Ouze wrote:

 Dreadclaw69 wrote:
What I cannot believe is that by deleting an email on a sender's computer that it is magically deleted on the recipient's also.

Not exactly, but if the sender deletes it, and the recipient also deletes or archives it (locally), the server copy is removed, if it's set up that way.

In other words, unless there is a retention policy to prevent this, if I send you an email, and then I delete it from my sent items (or have it set to archive locally), and you get it, decide it's not important, and delete it, on day 31 it's gone, essentially. There is a single copy on my local computer hard drive, assuming it's archived there, and the copy you deleted is generally removed after sitting in deleted items for 30 days.

When I was supporting several different companies, at least one was set up this way - a big, fortune 1000 mining company. They had migrated from Groupwise and had no idea how to administer exchange, and had a terrible IT admin in general. I have no idea what they would do if they were sued and forced to produce email for litigation.

Another company I formerly supported, a 6 billion dollar realty company, tried to avoid this by having all of the PST's sorted on a share drive. The archives were routinely allowed to grow far, far in excess of the 2gb break size upon which corrupted data moves from being a possibility to a an inevitability. Yes, they had redundant backups and tape backups, as many copies of the unusable, corrupted data as you'd like.

Spoiler:

As an amusing aside, whenever they would patch the print server, every single client PC in the company would be forced to re-download drivers for their computers; and it manifested itself as the computer freezing for 20 minutes at a black screen. We must have taken thousands of calls every time that happened, and it happened fairly frequently. This is the kind of stuff that would happen all the time.

The point of this story is that, in my experience in the IT field, you'd be amazed at some of the incompetence and unreliability you find in real life versus how you expect things to work. Many companies resent that they have to spend money on IT at all and continuously underfund their departments, which results in expensive losses in productivity. Penny wise, pound foolish is the order of the day. I've been doing this almost 20 years, and I've really only worked for two companies that actually had intelligent IT planning, and one of which is because due to their business, they were often attacked by external forces of phishers hackers, and miscreants - they recognized early on that cheap IT is super expensive when you have company secrets that are worth something.

 Dreadclaw69 wrote:


CNN - "At the time, Ms. Lerner asked IRS IT professionals to restore her hard drive, but they were unable to do so,” the IRS said. “Nonetheless, the IRS has or will produce 24,000 Lerner e-mails from this 2009-2011 time period, largely from the files of the other 82 individuals. The IRS's production to Congress of the 67,000 Lerner e-mails is nearly complete."

 Dreadclaw69 wrote:

What I am saying is not that you are incorrect. What I am saying is the IRS's statement is very clear - they did not blame server issues for the loss of emails, they did not blame the passage of time for emails being archived or deleted. They very clearly said that the emails cannot be retrieved because of a hard drive failure in one employee's work computer in a network.

 Dreadclaw69 wrote:

So we have a scenario in the IRS with emails about a live process going to multiple people, across multiple agencies, with a number of people involved, and a lot of hardware involved, so there are lots of emails that have graced more than just Lerner's computer. Yet we're supposed to believe that because the hard drive failed on her computer (not a server, not a back up) that every single email is lost.

 Ouze wrote:
No, they've recovered a great deal of her emails as I understand it doing exactly what you say: getting copies other people had.

 Dreadclaw69 wrote:


CNN - "At the time, Ms. Lerner asked IRS IT professionals to restore her hard drive, but they were unable to do so,” the IRS said. “Nonetheless, the IRS has or will produce 24,000 Lerner e-mails from this 2009-2011 time period, largely from the files of the other 82 individuals. The IRS's production to Congress of the 67,000 Lerner e-mails is nearly complete."

Perhaps I don't understand what you're saying.

The IRS told Congress yesterday that two years of emails on Tax Exempt Organizations department manager Lois Lerner’s desktop were irretrievably lost due to a hard drive crash in 2011. As this is a technology blog, how could this event happen?

The Internal Revenue Service has 90,000 employees working in a complex financial-services organization. Like its private-sector counterparts, the IRS has a sophisticated Information Technology organization because the IRS mission is implementing the tax laws of the United States. The IRS is the epitome of a paper-pushing organization, and by 2011 paper-pushing was done by email.

