Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Judge Thinks Delete Should Mean Delete 304

leighton writes: "According to The New York Times (free registration required, for those who care about such things), a prominent judge recently wrote an article saying that the delete key should actually delete things, not just hide them away where lawyers and skilled computer geeks can get at them years later. Specifically, he proposes that a statute of limitations be imposed upon electronic messages--that, for example, an obnoxious email you send today could be held against you for six months and six months only." This is an astonishingly insightful idea - since electronic communication has changed the lifespan of casual conversations from ephemeral to permanent, it's possible for the law to change its standards to restore that ephemerality. The judge's original paper is linked off of The Green Bag.
This discussion has been archived. No new comments can be posted.

Ode to the Delete Key

Comments Filter:
  • everyone has the ability to delete things via a file shredder, but microsloth and every other OS doesn't want that functionality in the software. Lawyers and the Fed's, I'm sure, are horrified at the idea that someone in the judicial branch of the government would want such a law that would protect the citizens. Imagine.. They couldn't scan the hard drives of employee's computers when they suspect that there was a donut conspiriacy. Business owners couldn't pull up all that deleted email from the ex-employee, etc....

    Me? If it's senistive I shred the file - and then it was encrypted to begin with. but then my swap area isnt encrypted, and how about the temp file my word processor used.....

    I'd love the law, but the feds will not allow it.
  • by Black Parrot ( 19622 ) on Friday October 06, 2000 @03:30AM (#726736)
    Then we'll start seeing things like -
    Six months and one day from now, you will be a dumb fuck. Sue me.

  • This would probably be opposed by the FBI, CIA, and NSA, due to the fact that it would undermine the entire motive behind Carnivore: to hold people responsible for their actions on the Internet, and to log e-mails and chatrooms all over the parts of the Internet under their jurisdiction.

    Big Brother is watching you, your honor. He is watching us all, and he is preparing to incarcerate me for what I just typed. I'm not afraid, though; I win either way, either as a martyr or a hero.

  • IANAL, but last time I checked, info gleaned from the trash was admissable under certain conditions.
  • What about hate speech - even one instance?

    What about criminals conspiring to break the law - their emails to each other are inadmissable after 6 months?

    Now admittedly the judge deals with both of these examples by saying glibly that there should be no statute of limitations on being a "jerk" or having a "pattern" of illegal communications.

    I think that a law to have a "statute of limitations" on things said in emails would have to be so narrowly drafted as to be unenforceable.

    Oh, btw, IANAL if it isn't obvious already!
  • by Matt_Bennett ( 79107 ) on Friday October 06, 2000 @03:33AM (#726744) Homepage Journal
    When I post something, it pretty much becomes a matter of public record- it is out there, out of my control. The only proof of the date and time I posted it is as ephemeral as the text that I posted. And both can be easily changed by someone leaving no indication that the text has been changed.

    Realistically, I don't think we should be held (legally) liable for those things that we post unless it has some sort of secure, verifable, signing mechanism- there is no way to tell who is really posting a message, or what has happened to it after it has left the author's system.

    Delete = gone is nice- We have that option when it comes to shredders and incinerators for our paper correspondence, I think the concept has to be a bit more fleshed out to be truely applicable to the digital medium.
  • But what about backspace? Shouldn't delete also give you back space on your harddrive instead of stuffing items in Trash bins? ;-)

    Seriously, why won't they rethink keyboards and actually have both a Trash and Delete key?

  • by Anonymous Coward
    In the past, I've worked for a number of police organisations as a consultant. A very common question is "Can you find out if he's deletedf anything incriminating?", to which the answeer is usually yes.

    What usually happens is that the evidence is for far worse crimes than they were originally accused. For example, someone brought in for drunk driving may have a lot of large drugs deals hidden away somewhere. Or evidence of conspiracy with communist agents (One for the secret service)

    So what should the police do if they find incriminating evidence like this when looking for something, if they then find that its 6 months out of date? Say "Oh sorry Mr. Evil. We thought you might be guilty, but it turns out that that was last year, so you're probably a decent law abiding citizen now"?
  • by levik ( 52444 ) on Friday October 06, 2000 @03:35AM (#726751) Homepage
    I, for one, think that the ESCAPE key, should allow you to escape. Say I'm sitting at work, bored out of my mind with my boss on my ass, and wishing that I could just get the hell out of there. Escape key should really do what it advertises.

    And the space bar.

  • by don_carnage ( 145494 ) on Friday October 06, 2000 @03:35AM (#726752) Homepage
    ...that all keys should mean what they say. "Hmm...I think I'll order a TAB." -- Homer

  • by The_Messenger ( 110966 ) on Friday October 06, 2000 @03:36AM (#726753) Homepage Journal
    This is really an interesting proposal. What USENET, and now the WWW, have shown is that information online never really dies -- I'm sure many of us can go through USENET and mailing list archive services and find embarassing rants and flamewars of yesteryear. My question is, in what context would such a statute of limitations truly be useful? Not in a personal context, surely... and in a legal situation, it might not do much good. For instance, what if the e-mail/posting/whatever contained evidence absolving you of a crime, but was ruled impermissible because it was from a year ago?

    What is the judge worried about, anyway -- his wife finding his online porn stash, or e-mails to his mistress? Just use decent encryption and utilities like PGP, and you'll be fine.

    This judge really sounds paranoid. What he needs is a secure delete program, an operating system which doesn't store remnants of temp files everywhere, and an sledgehammer to "obfuscate" his disk when he gets a new PC.

    All generalizations are false.

  • Does that mean that if you send it, you think your mail is magically "gone" after six months? If you send it to me, I'm sure to save it for at least six years. Can I not trot out your old e-mail against you?

    And what determines how old is old, anyway? The headers? Does this mean my forged e-mail headers are now legally admittable evidence that my offensive letter is seven months old?

    I hope this receives more careful thought than other bad recent computer laws, such as the DMCA.


  • by cluge ( 114877 ) on Friday October 06, 2000 @03:36AM (#726755) Homepage
    While I agree with what the judge envisions he needs to remember a few things.
    • In a large corperation the mail server is backed up, and there is usually a storage schedule for backups. Unless you are getting your mail from home, it's most likely on the back up tapes
    • With SO many people complaining that they "accidently" deleted things (thus the need for a "recycle bin" Can you see whats going to happen when you give the secretary at your law office a "REAL" delete key?
    • How much overhead does a real delete require?
    • People save the silliest things (I have email going back 6 years myself) If a company TRULY wants to prevent e-mails from past generatiosn coming back to haunt them they need to teach their users to delete mail older than x number of days (and destroy backup tapes older than the same also!)

    Like anything, the solutions isn't as obvious as those non technical people would like it to be.

  • by mpe ( 36238 ) on Friday October 06, 2000 @03:37AM (#726756)
    IANAL, but last time I checked, info gleaned from the trash was admissable under certain conditions.

    Anyway nothing requires criminals to place incriminating documents in the trash, they could shread, pulp or burn them. Why should electronic documents be treated any differently?
  • by Anonymous Coward
    If someone sends something obnoxious via US mail, can that be held against them for more than six months? If so, having a different set of rules for e-mail is wrong. People should be held accountable for their actions.
  • every other OS doesn't want that functionality in the software

    but then my swap area isnt encrypted

    Well, if you used OpenBSD [openbsd.org], you wouldn't have to worry about things like that. For example, it has an encrypted swap space, using Blowfish 128bit encryption. Open Source software is likely to come out far ahead on this front, since they are uninhibited by things like slow response time to requests for software features. If there are enough people who want a feature, they just code it right into the OS themselves.

