CIA No Role Model For CIOs

Controversy over deleted CIA videotapes provides a lesson for companies required to keep electronic evidence, some experts said.

By
Mon, December 10, 2007

IDG News Service (Washington, D.C., Bureau) — WASHINGTON (12/10/2007) - The recent news that the U.S. Central Intelligence Agency destroyed videotapes of interrogations of two terrorist suspects may offer a timely reminder for CIOs at private companies in the U.S., tasked with electronic evidence preservation rules since last December.

The e-discovery rules, amendments to U.S. courts' Federal Rules of Civil Procedure, don't apply to the CIA, but the agency's decision to destroy videotapes showing harsh interrogation techniques may show private companies how not to handle evidence, some e-discovery experts said.

The e-discovery rules require U.S. companies to keep electronic records when they're faced with a civil lawsuit or the likelihood of a lawsuit. In effect, what this means is that companies should archive e-mail and other electronic records, said Ralph Harvey, CEO of Forensic & Compliance Systems, an e-mail archiving vendor based in Dublin, Ireland. "The lesson learned is you keep everything for a finite period," he said.

In the CIA case, several lawmakers have called for an investigation into the destruction of the videotapes. The tapes, recorded in 2002, were destroyed in November 2005, when there was a heated debate about the use of harsh interrogation techniques on terrorism suspects. Some former staff members at the government-created 9/11 Commission have also questioned whether the tapes were evidence that the CIA withheld from the group, which was investigating the Sept. 11 terrorist attacks on the U.S.

In the e-discovery rules, companies can be subject to significant fines for not producing electronic evidence they're required to keep. In May 2006, even before the new e-discovery rules went into effect, Morgan Stanley agreed to pay a US$15 million fine for failing to produce e-mail linked to several legal investigations.

"Ultimately, the issue is you don't know how important that e-mail is to someone else," Harvey said.

One of the most tricky issues with e-discovery is the security of the evidence a company is supposed to preserve, Harvey added. Companies need to be able to find the electronic records, and in some cases, they may need to be able to prove that they didn't receive a certain e-mail message, he said. In nearly every case, they'll need to assure the court that their record is accurate.

"You can't say you're in compliance when Bob from administration, with a slight slipup, can delete all e-mails," he said.

Another issue the CIA case brings up is that electronic evidence can come in many forms, said Chris O'Brien, vice president of operations for Xerox Litigation Services. Right now, e-mail is the focus of e-discovery rules, but instant messages, electronic voice mail, and Web-based video conferencing could fall under e-discovery preservation rules, he said. "Anything that's electronically preserved could theoretically be subject to discovery," he said.

O'Brien said he'd be surprised, however, if many companies are archiving their video conferences in order to meet e-discovery rules.

Perhaps the biggest lesson is not to destroy evidence when it's part of an ongoing investigation -- in the CIA's case, the 9/11 Commission inquiry, said Patrick Egan, a white-collar criminal defense lawyer based in the Philadelphia office of the Fox Rothschild law firm. "Always tell the truth," he said.

White Papers »
Top Solutions and Tools to Prevent Devastating Malware
Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring (FIM) tools that provide immediate alerts. This white paper has been brought to you by NetIQ, the leader in solving complex IT challenges.
Identity Governance: The Business Imperatives
This white paper describes the business challenges and opportunities that are driving interest in Identity Governance while discussing considerations your organization should make to help achieve project success.
CA Technology Brief: CA Point of View: Content Aware Identity & Access Management
This paper explores the concept of content-aware IAM, describes the integrated architecture for this new approach, and highlights the benefits that this approach provides.
Measuring the Business Value of CI in the Data Center - IDC-HP White Paper
One of the key strategies that IT teams are pursuing to reduce capital costs while boosting asset utilization and employee productivity is the transition to highly virtualized data centers. However, IDC finds that expectations for further boosts in IT asset use and operational efficiency often surpass the actual results for a variety of reasons. These problems can quickly overwhelm any hoped-for benefits as the scope of virtual server deployment expands.
Accelerate time to application value
For your IT organization to keep pace with the business, you need a new, faster approach to infrastructure deployment-an approach that increases agility and accelerates time to application value. That's HP Converged Systems. Built on Converged Infrastructure, these systems deliver the industry's first portfolio of pre-integrated, tested, and optimized infrastructure solutions for applications running in virtual, cloud, dedicated, or hybrid environments.
Business Value of Blade
The nature of the blade platform makes system management, monitoring and provisioning easy and efficient. Access this resource to learn how blade migration will save your data center time and money while increasing performance.
Webcasts »
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as support considerations
Quantifying the Business Value of VMware View - Webcast
Many enterprises have discovered that the use of virtualization to support desktop workloads creates a range of significant benefits. These benefits include price efficiencies, improved IT management and greater agility and choice for end users.

