628)

"Compliance" is already a mini-industry with the usual big players and plenty of startups.

Email is so small that it's cheaper to keep everything.

Re:Email retention Policy. (1, Insightful)

Anonymous Coward | more than 9 years ago | (#12594684)

That way the system can trash the not to serious emails and keep the 'important' ones.

Pffft, why make it complicated? E-mail just doesn't take up that much space. Well, maybe those internal mails with people mailing 100 MB attachements around. However, it's easy to setup a system that only keeps one copy of all attachments sent.

Just like how Google can offer 2 GB e-mail space. Does anyone actually use all that? I would say the average person only uses a fraction.

I have every (non-junk) mail I have sent or received for at least the last 10 years (including a ton of inter-office business mail) and I barely have 2 GB. Compressed it's way less than that.

Just store it all, no biggie. People waste way more space on their personal network drives (WAY more space).

Re:Email retention Policy. (4, Informative)

darkmeridian (119044) | more than 9 years ago | (#12594827)

The Sarbanes-Oxley Act requires all public companies to maintain records for three years. Six months is a problem. What happened to Morgan Stanley, however, is not simply that it failed to keep the records. Rather, it kept on saying that it could not find the files. There is a rather reasonable rule of evidence that says failure to produce evidence in your possession without a reasonable excuse for that failure (like there was a non-suspicious fire, or 9/11) can lead to the presumption that that evidence would have vindicated the position of the opposing party. For instance, pretend a supermarket has a security camera that I claim recorded the store clerk beating me. I want the tape to prove the unprovoked attack. If the store says it lost the tape and the judge believes that this was a pretext for destroying evidence, he may make a pre-trial ruling that the tape would show an unprovoked attack against me by the clerk.

morgan stanely needs shinyfeet (-1, Troll)

downsize (551098) | more than 9 years ago | (#12594498)

now see, if they used http://shinyfeet.com/ [shinyfeet.com] (ref not disclosed to keep the whiners happy), non of their email would have been deleted :-}

I thought the problem was that they HAD backups (2, Informative)

vrimj (750402) | more than 9 years ago | (#12594499)

and just didn't serch them after their primary servers were destroyed. I think the problem was in not turing over what they had. Or to but it in lawyer terms the e-mails were "discoverable" (that is avilable in some form and relevant) and were not "produced" (turned over to the other side) http://litsupportguy.typepad.com/litigation_suppor t_guy/2005/05/the_woodshed_re.html [typepad.com]

Re:I thought the problem was that they HAD backups (0)

Anonymous Coward | more than 9 years ago | (#12594550)

Yeah, they admitted they had a system to search the email but lost the manual.

They deserved it. (3, Interesting)

bogaboga (793279) | more than 9 years ago | (#12594503)

With hard disks as cheap as they are, and the advanced archiving capabilities of todays' software, I wonder why they would delete these emails except for the purpose of destroying/frustrating investigations.

Even in a "third world" country I visited recently, they had emails dated 1997, stored on a Slackware box!

This time, I agree with the US justice system. They deserved it...I am sorry to say.

Re:They deserved it. (1)

nizo (81281) | more than 9 years ago | (#12594567)

Even in a "third world" country I visited recently, they had emails dated 1997, stored on a Slackware box!

Trust me, people in third world countries aren't the only ones with 8 year old email messages. Though maybe I can use that info to tease some of my users so they will clean up their mailboxes the next time they whine about how long it takes for their mail client to start up. Then again these are the same users who freak out when I go to empty their trash; apparently some of them store messages they care about in there.

Re:They deserved it. (1)

GMFTatsujin (239569) | more than 9 years ago | (#12594632)

Our enterprise email system at Local University puts the responsibility of archiving email on the user. This is because it's not so much a space issue as it is a "live" space issue. Keeping accessable the archives of all emails from the past year isn't so big a deal. Keeping accessable the archives for everyone over their entire careers with out institution would be a big deal. (And yeah, for people who write grants, carry out research, and author publications, its usually important to be able to go *all* the way back at a moment's notice. None of this "let me see if I can find the backup tape -- check back in a week" stuff.)