1. The IRS first installed Microsoft’s enterprise email product, Exchange in the data center and Outlook on client desktops in 1998, about the same time as many Fortune 500 organizations. By 2011, the IRS had over a decade of operational experience.

2. Hard drives are the weak-link in IT installations. These mechanical devices fail at the rate of about 5% a year. With 90,000 employees, that works out to an average of 4,500 a year or 22 per work day. The IRS IT staff is very familiar with the consequences of user-PC hard drive failures. Data center storage management is another leaf in the same book.

3. The IRS reported to Congress that senior executive Lerner’s hard drive failed, and nothing could be recovered from it. It was forensically tested. As a result, the IRS claims, there is no record of the emails that were sent or received from Ms. Lerner’s computer. The thousands of emails recovered to date were extracted from sender or recipient email lists within the IRS, not from Lerner’s files. There is no record of emails to other federal departments, or to other organizations or personal emails.

4. The implication is that the Lerner email history only resided on her computer. There is no other IT explanation. Yet Microsoft Exchange in the data center stores copies of all email chains on multiple hard drives on multiple, synchronized email servers. That’s the way all enterprise email systems have to work. So the facts as stated make no IT sense.

But let’s look at the implications of a strategy where the Lerner email history only resided on her computer and the hard drive failed completely so nothing could be recovered:

Where are the Lerner PC backups? With a 5% annual failure rate, industry-wide PC backup strategies are as old as centralized email. There should be Lerner PC backups made by IRS IT. Leave it up to the user to make backups? No organization the size of the IRS allows that for all the obvious reasons that come to mind, starting with it doesn’t work in practice.
How could Lois Lerner do her work? The hard drive was lost and there were no PC backups. Besides losing two years worth of emails, GS-15 department head Lerner had to also lose all the data of a digital business life: calendar; contacts; personnel notes; work-in-process plans, schedules, meeting notes, reviews, budget spreadsheets, official IRS rulings.
It is inconceivable that a modern executive could be stripped of all her business data and not face-plant within a week. Could you? Not me. Nobody has paper backup for everything anymore. Your business smartphone backs up to your PC.
The Exchange servers log every email coming into and going out of the IRS. Did the whole set of IRS backup tapes fail in an unreported catastrophe? That primary (but undiscovered) failure would make the routine failure of Lerner’s PC unrecoverable.
I cannot think of an acceptable reason for the unexplained yet unrecoverable loss of the data on Lerner’s PC while following the usual practices every IT organization I have worked with over decades. Which leaves only two alternatives: a much clearer explanation from IRS IT professionals of how these events could happen; or something nefarious is going on.

Follow me on Twitter @peterskastner

The author’s experience with federal email and records management began with the Ronald Reagan White House in 1982.

 whembly wrote:

1.15.6.10.1 (06-01-2010)
Magnetic Tape

IRS offices may transfer electronic records to NARA on magnetic tape using either open-reel magnetic tape or tape cartridges. Open-reel tape should be on 1/2 inch 9-track tape reels recorded at 1600 or 6250 bytes per inch and blocked no higher than 32,760 bytes per block. Tape cartridges should be 18-track 3480-class cartridges recorded at 37,871 bpi and blocked at no more than 32,760 bytes per block.

 whembly wrote:

Also, keep in mind that the IRS absolutely MUST use electronic records such as these emails as evidence in court.

 whembly wrote:
Before an email is sent or delivered a copy is made on the server that cannot be changed or deleted.

 whembly wrote:

If they cannot provide adequate explanation... then, a special prosecuter from the DoJ need to be established.

 dogma wrote:

 whembly wrote:

Also, keep in mind that the IRS absolutely MUST use electronic records such as these emails as evidence in court.

How did you come to this conclusion?

 whembly wrote:
Before an email is sent or delivered a copy is made on the server that cannot be changed or deleted.

By the individual. Whoever is managing the server is fully able to do either.

 whembly wrote:

If they cannot provide adequate explanation... then, a special prosecuter from the DoJ need to be established.