  • by Bobman1235 ( 191138 ) on Friday October 06, 2000 @03:37AM (#726759) Homepage
    A statute of limitations? Something's either admissable or it isn't. If you send someone an email telling them you're going to kill them and you're put up on murder charges six months later, what makes it any less admissable then? In my opinion it shouldn't ever be admissable considering how easy it is to fake an email, but that's not quite relevant...

    As for the "delete" key, anyone who works in sensitive information knows how to fully delete something. A lot of times (in fact most of the times) a normal Windows or whatever user would prefer that their data isn't permanantly lost when they accidentally hit the delete key. There's a reason that stupid "recycle bin" (or the original Trash Can from Mac) ever became popular-- people screw up.

  • For the past few years, I've been careful to use my work email only for work. Besides the fact its hard enough to manage my personal email without getting it mixed up with work, I don't want to give my employers a tool to screw me with. I don't want to try to explain myself to Mike Wallace and the 60 Minutes cameras over a dumb email I might have sent years earlier. But further back I used work email like a madman, and I seriously doubt my old employer has backup tapes of all their email going back to '94. Their backup system was poor and we'd lose data over a file server crash, routinely. However when I worked at a government installation, I'm sure whatever I wrote will probably outlive me in a archive somewhere.
  • This is what happens when people in high regard and with incredible responsibility finally realize what the implications of this technology are on their lives. This guy Gets It(tm). He knows that when he is writing a friendly email to another judge it can easily be used against him as bias/prejudice/reason for appeal.
    There are two ways of looking at this. This could be good (for those who do not mean any harm). Or this could be really bad. This means that people can now get away with death threats and such (it can't be used as evidence against them) if they don't get caught within 6 months.
    I think the length should be 1 year. That way people should REALLY think hard before they write that flame for alt.your-fav-group.your-fav-fetish
    There should be a road sign, everything you loggon to the net - "Beware, anything you say can and will be used against you in a court of law, now go have fun!" Hell, I don't remeber what I said posted last week, by /.'s DB sure does.


  • by billybob2001 ( 234675 ) on Friday October 06, 2000 @03:41AM (#726767)
    Where can I get an automatic keyboard? Mine has 2 shifts!

    Several times a day I lose ctrl, need to pause or even have a proper break, and at the end of the day, I go home.

  • He does raise a interesting point. Why can't we safely delete unwanted files and not have them come bite us later on?
    Well, actually, we can. There are several companies out there that provide software and hardware-based data encryption solutions. If privacy and sigil are so paramount to us, we can use any of these to insure our deleted items stay deleted. For example, among these encryption packages, pgp.com has several useful utilities that will 'shred' your free diskspace, to prevent data recovey on Windows environments. A simple google search also yelds rought 34k matches for filesystem encryption under linux and other OSes.
    Bear in mind that although you have the right to privacy, when you're working for someone, the fine print often says that anything you write/save/delete/is_on_hard_drive_of_computer_use d is their property. They have the 'right' to examine it and do with it as they please.
    I doubt there will be any mainstream OSes with built-in file and filesystem encryption enbled by default, since it would make many people unconfortable. God help us all ;)
  • after reading the article, it seems that the judge only addresses part of the problem (if it is to be considered a problem). As stated above, he suggested that there be some kind of wait period after which deleted digital information can't be used in court. The article says this would be analagous to the information being consigned to the trash, are documents recovered from the trash/dump/wastepaper basket admissible?

    Also, when something is deleted, what happens to it? I'm not terribly familiar with the inner workings of any OS (I'm a hardware person), but where does the information go? I mean, does it stay on the harddrive and is simply not referenced until you write over it? Once you write over the information can it be recovered? If I delete 2 GB of mp3's from my harddrive, I am told I now have 2 more GB of free space. Does that mean that the information is gone and unrecoverable without special tools, or it's just hidden and I should be able to get it back, or it's completely gone and the bits have been wiped? Or, are the bits not gone until they are overwritten?

    Is there a way to change how an operating system or file system deletes files? Could a program or subroutine be made to go through and fill all dereferenced HD space with 0's or something? Or would the information still be recoverable from under those 0's somehow?

    I don't know if suggesting legislation for this would be the best course of action. Especially if there isn't a way of telling when files are deleted. Even if there is a way to tell, what's to stop the people who can recover deleted information from changing the flag that says when a file was deleted (if such a flag exists)? If the only people who can retrieve deleted information are 'experts' and these 'experts' are employed by people with lots of money who are trying to find dirt on someone else...ok, I'm probably being too paranoid never mind.

    ::sigh:: one of these days I'll contribute something other than more questions.

  • <Flamebait>
    If people are too bloody stupid to work out how to delete things properly, or use strong encryption to prevent invasion of privacy, then they deserve everything they get.


    Actually, I believe you can make a case for this argument with some sensible provisos. Once such that immediately springs to mind is that the information so obtained (regardless of age) should have been obtained both Legally and Ethically (leaving open the argument that Carnivore, Echelon, UK's RIP etc fail at least 1 of those tests).

    Personally, I'm in favour of providing technological solutions to technological problems, rather than wrapping-around a legal "hack". In An Ideal World, the technology would transparently handle secure deletion and/or copy-protection (for email) for you, thus negating the need to involve the blood-sucking fraternity in the first place.

    If this statute of limitations had been in force, the DoJ's case against Microsoft would have been severely weakened (didn't they refer to years-old email from billg spouting anti-competitive tactics? or was that a previous lawsuit?)
  • If Delete really deletes, does "home" bring me home? im sure it saves me tons of money in fuel. And when reading books I'd prefer to press page up and down instead of all that fiddling with pages myself. So if i need to go home from work i just do: "Home" "Enter" tada!! bunny
  • Aha! This is cool, but then is there a way to have the computer pick it's own salt and key each time it is booted for that encryption? that way you cant be hauled into court to reveal the passkey to access that encryption? adding random events into that system will make it almost truely un-crackable and therefore un-litigatable..

    that would be really cool.
  • Carl is talking about liability regarding email. There are two issues here.

    • Liability from something in the email. "Here is a copy of my windows Cd, here is how you install it..."
    • Evidence from the email. "Hey Sal, if that guy doesn't pay that 5 large tonight, break both kneecaps this time."
    In a case (either civil or criminal) it usually takes more than six months to discover the crime/wrongful act and get to discovering the email. If that was a law, a good lawyer would just delay for 6 months and claim that the emails are not admissible anymore.

  • Carnivore is not designed to go through email archives. I like the judges idea, it has merit to it. I also do not understand peoples reaction to carnivore, the Internet should be free but not lawless. There is a very important differance between the two.
  • The Delete key queues files for deletion. The recycle bin actually deletes the file and (if you have privacy utilities installed) wipes it.

    Seriously, why won't they rethink keyboards and actually have both a Trash and Delete key?

    I think there's a (Shift+Delete? Ctrl+Delete?) key shortcut that does this.

    ( \
    XPlay Tetris On Drugs [8m.com]!
  • Delete = gone is nice- We have that option when it comes to shredders and incinerators for our paper correspondence, I think the concept has to be a bit more fleshed out to be truely applicable to the digital medium.

    Right click on a file you want to delete in KDE2 and select the "Shred" option.

    Watch the resulting progressmeter. Pretty neat, huh?