Instead, each user keeps their own archives on their own machines, where they have plenty of space just for their stuff. This is no big problem... until the computer blows up. Or the user gets creative with file management. Or a cosmic ray hits the drive platter in the wrong spot.

The upside is that we, the underfuided IT department, don't have to keep upgrading our backup systems exponentially every year. The downside is that the user shoulders the responsibility, and therefore is the one to blame when their all-important email archives die.

Oh, wait. That's an upside too. Never mind.

Re:They deserved it. (1)

geekoid (135745) | more than 9 years ago | (#12594636)

"This time, I agree with the US justice system. They deserved it...I am sorry to say."

why would you be sorry to say that?

do you think that all government is out to get you? do you think the justice system as there to hate?

jeez, people like you just look for things to hate about the American system, then get all pouty when it works.

Re:They deserved it. (1)

zakezuke (229119) | more than 9 years ago | (#12594801)

With hard disks as cheap as they are, and the advanced archiving capabilities of todays' software, I wonder why they would delete these emails except for the purpose of destroying/frustrating investigations.

I'm sure I might have some e-mail from 1997 on some 5.25 inch ESDI hard disc somewhere. I might even have an ISA ESDI controller, and with enough luck, I might and I stress might be able to find a motherboard that will actually use the ESDI controller. And who knows, it might be the right controller that can read how the data is encoded, the drive might still be working and I might be able to remember whether I turned spare sector off or not. The software that reads the e-mail might even still be working, or better still it could be in ascii and readable. And who knows, I might be right about the fact that it was on an ESDI drive and not one of the random scsi drives I have in boxes.

Given the cost of tape, disc-r, and drives I would agree cost of the medium is not the issue. The issue is employing a method of archiving this data in a way that can be easily accessed. Letting it sit in your inbox doesn't count. A stack of 100 hard drives that may or may not be marked with a sharpy doesn't count.

The tried and true method of printing out e-mails and placing them in folders would count, and you are correct in this way they have no excuse. A system that processes incoming and outgoing e-mail, indexed based on from, to, and time would count. But since they don't have these in place they should resort to treating e-mails like they do their paper medium, put it on paper and use their existing storage techniques.

Morgan Stanley? (0)

Anonymous Coward | more than 9 years ago | (#12594506)

Hah. I knew they were crooks when I saw those ads. You know which ones I'm talking about. The ones that were made to look like old fims of their exhalted founder giving lectures on the importance of integrity and vision and crap like that.

I never could figure out what demographic they were targeting with them.

Re:Morgan Stanley? (1)

zakezuke (229119) | more than 9 years ago | (#12594578)

The ones that were made to look like old fims of their exhalted founder giving lectures on the importance of integrity and vision and crap like that.

As a rule of thumb, when you see commercials like are either either for financial planning or an imported snack. Mentos at least has the decency to make clear by showing the product at the end. Unless you know it's the Mentos jingle it's easy to confuse with a financial planning or funerial commercial.

They should learn from Microsoft (0)

Anonymous Coward | more than 9 years ago | (#12594509)

They delete e-mails as a matter of policy and get away with it (for example, the Burst patent infringement case).

Harbinger? (0)

Anonymous Coward | more than 9 years ago | (#12594513)

I think he really meant "humdinger", no?

Or Hummer... (0)

Anonymous Coward | more than 9 years ago | (#12594568)

Maybe the warm, fudgy kind you can only get from your mom in a San Francisco stud pub.

They can afford it (0, Troll)

prashanthch (655488) | more than 9 years ago | (#12594514)

Well, for all the money that the financial institutions and banks rob from average people like me, they can afford to pay another billion dollars if you ask me.

My old companyd did not back up email (2, Interesting)

Anonymous Coward | more than 9 years ago | (#12594515)

My old company did not back up email by design. That way if the company was sued, there was no endless searching through back up tapes for something possibly incriminating. When we had a legal dispute, the company lawyers would tell us all to search the email on our PC's for certain works and forward any hits to them.

"Because they deleted those e-mails..." (3, Funny)

Cr0w T. Trollbot (848674) | more than 9 years ago | (#12594530)

"...my client will never receive millions of dollars from a Nigerian Prince, nor will he have the larger penis he's always wanted!"