And such a prosecutor will do what, exactly?

 whembly wrote:

In order to establish the trustworthiness of electronic records for judicial proceedings they have to verify that security and audit procedures prevent unauthorized addition, modification, or deletion of a record.

Failing that... the lawyers would have a field day.

 whembly wrote:

Exactly... forensic would be able to determine if it was purposely done.

 whembly wrote:

Seriously?

 sebster wrote:
The place I work at now, and the place before it both were trying to undertake a process of ensuring all important and somewhat important emails were properly recorded and preserved through records management. It's a bitch of a process, both in terms of the technical stuff (which I understand not at all) and the cultural change (because people really can't be bothered dealing with unwieldy records management systems). In both cases the reforms were driven by parliamentary questions that were not able to be fully met because emails had been lost.

So in terms of the IRS being unable to recover lots of emails, well it means their systems are poor and need reform, but its hardly evidence of a conspiracy. This isn't to say there is no conspiracy to cover anything up- 'sorry we lost that' is second only to 'I can't recall' in the arsenal of the cover up, just that it isn't evidence in and of itself.

Anyhow, this is all getting really Benghazi really quickly - there are some feth ups here that Congress and the nation ought to investigate, but the hyperbolic nature of the investigation, looking for grand presidential crashing conspiracies in everything, just makes me start to reflexively react against the investigation.

 whembly wrote:

 sebster wrote:
The place I work at now, and the place before it both were trying to undertake a process of ensuring all important and somewhat important emails were properly recorded and preserved through records management. It's a bitch of a process, both in terms of the technical stuff (which I understand not at all) and the cultural change (because people really can't be bothered dealing with unwieldy records management systems). In both cases the reforms were driven by parliamentary questions that were not able to be fully met because emails had been lost.

So in terms of the IRS being unable to recover lots of emails, well it means their systems are poor and need reform, but its hardly evidence of a conspiracy. This isn't to say there is no conspiracy to cover anything up- 'sorry we lost that' is second only to 'I can't recall' in the arsenal of the cover up, just that it isn't evidence in and of itself.

Anyhow, this is all getting really Benghazi really quickly - there are some feth ups here that Congress and the nation ought to investigate, but the hyperbolic nature of the investigation, looking for grand presidential crashing conspiracies in everything, just makes me start to reflexively react against the investigation.

Seb... think of the absolute lamest, dumbest excuse one could use in your industry, where everyone in your field would immediately raise the red flag.

This is it here.

 d-usa wrote:
Look at all that plausible deniability making any talk about criminal prosecutions a complete waste of time.

PhantomViper wrote:

 whembly wrote:

 sebster wrote:
The place I work at now, and the place before it both were trying to undertake a process of ensuring all important and somewhat important emails were properly recorded and preserved through records management. It's a bitch of a process, both in terms of the technical stuff (which I understand not at all) and the cultural change (because people really can't be bothered dealing with unwieldy records management systems). In both cases the reforms were driven by parliamentary questions that were not able to be fully met because emails had been lost.

So in terms of the IRS being unable to recover lots of emails, well it means their systems are poor and need reform, but its hardly evidence of a conspiracy. This isn't to say there is no conspiracy to cover anything up- 'sorry we lost that' is second only to 'I can't recall' in the arsenal of the cover up, just that it isn't evidence in and of itself.

Anyhow, this is all getting really Benghazi really quickly - there are some feth ups here that Congress and the nation ought to investigate, but the hyperbolic nature of the investigation, looking for grand presidential crashing conspiracies in everything, just makes me start to reflexively react against the investigation.

Seb... think of the absolute lamest, dumbest excuse one could use in your industry, where everyone in your field would immediately raise the red flag.

This is it here.

It actually isn't. I work in IT and having automatic rules that remove emails from the Exchange servers and store them on the individual recipients hard drive is a pretty common configuration designed to save space on the email servers. Do you have any idea of the amount of space needed to store this type of information? And the vast, vast majority of it is pretty useless in the first place.

