patrick.net

Emails are not lost given they are saved and read from server and not the client. Email systems have been around for a very very long time (+30 years) be it on the mainframe, client server, net or mobile. It has been perfected to the point you cant lose/erase them that easily. That is why you can read the same emails from PC, mobile or other device (terminal). At the server level, emails are saved to redundant storage drives. Compression and backup software ensure easy storage.

Next the IRS will tell us, that they recycle 3 back up tapes with in as many days. So if there isn't a problem by the third day that back up gets overwritten.

The IRS wan't us to think that it is ran by Mel, the Luddite accountant.

All the pretend excuses coming out of IRS over this scandal. Now Obama administration is using the "computer ate my emails." And when they go that far to hide it, it makes it very clear that they are hiding something serious.

And Obama supporters are not stupid, they get a whiff of this BS too. They understand that their messiah got caught with pants down and is now doing all to hide and run.

That hammer is coming down soon, Republicans aren't going to let this Nixonian thing go.

Entitlemented says

When HDs Crash, does it erase Emails at the Receive End?

I guarantee you that all the emails the republicans want are available at the NSA. The thing about total information awareness is that it is total. That is, it includes awareness of everything politicians and bureaucrats do.

So why hasn't the republican establishment subpoena the NSA for these records? They don't want to set a precedent that government emails wiretapped by the NSA can be used as evidence. They have a lot of skeletons to hide.

thomaswong.1986 says

Emails are not lost given they are saved and read from server and not the client.

Unless you configure your email client to download email locally and delete it on the server. Or have your email delivered directly to your PC. Or automatically purge email from the mail server after a specified retention period. Or a variety of other policies / user choices with equivalent effects.

http://stockman.house.gov/media-center/press-releases/stockman-bill-allows-taxpayers-to-use-same-lame-excuses-as-irs

Stockman bill allows taxpayers to use same lame excuses as IRS

WASHINGTON -- Taxpayers who do not produce documents for the Internal Revenue Service will be able to offer a variety of dubious excuses under legislation introduced by Rep. Steve Stockman (R-TX 36) a week after the IRS offered an incredibly dubious excuse for its failure to turn documents over to House investigators.

“The United States was founded on the belief government is subservient and accountable to the people. Taxpayers shouldn’t be expected to follow laws the Obama administration refuses to follow themselves,” said Stockman. “Taxpayers should be allowed to offer the same flimsy, obviously made-up excuses the Obama administration uses.”

Under Stockman’s bill, “The Dog Ate My Tax Receipts Act,” taxpayers who do not provide documents requested by the IRS can claim one of the following reasons:

1. The dog ate my tax receipts
2. Convenient, unexplained, miscellaneous computer malfunction
3. Traded documents for five terrorists
4. Burned for warmth while lost in the Yukon
5. Left on table in Hillary’s Book Room
6. Received water damage in the trunk of Ted Kennedy’s car
7. Forgot in gun case sold to Mexican drug lords
8. Forced to recycle by municipal Green Czar
9. Was short on toilet paper while camping
10. At this point, what difference does it make?

Stockman’s bill comes a week after the IRS refused to turn over to House investigators emails from former Exempt Organizations Divison director Lois Lerner that would implicate agency personnel in illegal targeting of citizens critical of President Barack Obama.

The IRS claimed a “computer glitch” has erased the hard drives of all incriminating evidence. The IRS further claimed the hard drives are not available for forensic investigation as they had just been destroyed for recycling.

thomaswong.1986 says

Emails are not lost given they are saved and read from server and not the client.

Depends on whether you are using POP or IMAP and how you have things set up, in addition to what your practices are as well as what email policies are. It's impossible to judge this from the outside of an organization. Also, people may be going beyond the typical IT setup.

Has Karl Rove commented on this issue yet?

I think he'd have a lot to offer here.

What was the total of lost torture and Plame e-mails during the Cheney Administration? Somewhere between 5 million and 22 million?

Whatever the configuration, the IRS IT fucks need to be hung out to dry.
We should have email records of all government correspondence backed up in triplicate from the day email was introduced.

oddhack says

thomaswong.1986 says

Emails are not lost given they are saved and read from server and not the client.

Unless you configure your email client to download email locally and delete it on the server. Or have your email delivered directly to your PC. Or automatically purge email from the mail server after a specified retention period. Or a variety of other policies / user choices with equivalent effects.

The IRS has just set the precedent for the length of time required from each of us to keep backups of anything.
6 months.

What is the point of this thread?

Email is my primary expertise. I've worked at organizations both private and public who deliberately avoid email tracing.

Goldman Sachs is notorious for this, why do you think Melvin...I mean Lloyd use voicemails and GS people use email sparingly and often end tersely with LDL. Let's Discuss Live leaves no traces for regulators to pick over.