Crow T. Trollbot

Regarding "Harbinger" (0)

Anonymous Coward | more than 9 years ago | (#12594540)

Maybe not a Harbinger but a real S.O.B. for them.
|:(

Sarbaines Oxley (5, Interesting)

Mentaljock (875172) | more than 9 years ago | (#12594545)

(I work at a Bank) Since Sarbaines kicked in, we have to keep a backup of every single file you use for work purposes, not just email. This means archiving every word doc, spreadsheet, database...etc. Starting January 1, they also blocked our access to all external sources of email and external instant messaging clients as well. After seeing this judgement, now I understand why.

Re:Sarbaines Oxley (1)

Amoeba (55277) | more than 9 years ago | (#12594792)

This fine isn't due to Sarbanes-Oxley. Sarbanes-Oxley (SOX) non-compliance fines don't even kick in for publicly traded companies with a cap >$42million until the end of June, with some companies getting an extension as of may 5th for another 6 months if they use a calendar year for financials. Publicy traded companies with a cap $42million have a longer timeline before SOX is in effect.

Additionally, SOX doesn't specify what the retention policy is or the length required (with some exceptions re: financials), only that a policy must be in place and adhered to. If you fail to meet the requirements you can be fined. There are other laws which financial institutions must follow like the Gramm-Leach-Blily Act (GLBA) or other COBIT-type crap. More than likely the Morgan-Stanley fine is related to what another poster said (in addition to a violation of some of those other laws?):

"Apparently, Morgan Stanley came forward, said they had produced all the emails. (time passes) They find some more emails and turn them over. (time passes) The find a closet stuffed with backup tapes and turn them over. (Time passes) Morgan Stanley files a document certifying that they turned everything over. (Time passes) Morgan finds even more emails and turns them over. This causes the judge to get annoyed."

They certified they submitted everything they had. And then found more. Oops.

Rention policy wouldn't make a difference (3, Insightful)

downsize (551098) | more than 9 years ago | (#12594555)

ok being serious (no more shinyfeet plugs), I used to work as an admin where the retention policy was 1 year. however, that just meant you rotated the tapes for 1 year. the email growth rate was very small (even though there was 1,000s each day), it was the files that grew beyond the retention. even the attachments and email boxes with 1+GB were safe, as 20 years of email fit onto a single DLT4.

granted, MS, er Morgan Stanley is a much bigger company, but I find it very hard to believe that any retention policy would include email, that has got to be their smallest backup.

Conspiracy Theorist (2, Insightful)

Eberlin (570874) | more than 9 years ago | (#12594560)

A government entity sends out an all-staff e-mail saying that in order to conserve space, we are to clean out our e-mail. Trash bin should be cleared out, important documents are to be printed out, filed, and then deleted off the system.

I've always thought that storage was cheap nowadays and that clearing out e-mail boxes was moot. I suppose there's some merit to it as there's definitely space to be reclaimed from the activity...but is it really worth that much considering a couple of hundred bucks would get you another 200GB or so?

Conspiracy theory, anyone? :)

There's also speed to consider. (2, Insightful)

khasim (1285) | more than 9 years ago | (#12594824)

Disk space is cheap.

But having the email program dig through years and years and years of email just to get the stuff you received today pisses a lot of people off.

The issue isn't really about disk storage. The issue is that many mail systems are not setup with "live" data disks and "archived" data disks. Everything goes on the live drives unless the user archives it off to a safe location.

But then how do you make sure you have a backup of that archived data?

Currently, we're taking the approach of copying all the email that comes in or goes out to DVD.

It's not a great solution, but the users can do whatever they want with their emails and I'll still have a copy in case any legal issues pop up.

I suspect that, very soon, email systems will be designed to accomodate the concept of archives as a near-line storage system or even a different storage box. Adding space to a storage box probably won't have the same issues as adding space to a live mail system.

And having a system that archives email to a different box after a set time since last access or something would definately improve the speed.

They deleted MY emails! (5, Funny)

richardmilhousnixon (515595) | more than 9 years ago | (#12594563)

I was a client of MS/DW. I kept trying to let my financial advisor know about this wonderful pill that would make his penis bigger, and I get the feeling that MY emails were deleted as well!

