Any company, even the most law-abiding, can get into trouble if it’s careless about its e-mail. That’s why most companies need a rigorous e-mail retention policy—specifically, a policy that states when to throw out e-mail. Otherwise it may find itself in court one day, fighting to keep other parties from rummaging through its e-mail archives in search of damning evidence. In light of the role that e-mail has played in recent high-profile trials, particularly the Microsoft antitrust trial, you’d be wise to establish a strict e-mail retention policy—and to follow it.

Basic Rules of E-Mail

It’s important to keep these basic rules of e-mail in mind:

• E-mail is public. Never write something in an e-mail message that you wouldn’t want anyone to read. It’s a two-way communication, so there’s always another copy that you have no control over. The more controversial a message, the greater the chance that someone will keep a copy tucked away somewhere.
• E-mail is news. Pretty much any article you read about the Microsoft antitrust trial will mention an e-mail message that the company is using in its defense, or one that Justice Department lawyers are using to bolster their prosecution.
• E-mail is evidence. The report of independent counsel Kenneth Starr (www.house.gov/judiciary) refers to numerous e-mail messages exchanged by Monica Lewinsky, her friend Catherine Davis, and her confessor Linda Tripp.

The Starr report also demonstrates the folly of forgetting the first rule (e-mail is public). It alleges that after Lewinsky became a potential witness in the Paula Jones lawsuit, presidential friend Vernon Jordan told her to delete all files and e-mail messages about Bill Clinton. She and Davis had begun communicating by e-mail when Davis moved to Tokyo; although Lewinsky deleted all her messages, Davis’s copies stuck around. Whether deliberate or inadvertent, the retention of old e-mail is a potentially dangerous practice.

The Microsoft Case

Legal evidence left behind in e-mail messages can reveal a great deal about a witness’s motives or state of mind, as well as the timing of key events. It no longer matters what a witness can’t recall during a deposition—if an electronic paper trail can fill in the gaps.

In the Microsoft case, for example, e-mail figures prominently in the prosecution’s exhibits (www.usdoj.gov/atr/cases/ms_exhibits.htm). In one message, Bill Gates said that a worldwide "hit squad" should be sent after IBM. In another he seemed to suggest a cash payment to Intuit in return for their support in the browser wars. And in their messages, Microsoft engineers made statements that directly contradict Gates’s public comments about the inseparability of Windows and Internet Explorer.

The defense has also used e-mail to its advantage, including an e-mail in which a Sun Microsystems executive states that he trusts Saddam Hussein more than Netscape (see www.microsoft.com/presspass/trial/exhibits). In a 1977 message, a Netscape engineer wrote that Navigator 4.0 was such an awful product that it should never have been released. And in June 1995, Netscape CEO Jim Barksdale wrote in a "confidential" e-mail about his "very friendly" visit to Microsoft, during which top Microsoft executives offered to integrate the Navigator browser with Windows NT.

Did any of these authors think for a moment that their confidential advice and opinions would someday be read in a federal court? As e-mail becomes a mass communications medium, are people watching what they write and who they send it to? More importantly, is anyone cleaning up these e-mail systems so that these spontaneous utterances don’t someday become damaging evidence?

Legal Guidelines

Attorneys now routinely request copies of relevant e-mail in the discovery phase of a trial. "People say things in e-mail that they would never say in hard copy," said Jim Bruce, a partner in the Washington, D.C.-based communications law firm Wiley, Rein, and Fielding. Moreover, electronic communications are searchable by keyword. If a company hasn’t categorized its message archives by topic, opposing attorneys are likely to ask to see everything, so that they can go on what Bruce calls a "fishing expedition" into the company’s memory.

"It’s perfectly fine to destroy documents," Bruce said, but it’s too late to do so once they become relevant in a court proceeding. In addition, companies can’t destroy tax-related documents, and anyone doing business with the government has to follow strict document retention guidelines. But, he said, as long as e-mail is deleted according to a consistent and routine maintenance policy—not because the messages have been subpoenaed—it’s as legal as emptying the wastebaskets every night.

Companies also need to remember to delete old e-mail from backup tapes. "If they let backups pile up too long," Bruce explained, "they may not know what they contain." An opposing lawyer could fish through messages the users thought were deleted. "If you want to have backup storage, keep it for a fairly short time, and then get rid of it."

Despite the by now well-known legal consequences of e-mail retention, most system administrators are still far more concerned about purely technical issues of keeping e-mail—for example, the size of an unrestrained message store and the difficulty of backing it up and restoring mailboxes. Some companies routinely delete old messages, but they do so to reduce clutter, not to erase potential evidence. In the rest of the article, I’ll describe the e-mail policies of various companies and give you some ideas to apply to your own company’s e-mail retention policies.

E-Mail Policy Statements

Rohm and Haas, a chemicals manufacturer based in Philadelphia, has been acutely aware of the dangers of old messages since long before the Microsoft trial. According to Victor Ross, manager of corporate e-mail services, old messages are routinely deleted from an employee’s in-box after 45 days, while messages that have been moved from the in-box to a folder are retained for two years. Copies of sent messages are deleted automatically after 30 days unless they too are filed in a folder.

Ross said these policies were instituted because of how much time it took to run disk management utilities on an ever-enlarging cc:Mail message store. As Rohm and Haas upgrades from cc:Mail post offices to Domino servers, which store e-mail more compactly, concerns about the size of the message store will go away; nevertheless, Ross isn’t planning to change the company’s message retention rules. Employees have been trained to think about which messages they need to keep around and to move them into folders, and Ross doesn’t want those habits to end.