    If you don't have KDE2, try out wipe.
  • IMO would be for the law to recognize that digital information (in this case, email) is inherently insecure and modifiable, and therefore should not be considered valid as evidence of anything under any circumstances. Think about this. Do you remember email messages you wrote or read six months ago? Probably not. Especially if you read/write a large volume of email. If someone were to fabricate a message that appeared to have been created/sent a long time ago, the person who apparently authored the message may not be able to remember and therefore refute the evidence. Essentially, you could fabricate evidence that is nearly irrefutable because neither the author nor recipient could remember well enough to testify that it is/isn't what they wrote/read. Just my $1/50.
  • What's the problem with electronic evidence? The same burdens of proff should apply to it as have applied to any other collected evidence. Eliminating it, just because it's old is stupid. Eliminating it because it can not really be tied to the accused is sensible.

    Here is a word to all you incompetent criminals, tough luck. Creep says, "That letter with the char marks on it should be thrown out!". Judge says, "Bullshit."

    This is a seperate issue from unreasonable searches like Carnivore. We should not let one bad decision force us into even less reasonable laws. Reasonable searches should not be impeeded.

  • Are you telling me the entire legal industry (police, courts etc) will just ignore evidence of crimes just because its 6 months and one day old?

    No, the courts will.

    ( \
    XPlay Tetris On Drugs [8m.com]!
  • I happen to work for a large organization [delta.com] (75,000 employees) that has a 60 day email rentention policy.

    Any items left in your Inbox or any other server-based mail folders are deleted if they are over 60 days old. Plus there is a "policy" that states that the emails are "no longer valid" after 60 days.

    The reasoning behind this, I was told, was so that the company could not be sued or have other legal action taken against them for an email written more than two months ago.

    Sure makes completing really large projects difficult, though. I can only remember things for 8 weeks!

    I don't seriously see this happening in government though. Does the judge mean to apply this to Criminal cases? Civil ones?

  • by bdavenport ( 78697 ) <spam@sellthekids.com> on Friday October 06, 2000 @03:53AM (#726797) Homepage
    he's not talking about posting of stories to public forums. read the article and then the paper. he's overwhelmingly talking about items contained on our personal HDDs: email, notes, papers, spreadsheets...ie personal stuff.

    the expectation of his paper is to raise the idea of "when does something you deleted die?" his fear is that it doesn't. ever.

    but as a general question: what makes email i delete any different that voice tapes i erase, which later can be recovered? are we going to excuse Nixon now? where do we draw the distinction between media types?
  • Psst... Hey, buddy... Wanna buy a new mail protection program? You can keep all your email for later reference, but after six months the cops can't use it. Sooner, if they don't notice the file timestamp is odd...

    See this directory called "Deleted"? There's all your mail, nice and safe...

  • I agree: If it's public communications -- that is, you sent to somebody else, through e-mail or Usenet or IRC or whatevah -- it should be admissable. (It should also be taken in proper context, too: Words are often just that, words. People say all kinds of things that mean nothing. Anybody in law should know that.)

    If it's private -- if you composed it on your own machine, and never sent it to anybody -- then, yeah, there should be protections. But in many cases the private sector already has protections that make legal reform unnecessary: As you say, a decent secure delete program should take care of it. I'd guess that the judge is unaware that such things exist, though we should applaud his effort to think about the rights involved nonetheless.

    Francis Hwang

  • Eventually, the governing power will become too corrupt for its own good, and will start passing intolerable laws. Then we will have to rise up against them. But right now, the governing power has not been given the tools to smite us down. We are free, for now.
  • does it stay on the harddrive and is simply not referenced until you write over it?

    In most systems, yes.

    Once you write over the information can it be recovered?

    Law enforcement can get at several layers of deleted data.

    Is there a way to change how an operating system or file system deletes files?

    Create several large files (to fill up the HD within epsilon), overwrite them several times with random data, and "delete" them.

    ( \
    XPlay Tetris On Drugs [8m.com]!
  • ANAL, but last time I checked, info gleaned from the trash was admissable under certain conditions.

    Here in .uk we have a character known as Benjy "The Binman" Pell, who's career is built on rummaging through the rubbish bins of the rich and famous (and more productively, those of their lawyers and agents) and selling stuff to newspapers.

    Unfortunately in the Real World, many people who should know better can't even "delete" paper documents, let alone electronic ones. Whether ot not it's admissible in court, some of the stuff he comes up with can be very damaging to people's careers. A legal limitation would be nice, but there's no substitute for educating people about the value and persistence of information and the need to consider this.


  • by nihilogos ( 87025 ) on Friday October 06, 2000 @04:01AM (#726819)
    What the judge is proposing is a statute of limitations of 6 months on such data. So even if it is backed up somewhere it won't be admissible as evidence.

    Of course, inadmissible evidence is extremely useful in persuading jurors from time to time.
  • The judge quite clearly states, "perhaps six months for an isolated message." Isolated, not part of a larger, longer investigation.

    And a little further on:

    "If, to the contrary, there was an objective continuation of the challenged conduct, or a continuing pattern of wrongful acts, the cyber statute of limitations would be tolled as any other."
  • Just as people can get shredders to destroy their paper correspondance, there are some softwares that you can get which make your deleting much more permanent. What it does is hash and scramble the content of your file several times before finally deleting it. So while there might still be some way to retrieve the file chances are that what you can read from it has no sense at all.

    Now for e-mail it's another story but I'm pretty sure that the same process could be implemented in a mail client. Anybody looking for a cool project to do? :o)

    "When I was a little kid my mother told me not to stare into the sun...
  • by TheTomcat ( 53158 ) on Friday October 06, 2000 @04:03AM (#726826) Homepage
    From a practical standpoint, it is incredibly simple to forge a timestamp. If this document is about to "expire", I could just update the timestamp (touch for instance).

    The only practical way I could think of in the 30 seconds I devoted to making this work is through a trusted third party that stores timestamps in a secure manner, and can be used as a reference. But don't expect people to have a third party stamping mail for them. I certainly wouldn't trust this 'generally trusted' party.
  • I understand what the judge is envisioning, and I have to say that I agree with it and I disagree with it. (I love duality...)

    I don't like it because it is possible that a crime could be commited where the only evidence is in a digitally signed email sitting on some guys harddrive. If a statue of limitations is passed on the admission of emails (or other digital documents) into a court of law, that effectively changes the statue of limitations for crimes to 6 months if the only evidence is an electronic message. For instance, murder has no statue of limitation, but if the only evidence is an email... well then the statue of limitations suddenly becomes 6 months. I don't know if I like that idea.

    There are also aspects of this idea I like. I like the idea that correspondence not meant for public consumption will not be legally admissable after six months. We all have said things in private that were stupid and that we regret later on.

    Either way, I think that this should only apply to personal correspondence. If someone posts to some type of public forum (such as /.), those records should be available for as long as the administrator of the site sees fit.

    We have to be responsible for the things we say in public.
  • What a bad idea when it comes to businesses who make thier living online. There's no real boundry set here for the ideas - just the other day, it became 'legal' here in the US for an electronic signature to become a legally binding contract. This includes web forms, faxes, and yes, email. Now, if email becomes 'null and void' after a 6 month period, then what the heck... it kinda makes that worthless!

    However, this gets into another debate - why should there be a difference between something you write in a magazine in the real world (or any other pen and paper medium) and email? You are held responsible in the real world for your actions, and I really do believe you should be held responsible for the crap you do on the Internet. Why should it be different?

  • I didn't say that I'm already a martyr or a hero, I said that I'm taking action which might lead to one of those. Take off those blinders and read the post without alternating glances with your gilded, titanium bound copy of "Kernel Hacking, 5th Edition."
  • Overwriting tools have been available for years and the ammount of time required to use them is very small.