Re:They deleted MY emails! (0)

Anonymous Coward | more than 9 years ago | (#12594711)

They don't need to worry about that... as I'm sure I have a few dozen copies of your emails that I'm willing to sell them for just a fraction of the judgement.

Policy of a large accounting firm.... (0, Interesting)

Anonymous Coward | more than 9 years ago | (#12594566)

Not going to say which one but they only keep backups of email for 14 days! It's the responsibility of the partner to save email and back it up and the parter is the one that gets subpoena'd when the shit hits the fan.

Re:Policy of a large accounting firm.... (1)

blogeasy (674237) | more than 9 years ago | (#12594729)

Maybe they should have used Google's Gmail then they'd have plenty of space for their emails and the attorneys could easily search for all those incriminating details.

Selective Memory Loss (5, Insightful)

SoupIsGood Food (1179) | more than 9 years ago | (#12594572)

I think the issue is "selective memory loss" - Microsoft plays this card all the time in court. Emails from a relevant time period are "deleted" when convenient, while older or newer or even contemporaneous mail is saved... the judge in this case was simply smart enough to call shenanigans.

You can delete old email if you're that hard up for space, just have a rock-solid deletion policy you can prove you adhered to in a court of law.

It also helps to audit your archives and backups regularly, and document what data was lost when. 'Cuz face it, every admin at some point or other loses some data to corruption, hardware failure, bookeeping mixups or user error. Knowing what you forgot and when you forgot it can help in situations where not having the data on hand can cost a billion bucks or so.

SoupIsGood Food

Re:Selective Memory Loss (0)

Anonymous Coward | more than 9 years ago | (#12594591)

Microsoft plays this card all the time in court.

Example, please. Since when is Microsoft even in court "all the time"?

Re:Selective Memory Loss (2, Funny)

Anonymous Coward | more than 9 years ago | (#12594763)

You can delete old email if you're that hard up for space, just have a rock-solid deletion policy you can prove you adhered to in a court of law

We have a rock solid deletion policy, we delete all incriminating e-mails.

Re:Selective Memory Loss (1)

DannyKumamoto (4636) | more than 9 years ago | (#12594769)

You can delete old email if you're that hard up for space, just have a rock-solid deletion policy you can prove you adhered to in a court of law.

But if the law requires 3 year retention, no company policy will trumpt Fed law. I'm no lawyer but I would think that court cases will enforce it, too, starting with this one.

I suppose one could encrypt old email and claim that the key was lost (or completely random) but then the court will probably make you PAY to crack the encrypted email....

Re:Selective Memory Loss (0)

Anonymous Coward | more than 9 years ago | (#12594829)

Maybe they would blame the lost emails on a "software failure" on the email server. That or "filesystem corruption".

Also financial instutions have it a bit different (1)

Sycraft-fu (314770) | more than 9 years ago | (#12594831)

There are rules about retention that are beyond normal companies since they are dealing with money. In most normal cases, you could have a retention policy of 1 week and that'd be fine. So long as your policy was consistent and was something that existed before you were asked for the documents you aren't likely to have any problems.

I mean we get subponea'd for e-mails every so often and we give them what we can. If that's nothing, they are fine with that. The important thing is that we are truthful and consistent.

oh yeah! (0)

python_kiss (876709) | more than 9 years ago | (#12594576)

The financial giant Morgan Stanley lost a $1.45 billion judgement yesterday due, in part, to their failure to retain old email. I can relate to that.

To Keep or Not to Keep (3, Informative)

WAR-Ink (876414) | more than 9 years ago | (#12594577)

That is the question. The answer is keep it, for a while.

Email records can be subpoenaed just like anything else. If it benefits your case, it would be nice to have, if it hurts our case, it would not be so nice to have.

When I write computer use policies, I recommend keeping it for 1 to 2 years. Depending on the type of business that might get extended out much longer. A start-up company might want to keep it 10 or more years to cover any possible arguments with their VCs over who owns the IP.

So why not keep it forever? Unless you want to have the lady sueing you for sexual harassment making your companies email part of the public record, you might want to set some limits.

The key is to document, in writing, what that limit should be. For example, maybe put it in your companies Computer Use policy. You have one...right?