Now most companies that work with sensitive data will have processes in place to store emails that are essential to the company itself, but those are workflow processes and in no way are they automatic features of an Exchange server, if the IRS has those processes in place or not, I have no idea.

All in all, as far as excuses go, this one is a pretty plausible one.

 Grey Templar wrote:

 d-usa wrote:
Look at all that plausible deniability making any talk about criminal prosecutions a complete waste of time.

Except its already been shown how there is really almost no plausible denability in this case.

 d-usa wrote:

 Grey Templar wrote:

 d-usa wrote:
Look at all that plausible deniability making any talk about criminal prosecutions a complete waste of time.

Except its already been shown how there is really almost no plausible denability in this case.

The "they deleted emails on purpose" case?

It has holes bigger than the border fence.

 d-usa wrote:
Look at all that plausible deniability making any talk about criminal prosecutions a complete waste of time.

 whembly wrote:
It's called "spoliation", where the court would permit an inference that the evidence was unfavorable to the party allegedly responsible for the loss or destruction.

 streamdragon wrote:
As a federal employee, I can tell you that the limits on email storage are extremely harsh. In our orientation training they make it quite clear that email is not stored secondarily on the server; if you clear your deleted items folder, those emails are gone and wont be recovered. If you were to try to get my email from the exchange server, you would get on average about 5 messages. Everything else is stored in an archive file the moment a task or exchange is complete. Hell, our email system rules automatically purge email after 4 weeks, and we are a much smaller agency than the IRS, whose email traffic will be expontentially higher than here at the FTC. It is pretty much on the employee to save their email, a lesson I learned the hard way when I was at DOJ.

It’s not just Lois Lerner’s e-mails. The Internal Revenue Service says it can’t produce e-mails from six more employees involved in the targeting of conservative groups, according to two Republicans investigating the scandal.

The IRS told Ways and Means chairman Dave Camp and subcommittee chairman Charles Boustany that computer crashes resulted in additional lost e-mails, including from Nikole Flax, the chief of staff to former IRS commissioner Steven Miller, who was fired in the wake of the targeting scandal.

The revelation about Lerner’s e-mails rekindled the scandal and today’s news has further inflamed Republicans. Camp and Boustany are now demanding a special prosecutor to investigate “every angle” of the targeting. They expressed particular outrage that the agency has known since February that it would not be able to produce the e-mails requested by the committee yet did not apprise the committee of that fact, and they charged in a statement that the IRS is attempting to “cover up the fact that it convenient lost key documents in the investigation.”

If Lerner is the central figure in the scandal — Oversight Committee chairman Darrell Issa said Monday evening he believes she was the senior-most official involved — Flax may be an important auxiliary figure. E-mails produced in response to a Freedom of Information Act request from the group Judicial Watch show Flax giving the green light to Lerner’s request to meet with Department of Justice officials to explore the possibility of criminally prosecuting nonprofit groups — at the suggestion of Democratic senator Sheldon Whitehouse — for engaging in political activity after declaring on their application for nonprofit status that they had no plans to do so.

E-mails uncovered by the committee last week showed that, in preparation for her meeting with the Department of Justice, Lerner and one of her advisers transmitted 1.1 million pages of data on nonprofit groups, including confidential taxpayer information, to the Federal Bureau of Investigation, potentially in violation of federal law.

 Ouze wrote:

 whembly wrote:
It's called "spoliation", where the court would permit an inference that the evidence was unfavorable to the party allegedly responsible for the loss or destruction.

The problem is that's it's exceedingly unlikely you will be able to identify one single person responsible for lost data. Is it the system designer? The exchange admin? The person who decided what the quota should be on Exchange? Maxtor, Seagate, Hitachi, WD, or whoever designed the hard drive? The vendor who designed the hard drive firmware? The guys who built the platters in Malaysia? The deskside tier 2 guys who tried to recover her drive and failed? The people responsible for her hard drive offsite backup that didn't make sure her data was backed up? The person who decided they only needed to bck up the last 3 or so years of data?

Does being bad at your job, or being good at your job of implementing a bad design or policy rise to a criminal action? You know it's not possible to prosecute anyone for this unless they uncover some conspiracy.