    Overwriting tools are useless when forensics experts arrive on the scene. Even hard drives that have been wiped with the standard I can never remember (wipe with all ones, then with all zeroes, then with alternating ones and zeroes) are still recoverable.

    It all boils down to how much is willing to be spent on recovering the data. "Shredding" computer files is not sufficient, especially when prosecutors are motivated by potential millions in settlement (ala Microsoft). Anything short of encrypted swap/file space is asking for it in the long run.

    The point of the judge is that if someone has made a reasonable effort to delete something, then it should be considered to be deleted.

    Otherwise, anything that you have ever said or typed which has ever been saved on a computer can and will come back to bite you. Ever posted a flame to usenet? Ever sent a naughty picture via email? Ever accidentally clicked on a goatse.cx link? It's been recorded, somewhere.


  • First, a point of clarification. It doesn't look as though e-mail that one actually sends qualifies as "deleted." It sounds like this proposal covers the draft that you wrote before you sent it (the one in which you referred to your boss as "that pompous windbag") which currently might be used against you if it was found on your computer (even though you removed the phrase in question from the version you sent).

    On a related note, it would be great if deletion were just as simple as emptying the trash bin in Windows every now and again. However, a lot of incriminating data can be found in the nooks and crannies of file formats like MS Word (yes, I know this wouldn't be a problem if we all used Linux or BSD but we don't). Your non-incriminating copy of a file might still contain a buffer full of incriminating text that you had carefully erased.

    My personal opinion on this sort of thing is that it really depends on the nature of the crime. If one actually hurts someone, deleted information relating to that should be fair game. However, if the act of deletion makes the data harmless then it should be ignored. For example, if I write an e-mail message to a co-worker that could be construed as sexual harassment, but I cancel before sending it, it would be unfair to use the leftover draft of the unsent message to demonstrate a pattern of harassment. Similarly, if I write a letter in MS Word and delete a paragraph about how the recipient and I should kill my husband, but I delete the paragraph before I print and mail the letter, the file recovered from my hard drive should not be used as evidence of conspiracy to commit murder. The key question seems to be does deleting the data effectively reverse the intent behind creating the data? If it does then one shouldn't be held accountable for it, but if not then it should be fair game.
  • by theonetruekeebler ( 60888 ) on Friday October 06, 2000 @04:23AM (#726859) Homepage Journal
    A statute of limitations? Something's either admissable or it isn't.
    Yes, it is admissible before the statute of limitations expires, and inadmissible after the statute of limitations expires.

    The judge is not talking about criminal law, but civil law. In criminal law, evidence does not "expire", but as you cannot be prosecuted for certain crimes after a given period of time has passed since the alleged offense, the evidence is moot. The idea is that you shouldn't throw a forty-year-old man in jail for a red light he ran when he was eighteen. I should point out that in most jurisdictions there is no statute of limitations on murder and other infamous crimes.

    What the judge is trying to do is limit the viability of e-mail in civil litigation. Hypothetical situation: four years ago one of your coworkers made a huge, obsessive, gigantic stink about something, and you end up wasting an entire week chasing shadows as a result. When you tell her she was wrong and wasted your time, she fires off an angry e-mail to your boss. Your boss forwards it to you with a note attached, "What's this about?" You reply, "Remember how I showed you that Foobley component wouldn't work in the Warbley project? She's still bitching about it." He writes back one line: "I figured as much."

    After four more years of similar raving nonsense on every single project she's on, nobody takes her seriously about anything anymore. Feeling like there must be some other reason she's been ostracized, she quits the company and sues for sexual harassment. All e-mail records from every employee she has ever worked with get subpoenaed. Your e-mail from four years ago is dredged up. And in it, ladies and gentlemen of the jury, this bigoted, sexist monster used the vile, derogatory term "bitch" to refer to my client, a person of gender! This degenerate, immature pig used vicious, defamatory language in the workplace, thereby creating a hostile work environment for my poor victimized client. And instead of taking immediate corrective action, this penis-monster's boss, another penis-monster, conspired to agree with the characterization! There was collusion, sexism, and conspiracy at every level of this corporation to single out this innocent victimized woman. Therefore this penis-monster and his employer owe her one million dollars plus another twenty million in punitive damages.

    Fun, huh?

    Look---I send a lot of e-mail to coworkers who are only two or three cubes away. That way, our conversations can be asynchronous. The fact that we are using a written medium does not mean the conversation is not intended to be casual and ephemeral. The fact that I delete a piece of e-mail means that I consider it no longer relevant; either that I no longer endorse what it says or that I believe its context has disappeared. Say your boss is a Cardinals fan. He starts ridiculing the Braves in front of you and another Braves fan coworker. You tell him right to his face that he's full of shit, and he laughs and asks what the weather will be like in Atlanta for the last game of the series. Later, you send coworker an email that says "He's so full of shit!" You weren't talking about his qualifications as a manager; you were discussing his bogus sports opinions. But taken outside the context of the previous conversation, and your company has grounds to deny you a raise or fire you. After all, there it is in black and white, you saying your boss is full of shit.

    I believe these are the sort of situations Hizzoner was referring to.


  • by werdna ( 39029 ) on Friday October 06, 2000 @04:29AM (#726866) Journal
    I dissent.

    1) This is a recipe for disaster, where one can spend even more money litigating the virtual ephemerality than one spends on discovery. (We already spend more money on discovery than we do in preparing trial materials on the merits.) Still further, we can defeat this by simply replacing archives with "deletions," knowing that we can recover the data if we want it, but defeat discovery by claiming it was "deleted." Rather than create legal fictions in lieu of reality, why not simply put on those who intend to destroy things the burden if doing it well?

    2) Even if it were practical, why are we treating discarded information differently from other non-discarded information? Why should we be permitted to go into the deep archives of a building to find smoking gun memoranda long thought destroyed, but not into the interstices of a hard disk?

    3) It would be one thing to say, "no, we won't permit discovery." It is another thing to create some special-purpose exception to an exemption to a rule, knowing the rule to be filled with unanticipated consequences.

    But the real problem I have with this proposal is more fundamental -- the proposal has the effect of concealing the truth without any other clear benefit.

    It rewards a guy who meant to conceal some truth, probably reliable evidence in view of the effort, by concealing it after he screwed up in trying to destroy it.

    There exist a host of rules (materiality, hearsay, best evidence, the exclusion rule for profits of an illegal search) during legal proceedings that keep evidence from finders of fact, but those rules tend to support other policies, such as reliabiity, civil liberties, and even oxymoronic judicial efficiency.

    This proposed rule exists solely to make relevant, reliable evidence inadmissible. That doesn't, at least to me, seem just.
  • IIRC the "delete" key on the Apple // computers actually did a backspace.
  • by dirk ( 87083 ) <dirk@one.net> on Friday October 06, 2000 @04:38AM (#726877) Homepage
    What the judge is proposing is a statute of limitations of 6 months on such data. So even if it is backed up somewhere it won't be admissible as evidence

    I don't see why electronic data should be any different than any other kind. If I write something down, it will still be admissible in 6 months. Same with something I say. Why should it be different if it's in an electronic format? If I throw something in the trash, is it forever gone? Not a chance. It's perfectly legal for the cops to search my trash, same with electronic files.