How about MS? (2, Interesting)

Nom du Keyboard (633989) | more than 9 years ago | (#12594588)

So when will Microsoft have to comply with these requirements? I heard they've been reportedly flouting the e-mail retention rules for by designating some completely unrelated person(s) as the project leads so that if they ever get called to turn over "relevant e-mails on specified projects", they turn over ones for people who where truly not involved while destroying the incriminating ones.

This came out during a trial where MS appeared to partner with a software company on smartphones, and then terminated the agreement after seeing the technology. Shortly afterwards they announced their own product that had suspiciously similar features to the technology of the cut-out company.

not as big a deal as it seems (1, Interesting)

Anonymous Coward | more than 9 years ago | (#12594598)

i'm an it consultant at morgan stanley, and i haven't heard anyone talking about it around where i work (although that could be just the techies that i spend my time with not caring), and if you read more news stories on this, lots of people, not just inside morgan stanley, are pretty confident that the rulings will be overturned. and if you think the money's an issue, morgan stanley's profits were $4.5 billion last year, and in the first quarter of 2005, $1.5 billion. i'm not saying that this wouldn't be bad if it stands, or that morgan doesn't have any other problems, but the situation isn't as dire as a lot of people are making it out to be.

Used to work for MS (0)

Anonymous Coward | more than 9 years ago | (#12594599)

They spent millions to become SOX (Sarbanes Oxley) compliant and had a rather lavish party after they had achieved it [or so they thought]

Re:Used to work for MS (1)

Monkeman (827301) | more than 9 years ago | (#12594647)

"Microsoft" and "compliant" used in the same sentence? The very fibre of the universe has been bent!

Their entire operation is on Token Ring... (1)

creimer (824291) | more than 9 years ago | (#12594648)

I recently had an overnight IT job at a local Morgan Stanley office to covert their network from Token Ring to Ethernet. The funny thing was that the motherboard for all the computers had a built-in Ethernet port, and the relatively new building was wired for Ethernet, but they had Token Ring installed everywhere. Their technology upgrade cycle must be about 20 years long.

sliding schedule - SEC rules? (2, Informative)

bobalu (1921) | more than 9 years ago | (#12594655)

I worked at a large broker, and they had to be able to come up with a two-week old email immediately, a year old email within two weeks, etc., back to like seven years I think.

harbinger definition (1, Informative)

Anonymous Coward | more than 9 years ago | (#12594662)

n : an indication of the approach of something or someone [syn: forerunner, herald, precursor] v : foreshadow or presage [syn: announce, annunciate, foretell, herald]

How I read it... (0)

Anm (18575) | more than 9 years ago | (#12594666)

The CEO of a record retention software company noted, 'Morgan Stanley is going to be a hamburger'.

literacy? Who needs it

Re:How I read it... (0)

Anonymous Coward | more than 9 years ago | (#12594807)

Funny thing is, I read it correctly the first time I saw the story. The second time I saw the story, I thought it said "hamburger".

Strange.

(posting anon because I used a mod point here)

The Dilemma of Archiving Email (1)

workerbeedrone (323535) | more than 9 years ago | (#12594671)

A great sage once said, "You're damned if you do, and you're damned if you don't."

Damned if you do, Damned if you don't (1)

Delilah Jones (852061) | more than 9 years ago | (#12594682)

So, according to the article, you're screwed if you hoard every last email and IM file like some OCD patient, since they can have "compromising material."

And you're screwed if you delete these files for not maintaining proper records, since it looks like you're trying to hide something.

Since the only plausible escape from this bind seems to be hoarding everything, without having any "compromising material," it looks like we're all in for some good ol' compliance training!

(Which, by the way, is also going to set the company back.)