It’s not just Lois Lerner’s e-mails. The Internal Revenue Service says it can’t produce e-mails from six more employees involved in the targeting of conservative groups, according to two Republicans investigating the scandal.

If Lerner is the central figure in the scandal — Oversight Committee chairman Darrell Issa said Monday evening he believes she was the senior-most official involved — Flax may be an important auxiliary figure. E-mails produced in response to a Freedom of Information Act request from the group Judicial Watch show Flax giving the green light to Lerner’s request to meet with Department of Justice officials to explore the possibility of criminally prosecuting nonprofit groups — at the suggestion of Democratic senator Sheldon Whitehouse — for engaging in political activity after declaring on their application for nonprofit status that they had no plans to do so.

 whembly wrote:


IRS: Hey sorry we "lost" Lois Lerner's emails
CRITIC: It's not credible you only lost Lois Lerner's emails
IRS: Oh right we lost other emails too
CRITIC: Whose?
IRS: Other people involved in the targeting of conservatives
CRITIC: Oh

IRS Has Lost More E-mails . . .

It’s not just Lois Lerner’s e-mails. The Internal Revenue Service says it can’t produce e-mails from six more employees involved in the targeting of conservative groups, according to two Republicans investigating the scandal.

Spoiler:

The IRS told Ways and Means chairman Dave Camp and subcommittee chairman Charles Boustany that computer crashes resulted in additional lost e-mails, including from Nikole Flax, the chief of staff to former IRS commissioner Steven Miller, who was fired in the wake of the targeting scandal.

The revelation about Lerner’s e-mails rekindled the scandal and today’s news has further inflamed Republicans. Camp and Boustany are now demanding a special prosecutor to investigate “every angle” of the targeting. They expressed particular outrage that the agency has known since February that it would not be able to produce the e-mails requested by the committee yet did not apprise the committee of that fact, and they charged in a statement that the IRS is attempting to “cover up the fact that it convenient lost key documents in the investigation.”

If Lerner is the central figure in the scandal — Oversight Committee chairman Darrell Issa said Monday evening he believes she was the senior-most official involved — Flax may be an important auxiliary figure. E-mails produced in response to a Freedom of Information Act request from the group Judicial Watch show Flax giving the green light to Lerner’s request to meet with Department of Justice officials to explore the possibility of criminally prosecuting nonprofit groups — at the suggestion of Democratic senator Sheldon Whitehouse — for engaging in political activity after declaring on their application for nonprofit status that they had no plans to do so.

E-mails uncovered by the committee last week showed that, in preparation for her meeting with the Department of Justice, Lerner and one of her advisers transmitted 1.1 million pages of data on nonprofit groups, including confidential taxpayer information, to the Federal Bureau of Investigation, potentially in violation of federal law.

 dogma wrote:

It’s not just Lois Lerner’s e-mails. The Internal Revenue Service says it can’t produce e-mails from six more employees involved in the targeting of conservative groups, according to two Republicans investigating the scandal.

So consistency regarding the way IRS records were treated by the IRS is now evidence of intentional wrongdoing?

Like it or not, if it cannot be shown that any given IRS employee violated the law nothing can be done regarding criminal punishment.
.

 whembly wrote:

In civil litigation, when the other party is shown to have spoliated evidence, you win the legal conclusion you were trying to prove. The question then is this: How would this work on government agencies?

 dogma wrote:

 whembly wrote:

In civil litigation, when the other party is shown to have spoliated evidence, you win the legal conclusion you were trying to prove. The question then is this: How would this work on government agencies?

The duty to maintain evidence only arises after it becomes clear litigation, or a subpoena, will be filed*. Trying to claim injury after a minimum of 2 years after the fact is ludicrous.

*And even then not always.

 dogma wrote:

 whembly wrote:

In civil litigation, when the other party is shown to have spoliated evidence, you win the legal conclusion you were trying to prove. The question then is this: How would this work on government agencies?

The duty to maintain evidence only arises after it becomes clear litigation, or a subpoena, will be filed*. Trying to claim injury after a minimum of 2 years after the fact is ludicrous.



*And even then not always.