    As far as true deleting goes, there are numerous programs that will do it for you. Many programs have a "shredder" function, which permanently deletes a file. It's no different than a paper copy. I can throw it away, but if I want to make sure it's really gone, I have to use a paper shredder. Same concept applies electronicly. I can delete it, but if I really want to make sure it's gone, I need to use a "file shredder". Just because it's electronic doesn't make it different.

  • If you send someone an email telling them you're going to kill them and you're put up on murder charges six months later, what makes it any less admissable then?

    This example assumes so many things its ludicrous. Threatening to kill someone is a crime. The statue could easily include language that makes death threats exempt.

    As for the "delete" key, anyone who works in sensitive information knows how to fully delete something.

    Think so? My parents are lawyers. They work with sensitive information all the time, but every time I use one of their PCs I find the recycle bin containing hundreds of files they thought they deleted.

    For argument's sake, lets say my mom writes a will for one of her clients. A week later, the client calls, prior to execution of the will (which is essentially making it legally binding) and says "I found another lawyer, you're fired, buh-bye." She would likely shred any existing paper copies and "delete" the document from the computer. A year later, the client dies with a will that excludes his children from inheriting anything. Should the children be able to get a copy of the will from the recycling bin on my mom's PC with which to contest the new will, claiming undue influence or something?

  • I ordered it from one of those stupid "Things You Never Knew Existed" catalogs, as I recall. It's not a real keyboard key, it just looks like one. I stuck some tape on the back and now it's an integral part of my day: Won't compile? PANIC! Memory leaks? PANIC! Boss wants to see me "for just a minute"? PANIC!
    An abstained vote is a vote for Bush and Gore.
  • by Richy_T ( 111409 ) on Friday October 06, 2000 @04:46AM (#726883) Homepage
    And don't press Insert-Page Up-End unless you're reading a book printed on soft paper.


  • I'm not sure that I've really liked the practice declaring perfectly good evidence "inadmissible" in court - the idea that a rapist, murderer or CEO could be legally freed (and immune to further prosecution for that crime because of the double-jeopardy rule) because the judge or jury has to "ignore" a real piece of evidence really annoys me.

    It seems to me, that if even if the evidence was collected illegally, as long as there is a high degree of confidence of its authenticity (e.g., the law enforcement hasn't cooked it up to try and frame the suspect), then it should be used.

    _BUT_, the individuals responsible for collecting that evidence illegally should be punished in proportion to the manner that the illegal collection was performed (if they tortured a suspect for instance, then they should be charged under a criminal offense like anybody who tortured another person).

    Not sure what to do if you're not sure who collected the illegal evidence (anonymous tipsters) though.
  • Oh, boy, the Trash thing again.

    That's not how you're supposed to eject disks, anyway. There's a menu that's supposed to be used, and it's in fact called "Put Away" (or "Eject" in OSX). The Trash can thing is just a shortcut.

    There was actually a feature in OSX DP3 that didn't make it into DP4, and it's one I miss. If you dragged a disk over the Trash, it would change into an Eject button. Drop the disk on the Eject button, and it got ejected. Much nicer than the drag-to-the-Trash trick, which has initially scared the bejeezus out of every Mac newbie I've shown it to.

    Anyone know what happened to that?
  • by Richy_T ( 111409 ) on Friday October 06, 2000 @04:49AM (#726886) Homepage
    What USENET, [...] have shown is that information online never really dies

    It just sits around on backup tape at the dejanews offices.


  • "And if you're using Windows, traces of your files will be dumped all over the system; when I used Word I remember being shocked to find traces of old files inside them"

    If you enable fast-saves, doesn't it just log only what's changed, rather than updating the whole file? I seem to remember reading something here on /. a while back that mentioned lawyers getting into trouble after sending out Word documents that still contained information that they thought had been deleted.
  • This is different from legislating Pi to be three, how?

    The electronic record exists. Cope.

    What needs to happen is not a change in evidentiary procedure, but a shift in western culture. When juries and judges are themselves familiar with what their own electronic traces are, then they will view the electronic traces of others in more reasonable proportion.

  • One day at Iowa state, while leaving the den o the quantitative geneticists (I worked for one of them) in Kildee hall, I noticed a bit of plastic on the floor. As I got closer, it turned out to be a computer key. And sure enough, it was the escape key, which had taken its mission a bit too seriously.

    I found it hysterical, but realized that there were tragically few people with whom I could share my amusement . . .
  • If so then I do not dare imagine what would the Enter or Insert keys do... But I'd sure hit the Break key quite often.

    "When I was a little kid my mother told me not to stare into the sun...
  • ...pick up your things, walk out the door, and go home. Take a nap, think about things for a while, not important things, relaxing things. Feel all thoughts that you have about any "central authority" drifting away. It's important that you understand that we can never trust you again, but don't let it get you down, another couple weeks of rest and you might function normally again.

  • Plus, just adding a statute of limitations for email dose not mean that corperations can not use old emails as an excuse to harass a worker.

    It would be a lot easier to make a program which emailed a person a program to connect via SSL with your system to read the real email, but did not allow them to cut and paste out of the program. Your system would delete the email after they read it once, i.e. a this message will self destruct type thing.

    Clearly, a clever persn could still save the email (screen shot), but most windows users are not that clever. A bigger problem is that it would not work under Linux since Linux mail readers actually have some basic security (not executing code from email), but most Linux users are smart enough to use a screen shot, so it would not do any good anyway. Regardless, it would provide some encryption and security when sending obnoxious emails to stupid windows users.. a good thing.
  • by Luminous ( 192747 ) on Friday October 06, 2000 @05:06AM (#726900) Journal
    I've read a lot of messages responding to this article stating police authorities wouldn't ignore evidence of a crime that was 6 months plus a day old. The judge on the other had was essentially stating he believed when you deleted something, it should be destroyed completely. He was also intelligent enough to know that immediate deletion was a bad thing, that there should be some durability to it. But after 6 months, the file should be completely gone, scrambled via one of many technological means.

    Instead of a trash bin it would be a shredder and you can set the time of when the files would be atomized completely. Thus there wouldn't be any evidence for authorities to find in the first place.

    Now, is this something we really want? I don't know. But I do suspect tech criminals already scramble their files.

  • The judge's recommendation is a little more subtle. Six months and a day later, he suggests that your email isn't admissible if it is the sole piece of evidence. But if there is a continuing pattern of conversation or if there is evidence you are acting (not just talking) in some way as to substantiate your threat, the statute of limitations reverts to the time period currently proscribed by law.

    It's a nice idea. It caused me to reflect on all the times I haven't posted on USENET or other places under my own name for precisely the reasons he's mentioned. Fear of my words coming back to haunt me (due to technical inaccuracy or being taken out of context, read by a future boss, etc.) has definitely led me to post less at times. Then again, maybe this is a good thing. ;-) But I agree; lack of a time horizon for computer-mediated communications definitely leads to self-censorship, something we should be wary of.


  • The case law (as I remember it from my LEO academy) arose from a case were a major drug dealer shredded his incriminating documents and then threw them out. When he put out the trash they were fair game under the abandonment rule (no warrant required) so the police picked them up. The police then put the documents back together. At trial the defense tried to exclude these documents saying that by shredding them the defendant had an expectation of privacy and they were siezed in violation of the 4th ammendment. The Supreme Court disagreed and in part stated that the defendant should have done a better job of destroying the documents. As far as I know this is the case law that has been applied to computer files (but I'm not a lawyer...). I'd like to be able to quote the case names but I'd probably get them wrong off the top of my head - http://www.findlaw.com and search if you want to.
  • McAfee.. well Network Associates..... their PGPfreeware app does it, it can wipe a whole drive, or wipe the drives free space... and im pretty sure it can wipe files you select
  • Wait just a second! Did anyone tell him about Murphy's eLaw? What? No body told you, either?!