Rohm and Haas recently issued a policy statement reminding e-mail users that confidential documents should not be sent outside the company, and that users should be aware of who is on their cc: list before using the e-mail software’s reply-to-all feature. The policy tells users that they should be aware of the security risks involved with e-mail, and that they should control what they say, because they can’t always control who reads what they write.

That last point is particularly important. Ken Bisconti, senior director of communications product marketing for Lotus, said that Lotus withheld a certain feature from Notes to help breed good sending habits. "We’ve always tried to treat e-mail as legal documents," he explained. "That’s one of the reasons that we’ve long shied away from providing any e-mail recall functionality, which is requested by a lot of people who come to Notes from, for instance, a GroupWise system." (Some e-mail systems, such as Novell GroupWise and America Online, have an unsend feature that allows the sender to recall unread messages; if you don’t have this feature, you cannot recall a message.)

Ollie North and Iran-Contra

Even companies that diligently delete old messages and train users not to send confidential documents outside the company can find themselves burned by less obvious problems, such as autoforwarding. For example, Goran Fransson, chief technology officer and cofounder of TenFour Sweden AB, a Stockholm-based security software vendor with offices in Chantilly, Va., said he recently sat in on a meeting in which his company was trying to sell an outbound e-mail filtering system to a skeptical Notes administrator.

The administrator was talking proudly about how secure his e-mail system was, and how he had no need for TenFour’s filtering system. "But at that same meeting," Fransson recalled, "a user explained how he autoforwards all his Notes messages to his Hotmail account. The network administrator just looked at him and said, ‘You better not show anybody else how to do that.’" All it takes is one copy to fall into the wrong hands—stored on a stolen laptop or saved in an Internet cafe’s e-mail client—for all security efforts to be in vain.

Another problem that may escape notice is backup tapes, as attorney Bruce mentioned earlier. A vivid example of this occurred more than a decade ago, when Oliver North and his fellow White House PROFS (a mainframe e-mail system) users were shocked to find out that their top-secret discussions about Iran and Nicaragua were routinely backed up and filed away. To truly erase a message, not only must the sender and all recipients delete their copies, but the administrator must erase all the backup tapes made during that message’s life. In fact, as a direct result of the so-called PROFS case, all government e-mail messages are considered to be historical records (see http://www.cpsr.org/cpsr/foia/PROFS_CASE/).

Scott Mansfield, an e-mail specialist for pharmaceutical house Eli Lilly and Company in Indianapolis, said he regularly recycles old backup tapes after two weeks, because by then they’ve ceased to be useful for disaster recovery. Eli Lilly now uses Notes, but when he began recycling backup tapes the company was using a Digital TeamLinks system. Even then, though, old messages were never deleted. But each user’s trash folder was emptied once a week. "It was up to the individual users to police their own mail," he said.

Perot’s Company

Perot Systems, a Dallas-based information technology services company, routinely deletes messages after 30 days, but not for legal reasons, according to Michael Burchfiel, a Perot messaging engineer. On the company’s old cc:Mail system, now being replaced by a Microsoft Exchange Server network, disk space was scarce and backups were time-consuming. The new Exchange system doesn’t limit the size of the message store, and backups are performed automatically. As Perot Systems migrates to Exchange, the 30-day time limit will be dropped. However, to prevent users from becoming e-mail pack rats, the company will impose a per-user mailbox size limit.

Burchfiel said that Perot Systems has never been stung by a lawsuit that turned e-mail into evidence. "Every associate has to sign an employment agreement that covers as much of that as possible," he said. However, the agreement governs only the sending of potentially offensive e-mail, such as messages that contain threats, pornography, and dirty jokes, or that involve gambling. The e-mail in the Microsoft trial didn’t violate these guidelines; the executives and engineers at Microsoft, Sun, and Netscape were strategizing, advising, and generally thinking out loud—in e-mail. Nobody is saying that these messages shouldn’t have been sent, but should they have been kept?

Revising the corporate e-mail retention policy in light of e-mail’s role in the Microsoft trial has not been a big concern at Perot Systems, Burchfiel acknowledged. "We have thought about it, but it’s not something we worry ourselves with too much. We haven’t made any direct changes because of it. But it is kind of scary."

Quick Deletion?

At an international credit card company, the legal staff told a messaging services manager that they were concerned about e-mail retention because they didn’t want old e-mail to be used against the company in a court of law. So the messaging manager, who declined to be identified, instituted a policy that called for the deletion of any message more than 30 days old. "‘Anything of legal importance should be retained in a paper format,’" he said he told his colleagues. "‘I’ll keep backups for disaster recovery or operational recovery, not for archival purposes.’"

Executives at this company will probably never find themselves challenged in court to explain what they meant in some hastily written e-mail. However, that’s not the overt goal of the company’s policy; it’s just a consequence of the administrator’s aggressive housecleaning.

What if the legal department were to ask for seven-day deletions, or one day for certain sensitive users? What if an enterprising vendor were to add a feature to e-mail allowing senders to mark certain messages for self-destruction five seconds after they’re read? In other words, can a company legally destroy old messages just because they’re old and in the process erase the written record left by top executives? In short: yes, it can, as long as the procedures it adopts are orderly, routine, and consistent. But once a given topic becomes the subject of litigation, any further communications about that topic must be preserved.

Attorney Bruce believes that a system configured to automatically delete messages after a short time would not be sensible. Too many important documents would be destroyed, and the system might actually work against the company. Users fearful of losing old messages too quickly might print every message, creating a paper trail in spite of the stringent electronic housecleaning.

E-mail retention policies vary widely, but so far they’ve almost always been established for operational reasons, not to shield companies from legal risks. After a few more high-profile trials by e-mail, I expect that that will change.

ERIC ARNUM is the editor of Electronic Mail & Messaging System, a monthly newsletter about e-mail, fax, and telex. E-mail: earnum@rcn.com.