This VMware sponsored webcast with IDC will provide both quantitative measurement of the business value -- defined as the expected ROI -- and qualitative analysis associated with the use of VMware View™. IDC will also provide an analysis of the View Composer and ThinApp™ features of VMware View, including the business value of these solutions and an overview of how they work.

Attend this webcast to learn about:
- Challenges and barriers that might impede the adoption of desktop virtualization
- Navigating roadblocks to facilitate a strategic implementation
- Optimizing qualitative and quantitative benefits to IT and your business
Architecting a Modern Approach to Data Management
Applications are changing - they're increasingly web-oriented, global in nature and run from multiple device types. Additionally, the volume of data is growing exponentially every year. How do you ensure your applications have fast, accurate, up-to-date information in this new world? Modern applications are data-intensive; delivering data the old way using monolithic databases isn't working. What's needed is a modern approach to data. One that scales-out as needed and delivers predictable high performance, but without sacrificing data consistency or integrity.
Introduction to VMware View 5
VMware View™ 5 simplifies IT management while increasing end user freedom by delivering desktop services from your cloud. Building upon VMware's leadership in desktop virtualization, VMware View 5 delivers a high-performance user experience while giving IT greater policy control.

View this webcast and find out how VMware View 5 can help you:
- Deliver the highest fidelity experience of desktop services across any device and any network
- Simplify and automate IT management, security and control of desktop services
- Reduce the costs associated with your desktop environment
The CIO's View: Time-to-Value Through Automation
IT professionals are being asked to deliver faster "time-to-value" than ever before. An IDG Research survey found that CIOs are eager to invest in technologies that will enable them to get new applications and services up quickly, achieving faster time-to-value.
5 Steps to Successful IT Consolidation
Learn how to reduce IT management overhead, ease revision control, guarantee data security, scale systems more quickly and reduce server and software costs.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Top Solutions and Tools to Prevent Devastating Malware

Identity Governance: The Business Imperatives

CA Technology Brief: CA Point of View: Content Aware Identity & Access Management

Measuring the Business Value of CI in the Data Center - IDC-HP White Paper

Accelerate time to application value

Business Value of Blade

HP CloudSystem Matrix: Managing at a Higher Level

Virtual Infrastructure Yields Real TCO and ROI Advantages

Quantifying the Business Value of VMware View

TechRepublic: Cloud Computing - Potential Value for Your Company?

Forrester: Economic Impact of Switching to Google Apps

HBR: What Every CEO Needs to Know About the Cloud

VMware Delivers a Modern Approach to Data Management: Solutions Brief

VMware View 5 Performance and Best Practices

Desktop Total Cost of Ownership: 2011 Update - Gartner Research

The Next Step in the Evolution of SaaS-Managed TMSĀ®

A Power Brand Gains Strength Through Managed TMS

Supply Chains: Where to Find the Biggest, Fastest Transportation Savings

How to Source, Implement and Manage a Transportation Management Solution

Going Global: Building a Sustainable Logistics Model in the Age of Globalization
Resource Center
buy a link »
Ads by TechWords