Re:Damned if you do, Damned if you don't (1)

jwilkins13 (661548) | more than 9 years ago | (#12594814)

Not any different from the real (paper/film) world - you're screwed if you hoard every last scrap of paper with scribbles on it, because those may be indicative of a state of mind...
And you're screwed if you throw them away (especially if you *just* throw them away as opposed to, say, shredding them), since it looks like you're trying to hide something.
The only plausible escape is in fact compliance training, typically in the context of a defined and enforced records management program with established policies and procedures, file plans, retention schedules, etc. AND have the legal team vet the results!
For more info you could visit ARMA International, the Association of Records Managers and Administrators, at http://www.arma.org./ [www.arma.org] Equivalents exist in numerous countries around the world.
And yes, it will set the company back, but I daresay less than $1.45 billion. I know consultants are expensive, but we're not THAT whorish. Most of us. :D

Harder to keep old mail than you think (2, Informative)

dotgain (630123) | more than 9 years ago | (#12594692)

Now so many people send HTML email around with lovely (read: badly jpegged text, tacky looking) signatures, background patters (to impede readability) and animated smilies scattered around the letter (to make you look even less mature) it's actually a big deal to keep all these letters. Where the text doesn's sum up to more than 1k, we've got a 100k email that all my users want to keep on our poor exchange server FOR SEVEN YEARS.

Still not as bad as keeping psychotherapy notes... (1)

Delilah Jones (852061) | more than 9 years ago | (#12594725)

We're supposed to keep them for seven years. SEVEN!! Not just three, as in this case.

And be careful what you write in those notes, or they can come back to haunt you!

"Mary came in today wearing a pleasantly revealing bodice, showing, above all else, an ample bosom that might well be used to serve cocktails...."

IANAL - Someone help me understand this. (3, Insightful)

tshak (173364) | more than 9 years ago | (#12594741)

Can someone with more legal understanding than myself please explain why emails can be considered as hard evidence?

1) They can't be authenticated: There's no way to prove if the email was written by the person on record.

2) The contents can not be validated: There's no way to prove that the contents were not altered in transit.

To me, email is so easy to spoof that I would take anything I got from such "evidence" with a huge proverbial bucket of salt. Furthermore, I know that institutions such as Morgan Stanley are required to keep certain records on hand but considering the fragile nature of email I find it quite odd that companies would be required to keep it around. Do IM conversations fall into the same category?

Call me ignorant (I am), but this issue really confuses me. It's not like Morgan Stanly destroyed a bunch of notorized documents.

Re:IANAL - Someone help me understand this. (1)

TheNumberSix (580081) | more than 9 years ago | (#12594816)

IANAL either but I've had to live through discovery on a few occasions for work.

The question as to "if something is worthy evidence" really doesn't apply during "discovery". People can request all kinds of things and generally they seem to get their way if the things requested can even reasonably be material to the case.

If it's "good" or "authentic" is a question that happens at trial, not discovery.

That's why discovery is so freaking awful. It is time-consuming and dreadful, since there's such a wide latitude of stuff they can ask for.

Good....FINALLY! (5, Insightful)

PortHaven (242123) | more than 9 years ago | (#12594756)

Think about it...

If it can cost Morgan-Stanley $1.5 billion for not storing email. And 90% of email is SPAM. The risk of deleting/filtering SPAM and losing valid email is going to be too risky.

Therefore, it will become extremely cost effective for Morgan-Stanley (and other large firms) to hire lobbyists to make unsolicited SPAM (with no valid return email addresses) illegal, criminal, and enforced.

i don't get it (1)

j1mmy (43634) | more than 9 years ago | (#12594787)

email can be faked or altered so easily. why is it even admissible in court as evidence?

How much would it cost to keep all e-mails? (3, Interesting)

nokiator (781573) | more than 9 years ago | (#12594805)

Of course, not being able to produce all the e-mails requested by the court was only one of the reasons for the $1.45B judgement.

I wonder what would be the long term costs of keeping every piece of e-mail that is sent and received at a large financial organization like Morgan Stanley? To be useful in the context of an unknown future legal case, the e-mail would not only have to be backed up but also needs to be organized in some fashion. And it will accumulate over years. What happens if some piece of e-mail that is crucial to a case happened to be classified as junk? Does this mean that the company will have to keep every piece of junk mail received just in case?

A couple of companies I worked for lately had an ever increasing emphasis on cutting expenses in areas like manufacturing and R&D, but the expenses associated with trying to "look good" in reference to new legislation like the Sarbanes-Oxley act was virtually uncapped. According to the company Legal Counsel, if they have to go to court, showing that the company hired $1000/hr consultants to decide the record retention policy would be important. Apparently, what the company did nor did not do is not nearly as important as the company to be able to show that best effort along with the prevalent industry practice at the time was put in.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>