    Murphy's eLaw #1

    The files you thought you deleted (i.e., your browser history, old highschool love letters, and other such atrocities) never really go away. In fact, alot of times they get printed on WAN printer on the other side of town!

    Murphy's eLaw #2

    The logs for your server can never, ever, be re-constructed. Even if it was you who accidentally erased it! (don't tell your boss there was no hacker!)

    to be continued...
  • by MrP- ( 45616 ) <<jessica> <at> <supjessica.com>> on Friday October 06, 2000 @05:17AM (#726909)
    one day I was programming a joke hard drive eraser... and it just wasn't looking real enough, so i decided to have it open the files it was saying it was deleting... after i ran it i was amazed at how real it seemed... then i realized the act of openning the filed it erased their contents, i now had a hard drive of 0 byte files... only files that survived were the ones in use..... fun! :(
  • by platos_beard ( 213740 ) on Friday October 06, 2000 @05:18AM (#726910)
    From what I read the judge was NOT advocating legislative or judicial action to enforce features of software design -- if he had, I'd be quite ready to rant about it myself.

    Judge Rosenbaum points out that the incompleteness of deletions (as they stand now) is affecting the legal system and indirectly, everyday activity. Lawyers are going to go after any electronic record they can get and use it to their best advantage. Everybody has to cope with that and they do cope by restricting what they put in electronic writing. Judges and juries understand already what the status of such "deleted" records really is, but are you going to trust that a lawyer won't be able to make it appear more damning than it is? I'm not.

    This de facto self-censorship of electronic discussions is what Judge Rosenbaum thinks is a bad thing that could be improved by making sure that "delete" means "delete."

    It's unlikely to happen, but he has a point.

  • Me not lawyer, just geek, but I'll still try to interpret.

    Two years ago, you're manufacturing Meth in your basement. You get the mix a little hot, it combusts, and you manage to put the fire out before your neighbors notice, and before structural damage. "Geez," you think, "what a risk. I need to find a different hobby." You give up the Meth biz, and go straight. You delete all the recipees and customer lists from your computer.

    You've now got a great job, life is good, and you decide to call your girlfriend for dinner. Problem is, you're in Philadelphia, you're dressed in black, and you're walking past the hotel where one of the WTO exec's just happens to be staying. The police grab you, throw you into a van, and charge you as being a leader of a some vague somethingorother directed against the WTO. They sieze all your belonging, and start snarfing through your hard drive(s).

    They find and reconstruct enough of your old meth client list and sales receipts to charge you as a meth dealer, and a fragment of an old deleted JPG image of your sister's new baby, but since this is Philly, and since the kid's getting his nappies changed (and is naked), you're also going to be charged as a child porn king.

    With a statute of limitations on deleted files, none of that is admissible, and you walk. In the current state of things, you'll be spending 10-25 in a Pennsylvania prison.
  • by Anonymous Coward on Friday October 06, 2000 @05:22AM (#726914)
    After reading some replies, I have to say the Slashdotters don't Get It(TM). The judge is not saying that everyone should go back and recode. He is not saying that if you threaten someone then actually do harm to them, that after 6 months it would be inadmissible. What he is saying is the law should recognize that people are imperfect and that email is not formal correspondence. Email should be treated as a passing conversation. Sure I may threaten you in an email, but there is no way to tell from a printed word that I was joking. If I really did have a problem and the threat was serious, then there would be some sort of physical, real-world evidence of that to back it up. For example, maybe I'm stalking you, leaving threatening phone messages, egging your house, etc. The point is there will be ACTION to tie it all together. What the Judge is trying to stop is that I jokingly threaten you in an email, then years later that email is dug up out of the blue and used to charge me with attempted assault with no other evidence to back it up.
  • by interiot ( 50685 ) on Friday October 06, 2000 @05:34AM (#726917) Homepage
    I think the intent is to provide the service that the user expects.

    There are two ways to match reality with expectations: bring reality closer to expectations (through legal and/or technical measures), or bring expectations closer to reality (through education).

    Certainly it'd be nice to be able to permanently delete some things sometimes. But in general, it might hamper the industry if we force them to implement everything the user expects (and burn tax dollars for enforcement). Alternatively, the government could simply educate the user as to what's really happening, and explain to them how to get the desired results if they still deem it necessary.

    This is one nice feature of a sensational press. The wider the gap between expectation and reality, the more of a scandal it will be when the press exposes it. So the press is encouraged to work hard to find the widest gaps and "educate" the citizens about them. And the citizens don't end up paying taxes for strict enforcement of relatively minor gaps. They just "pay" by viewing advertisements, and they only "pay" for the things that really matter to them.

  • Yes it is :o)

    "When I was a little kid my mother told me not to stare into the sun...
  • by pimp ( 6750 ) on Friday October 06, 2000 @05:45AM (#726920) Homepage
    Does it strike anyone else odd that a judge is trying to define a computer function? I understand what he's trying to do by suggesting the statue of limitations, but c'mon. What if the roles were reversed?

    In a related story, prominent Silicon Valley computer engineer John Q. Programmer has written an article that legal briefs, should be brief.

    Mr. Programmer has written, "Too long have we be burdened by misnamed legal 'briefs.' Brief should mean brief." He went on to write, "I am proposing a technical solution to this problem, we should develop a data structure to hold all legal briefs in a data field of char[256]."

  • This is a horrible idea. It's just like making reverse engineering illegal under the DCMA, since technology is so advanced. Or making certain frequency listening devices illegal because some cell phones don't encrypt their communications. Legislation is no the answer. Legislation is the problem.

  • Insert will insert
    Delete will delete
    Enter will enter
    Escape will escape
    but what about Return, what about Return
    Space will make space
    And a Tab will tab text
    Shift will shift your stuff
    but what about Return, what about Return
    Control will control something
    Meta will do whatever
    Caps Lock will lock our caps
    but what about Return, what about Return
    Home will get you home
    End will put an end to this song
    F1 will certainly help you
    but what about Return, what about Return
    PS. Speaking of which, what should Break break, and why doesn't Scroll Lock locks the scroll?
  • I don't see why electronic data should be any different than any other kind. If I write something down, it will still be admissible in 6 months. Same with something I say. Why should it be different if it's in an electronic format? If I throw something in the trash, is it forever gone? Not a chance. It's perfectly legal for the cops to search my trash, same with electronic files.

    I suppose the idea is that electronic communications are faster, less formalized and contextual and not practiced in the same way that physical correspondance is.

    Personally I'd treat it equal to written correspondance for one year and after that I would give it the same legal weight as a non-recorded verbal conversation recounted from memory. The lack of context from a single email from a long exchange can be as distorting as a recounted conversation from a year ago.
  • almost truely un-crackable and therefore un-litigatable..

    In Kevin Mitnick's case, having his data encrypted meant the government was allowed to keep his data indefinitely, on the theory that it might contain illegal/contraband content. Even though the content might have exonerated Mitnick and been used in his defense, the judge presiding over the government's case would not allow Mitnick to access it. In fact, Mitnick himself was not allowed to personally access any of the computer data used as evidence against him in the case -- only Mitnick's attorney and expert witness were allowed to at an off-site location under government supervision. Read that again: Mitnick was not allowed to review the evidence the government had against him.

