I’ve been following the rather long and confusing story of millions of “missing” emails from the George W. Bush White House off and on in the blog for some time. This week, the White House settled lawsuits relating to these missing emails that had been brought by two groups, the National Security Archive and Citizens for Responsibility and Ethics in Washington.
The loss of these email messages and eventual recovery of 22 million “newly found” messages seems to have been extremely costly and serves as a reminder to all organizations that, if they haven’t thought about and planned for electronic discovery of email, it’s probably time to do so. As I’ve noted repeatedly here and in the press, at least 25% of enterprises are faced with a subpoena each year that requires them to produce employee email. (You can find this and other related statistics in our annual Outbound Email and Data Loss Prevention report.)
Media coverage of the White House’s settlement of these lawsuits has exposed some interesting information about the White House’s IT and email security practices that are worth sharing here.
Computerworld has a good article (”‘Lost’ Bush e-mail settlement requires that White House reveal IT practices”) that notes that the emails in question went missing due to “what may have been one of the messiest e-mail platform migrations ever,” saying:
The e-mail problem began in 2002 and 2003 after the White House moved from Lotus Notes to Microsoft Exchange. As it moved to the new platform, the President’s IT staff also discontinued use of legacy, circa 1994, electronic management and archiving system, called Automated Records Management Systems (ARMS.) Development began on a new archiving system that ran into its own issues and wasn’t implemented.
Without an automated archiving system, the White House relied on manual processes to archive e-mails, and that’s when the problems evidently began. Files were mislabeled and commingled on back-up tapes containing all types of information.
If that sort of manual email retention and recovery process sounds familiar, maybe it’s time for your organization to consider a more robust technology solution for email archiving. (Email archiving is the topic of our next live webinar, being held January 13, 2010 – you can register for that free web seminar here.)
For a good summary of the entire saga of the missing White House emails, see this Atlantic Wire story which includes links to a number of external articles that reflect on a number of different legal, technological and political dimensions of this story. See, “The Strange Story of 22 Million Misplaced White House Emails.”
One more related media item that I thought was interesting is this audio interview that played on NPR this morning wherein Meredith Fuchs, general counsel of the National Security Archive, talks to NPR’s Ari Shapiro about the missing Bush emails and about whether the current (Obama) administration is meeting its own promises to be more transparent.