    You can read the court transcript here:
    http://www.kevinmitn ick .com/trans052098.html#legal_question [kevinmitnick.com]

  • Okay. I honestly don't understand how even the most expert computer forensics team can recover data that has been overwritten by ones then by zeros. Isn't this like saying that a cassette tape which held a pirated Metallica song and was then recorded over with white noise and then a clear signal is still possible to recover the Metallica song intact? The real problem, as this judge points out, is that a deleted file usually isn't deleted at all, the pointers to it are just removed from the directory tree, which means that the file just needs to be found on the disk and repointed to for recovery.

    I agree, though, that this judge's statement is nice --especially in the case of workstations at work, for which most files sit on fileservers or mail servers that get backed up regularly. No amount of deleting or file shredding hits the backup tapes. And I assume many corporations backup to a permanent backup at least once in a while, with incremental or daily backups in between.
  • Obviously you've been shopping for $12 Acqua digital watches at K-Mart.

    Try something a little more upscale! I've never walked out of a real watch shop or jewelry store with an unset watch; They insist on setting it on the premisis beforehand! Even when I have one in for cleaning or adjustment, or a new band, they'll make me stand there while they adjust my intentional three minutes of advance away.

    It's a liability thing; If they see the watch working, the customer can't come back in three nights later and claim the watch never worked, and he wants his $500 back, causing them to eat a Submariner with cheese.
  • by MrP- ( 45616 )
    real funny... thats right, i erase my hard drive and you moderate me up as funny.. how dare you! :)
  • You missunderstand my point. The idea of changing evidenciary procedure (which would be a legislative act, necessarily, yes?) would be to create a legal fiction to the effect that file traces on hds did not exist after 6 months (or other arbitrary date).

    But they do exist. And creating a legal fiction that they don't exist (in the context of a court of law) would have to have extraordinarily compelling arguments behind it. I truly cannot grant that "because people aren't adjusted to the affordances of the medium" is such.

    The suppression of evidence on the grounds that it was illegally procured (such as in an unwarranted search and seizure), has a much more compelling reason: it is the only way to put teeth into the 4th amendment.

    But we have no right not to be recorded when we ourselves press the "record" button on a tape player. We have no right not to be recorded when we ourselves commit our words to paper. To think we have a right not to be recorded when we ourselves put our words on digital media is absurd.

    To put that into the law is to privilege electronic media in a way that they are not in reality.

    Consider: The judge might have well argued that, for instance, nothing writen on paper may be considered evidence after a fixed length of time. What he is doing is suggesting that we create a class of communications media which is especially privileged, for the purpose of advancing the free exchange of ideas, e.g. that we have a medium in which things may be said with more impunity (in this case from being used as evidence) than in other media. To make an analogy, what if he argued that there should be specially privileged public spaces, in which slander laws do not apply, so that there be more free flow of information? What he suggests is no less radical.

    As interesting as that idea is, it is a massive change to both civic and cultural life in the US; it impacts all branches of government and the lives of every one of its citizen. It is literally revolutionary.

    While I'll be the last person to say all is well in this country, I will be convinced that this is a good idea only by some pretty amazing philosophical underpinnings, with which this idea as of yet most certainly has not been presented. A vague ascertion that this will remedy self-censorship (so would repealing the slander and libel laws) doesn't cut it.

    The creation of a legal fiction -- to yet further divorce law from reality, to yet further sculpt what juries see and hear -- is never a good thing; it is at best the lesser of two evils.

    And it is the equivalent of legislating pi to be three.

  • So now every time I joke to a friend on how I'm going to rule the world or smoke some crack, that in and of itself could consititute an act? How did law enforcement catch law breakers proir to email and newsgroups? If I am doing something illegal, (like stockpiling nuculear weapons or dealing drugs) then there are many real-world things I have to do. These real-world ACTIONS (buying plutonium, crack, whatever) are the proof they need to look for, not some email talking about stuff I've never did. Speech does not equal action.

    Don't be naive. Just because you can't charge someone based only on their words doesn't mean their words are irrelevant. What you say or write can be either proof for the jury after you have been caught, or a pointer towards where to find evidence.

    So lets say you are arrested and charged with buying crack, but you claim that you were just standing near the crack dealer and the cop lied when arresting you. Your email stating "I'm gonna go buy some crack tonight" is of course relevant in trying you for that night's arrest.

    Or you are being investigated for a kidnapping, and the police find an email saying "I'm going to X to buy crack, that'll make a good lure." The police will go to X and try to get further information about your actions and plans.

    They need to look for all evidence, and that includes speech. Your argument is as silly as saying "its the murder thats a crime and not touching the doorknob to get in, so why would police ever waste their time dusting a doorknob for prints at a crime scene?" Its a good thing you aren't actually involved in investigation or law enforcement.

    -Kahuna Burger

  • Unfortunately, this IS true.

    Any data written to magnetic media can be recovered - well, there's a chance, anyway. Every time data is written to a magnetic domain, there will be SOME areas within that domain that remain biased the way it was previously written. For instance, you have a 1 in one spot, then you write a zero; some atoms are still biased towards 1. The reason for this is that the heads in your average ordinary everyday Hard Disk are designed to take an average over a relatively large area of the domain, and read that as the recorded value. The incorrectly biased atoms in that domain are tossed out as noise in your everyday mass-produced hard drive.

    A forensics team can pop the platters out, and read them with an extremely sensitive head, and draw-out patterns of previous writes. It's probably extremely expensive, and AFAIK, largely theoretical; I do not know if they're actually doing this, or have ever done this. But I do know that it's possible. (as a former Seagate employee)

    There was a /. article on this a while back about how some investigator recovered an erased portion of Nixon's watergate tapes using such a technique.

    Now, as far as a single erasure goes, that's the way it works. Multiple-pass erasures increase your chances of obscuring the data, and overwriting with all 1's or all 0's is probably not the most effective means, nor is overwriting with noise, because it's randomness can be extracted by careful analysis. I would say that repeated overwriting of such data with other legitimate data, would be the best way to cover-up the residual domain biases from previous writes. How many rewrites, I couldn't say, because I'm not an expert. Maybe dozens? hundreds? thousands? It might also help to pre-load a drive with data, and overwrite it a few dozen or so times, BEFORE using it to store legitimate data. That way, there will be a noisy background on the disk prior to writing your kiddy porn.
  • by Anonymous Coward on Friday October 06, 2000 @06:51AM (#726951)
    Seems to me that most of the folks here failed Reading Comprehension 101. The judge is talking about scenarios like the following:

    1. I'm pissed off at someone and write an insulting and scathing letter to them. I save it to the hard drive.

    2. After a few minutes, I calm down and "delete" the letter. I then write a new, more civil, letter and send it.

    3. After a few months, my relationship with the recipient degrades even further. They file suit.

    4. During discover, they sopoena (sp?) my computer and discover the original ("deleted") letter. The letter I never sent.

    The question is, should that "deleted" letter be used against me in a court of law? The judge is saying, "no", it's the same as writing a draft and tossing it into the trash.

    I have no idea what most slashdotters are rambling about.

  • It's DOCTOR Evil to you. I didn't go through 6 years of medical school for nothing.
  • by Tackhead ( 54550 ) on Friday October 06, 2000 @07:01AM (#726954)
    > Isn't this like saying that a cassette tape which held a pirated Metallica
    > song and was then recorded over with white noise and then a clear signal
    >is still possible to recover the Metallica song intact?

    Actually, its not just like that, it is that.

    A good introduction to the field: A 1996 paper on Secure Deletion of Data from Magnetic and Solid-State Memory [nondot.org].

    Be warned that this paper was dated 1996. Technology has improved significantly since then. The state of the art in magnetic force microscopy and magnetic force scanning tunnelling microscopy is almost certainly highly classified.

    Your audio analogy is excellent. In the case of your cassette tape, it's a virtual certainty that the record head was "off" by a fraction of an inch when it recorded the white noise over your Metallica. (And it went "off" by a different fraction of an inch when you recorded the clear signal on top of it).

    So, a forensics dude will use tools to read the fraction of an inch that didn't get overwritten by the white noise, and the other fraction of an inch that escaped the clear tone, and reconstruct most of the Metallica song.

    The same thing works with hard drives, except it's a hell of a lot more work.

    That having been said, this technology is at the bleeding edge and costs a fortune. It's probably only used in to recover data of interest to national security.

    Your typical criminal is st00pid, and your typical FBI goon merely looks at unallocated blocks containing data the criminal thought was erased.

    A smart FBI goon will also use a tool to read sectors that have been marked as "bad" - there may be data there that the

    A good data shredder, incidentally, will take into account the model of the hard drive and the encoding method used by the firmware - when you write "FF" to a drive, you're not actually writing eight "north poles" in sequence - and write a sequence of bytes geared to "even out" the magnetic flux as much as possible.

    That said, even this isn't bulletproof. The last time I looked, the only acceptable standard in the military (and presumably in the intelligence community) for scrubbing highly sensitive data is physical destruction of the media.

    If it's your nudie pics or your company's secrets, encrypt the volume or scrub the data when you're done with it. Better yet, do both.

    If it's plans for compact nuclear warheads and you want to sell them to the Chinese government, make sure your friends give lots of money to the Democrats. Uh. I meant, "physically destroy the media after you've made the sale".

    As long as the media is intact, if the data's important enough, someone will be able to recover it.

  • Well, they're not just talking about recovering files whose entries are deleted from the FAT, but contents not yet overwritten from disk.

    There's also the emails that were deleted, but backed up to tape and archived offsite for disaster recovery purposes (most companies I know with GOOD backup plans exclude their emails from DR backups, and back them up separately so archives can be purged).

    Then there's also the issue I posted about earlier, where they can crack open a hard drive, and read the platters with a super-sensitive read-head, and extract data from the patterns - even when it's been overwritten. This is the really tricky stuff because most people don't know this is out there, so even when they try to use "shredder" programs, data can still be recovered.
  • Two words...


    Any 'timebombed' message will be vulnerable to this attack, as much to the chagrin of RIAA and MPAA any digital data is perfectly reproducable in any state/format the original exists in and can be copied an unlimited number of times. If it's in a format where it can be read then it can be copied.

    I don't understand how 'delete' helps either; the other 4 or so people a message goes out to may choose to save the message and therefore it's still available as evidence. Some people save email forever. Some of these out of UI ineptitude, and some like me archive and compress it for CYA.

    -- Greg
  • by Mr. Barky ( 152560 ) on Friday October 06, 2000 @07:11AM (#726964)

    I think the Judge's point is that e-mail has become so common that if we don't add this protection normal e-mail conversation is/will become more stifled. Making people overly consious of their e-mail may have a detrimental effect greater than letting people "get away" from something they wrote 6 months after they said it. The permanence and ubiquity of e-mail is something that is significantly different from conversation and also writing (conversation usually gets "lost" immediately and writing tends to be much more careful than "e-mailing".).

    Yes, there are programs that really will delete things, but what percentage of users do you think would know how to use them? Maybe 10%? Even if you know how to use these programs, what happens if you want to delete your e-mail a week later? Oopps you admin backed up your files. Now, there's really no practical way for you to delete it.

    I find the Judge's ideas quite interesting and definitely worth thinking about and debating.

  • Its not like there's some switch that can be flipped and all of a sudden the memory where a file was stored is filled with zeros when its deleted.
    Actually, any system rated above 'tinker toy' does, in fact, have the ability, built in, to zero out both memory and disk space upon delete. This is called a 'security feature.'
  • Nope. Formatting doesn't overwrite anything -- it just marks it as erased. But even overwritting the data doesn't necessarily help -- it's still possible to retrieve it. You have to overwrite it multiple times with random patterns to make sure it's really gone.


  • That's not a format but a wipe. Completely different operations. Even a wipe isn't entirely secure, though.

    With magnetic media, the position of the head on the track tends to drift; so while the new value may be laid down the middle, the old bits are often still detectable off to the sides if you've got the equipment to do so.

    There are other means of recovery also.
  • Just use decent encryption and utilities like PGP, and you'll be fine.

    Actually, this isn't always true. If you're encrypting a file to a key that you own (and only a key that you own!) then you are correct, but if you send me an email message which is encrypted to my key then you have no control over what I do with the content once I receive it. Additionally, it is still quite legally possible to supeona your key to decrypt the messages. Sure you can "lose" or "delete" your key, but there are pentalties for defying a supeona.

    This judge really sounds paranoid. What he needs is a secure delete program, an operating system which doesn't store remnants of temp files everywhere, and an sledgehammer to "obfuscate" his disk when he gets a new PC.

    Once again, this is limited to files which are stored locally. Email, almost by definition, has recipients, which means that you lose control of the content as soon as you send it. That makes a technology solution much more complicated (and perhaps utterly infeasable).

    Of course legal remedies have their problems as well...

  • ...with a Java viewer would do what you want. Put that's not security. That's fake security. Making people *think* their email can't be recorded (when it really can by anyone marginally clever) is worse than not doing anything at all.
  • Part of the reason the statute of limitations exists is due to the ephermerality of evidence. Seven years after the fact, it becomes too difficult to prove that someone is really guilty, so it's not worth pursuing further -- better to close the door, as you would on an unreproducible software defect, rather than allow the unsolved cases to simply accrue and accrue. At the same time, it also becomes easier to falsify traditional evidence over time, or to claim you had evidence which no longer exists (and thereby win points with a jury).

    These concerns don't exist with computerized data -- rather, they exist, but they are not related to time. You can falsify evidence at any time on a computer, so the problem becomes securing the evidence IMMEDIATELY after the investigations begin, rather than allowing hackers to mess with your forensics. Once that is done, you can be sure of the data's truthfulness (if not its bit-by-bit integrity) over any amount of time. When you're talking about Usenet and email, this task becomes even easier, because you've got redundant copies of the data distributed throughout the world -- you can only falsify a finite number of copies.

    Finally, he proposes imposing a law to make a precise and literal system ephemeral and arbitrary. This goes against the grain of what computers do, and thus philosophy should teach us that it's doomed to failure.

    For these reasons, I don't think there should be a statute of limitations on computerized data.

  • as described here [news.com].

    Basically, if you edit a Word doc with the 'fast save' feature ON, your recepient may be able to see the previous version (using 'strings' for ex). Real world example, create a doc offering someone $30,000 and save it. Then edit the offer to $22,000 and email it, they could dig into the doc and find your previous figure and hold out for a better deal, knowing you were thinking of offering more. W/ fast save, the changed are just appended to the file. I tried it and it's true.
  • Sorry, but no. *IF* I delete it, sure, take it off the record.

    But if I want to *KEEP* my mail, then it should be my right to do so, and have it remain legally real forever.

    If someone sends me a confirmation that they've cancelled my order, should they be able to bill my card six months later, knowing that the confirmation is "no longer legally valid"? Total bullshit.

The price one pays for pursuing any profession, or calling, is an intimate knowledge of its ugly side. -- James Baldwin