Similarly I worked with another group who was required to run a mail server but wanted to never be responsible for FOIA requests against it's users, so they required all their users to use POP and set clients to delete mail on server after download. You want any emails mentioning Joe? Can't help you, subpoena each individual recipient and pick over their hard drives. This wasn't really about the server admins trying to PROTECT their users, it was about shifting a burden of an unfunded mandate back onto the users.

That said, those are the exceptions not the rule. The issue of backups and recovery is usually not made on conniving lines, it's made on operational decisions about cost and hassle. Running an archive with infinite ability to recovery anything from any point in time runs quickly into budget and manhour problems.

Of course any organization has a retention policy for backups. You asked me to pick over any inbox for the last 2 months sure I can do that. We don't even use tapes anymore for most things, backups go to a Virtual Tape Library, a big pool of cheap storage at 2 sites. So I can do anything within 2 months quite easily. But once you get past the retention policy period it's just gone. Very few servers are actually backed up to tape anymore and trucked off to Iron Mountain.

Google is at another extreme, they can't actually promise you that emails are ever trashed. That's an accident of their architecture and the way it squirrels data hither and yon.

thomaswong.1986 says

Emails are not lost given they are saved and read from server and not the client.

That is generally speaking true only of IMAP and web client users.

There are suprising number of POP3 users still around. One of my burdens is supporting these dinosaurs. POP3 in most clients defaults to download & delete.

Believe me this causes no end of trouble when user gets IMPORTANT MESSAGES, then OOPS something happens to their PC! Their kid did something or whatever, but suddenly their ancient Eudora shows an empty inbox.

Very Important Message arrived at 9:42AM. Client POP downloads every 1 minute, they never turn their device off, so by 9:43AM it's gone from the server. Snapshots of the inbox storage are run daily at midnight, in an atomic COW operation that completes almost instantly but only gets content that exists at that moment in time. Plenty of IMAP content, very little POP.

Then it's "Why doesn't the server back up everything all the time? Why do you only run snapshots at midnight that email was VERY IMPORTANT bring it all back!"

Vicente says

Of course any organization has a retention policy for backups. You asked me to pick over any inbox for the last 2 months sure I can do that. We don't even use tapes anymore for most things, backups go to a Virtual Tape Library, a big pool of cheap storage at 2 sites. So I can do anything within 2 months quite easily. But once you get past the retention policy period it's just gone. Very few servers are actually backed up to tape anymore and trucked off to Iron Mountain.

Any private organization. This is the IRS and is subject to the Federal Records act. They are required by law to print and archive emails having to do with policy. Here is the relevant section from the IRS website:

1.10.3.2.3 (07-08-2011)
Emails as Possible Federal Records

All federal employees and federal contractors are required by law to preserve records containing adequate and proper documentation of the organization, functions, policies, decisions, procedures, and essential transactions of the agency. Records must be properly stored and preserved, available for retrieval and subject to appropriate approved disposition schedules.

The Federal Records Act applies to email records just as it does to records you create using other media. Emails are records when they are:

Created or received in the transaction of agency business

Appropriate for preservation as evidence of the government’s function and activities, or

Valuable because of the information they contain

If you create or receive email messages during the course of your daily work, you are responsible for ensuring that you manage them properly. The Treasury Department’s current email policy requires emails and attachments that meet the definition of a federal record be added to the organization’s files by printing them (including the essential transmission data) and filing them with related paper records. If transmission and receipt data are not printed by the email system, annotate the paper copy. More information on IRS records management requirements is available at http://erc.web.irs.gov/Displayanswers/Question.asp?FolderID=4&CategoryID=5 or see the Records Management Handbook, IRM 1.15.1 http://publish.no.irs.gov/IRM/P01/PDF/31421A03.PDF).

An email determined to be a federal record may eventually be considered as having historical value by the National Archivist prior to disposal. Therefore, ensure that all your communications are professional in tone.

Please note that maintaining a copy of an email or its attachments within the IRS email MS Outlook application does not meet the requirements of maintaining an official record. Therefore, print and file email and its attachments if they are either permanent records or if they relate to a specific case.

Dan8267 says

I guarantee you

Really ? You know squat about where the emails are..

bob2356 says

The Treasury Department’s current email policy requires emails and attachments that meet the definition of a federal record be added to the organization’s files by printing them (including the essential transmission data) and filing them with related paper records.

I found the link to the section you reference as here:

http://www.irs.gov/irm/part1/irm_01-010-003.html

Nothing in there about backups and server retention policies. It does talk about printing it out for permanent record, and it seems to me that implies recipients do it themselves not server admins. So it's a bit strange why that guy was being browbeaten about backups.

Look I've sat in meetings about backups and server retention policy. They are DEADLY dull. Nobody wants to be in those meetings. Nobody wants to PAY for backups. You got stuck with it, you try to do something that passes minimal muster, then you move on to more interesting work. Frankly it's like any other "important" but rarely used function, it only gets attention and maintenance when it breaks down. It's the absolute ass-end of "nobody cares" in IT.

Some organizations get a rude shock when they urgently need to recover some old data and find their retention policies weren't adequate, or that the backup policies either had too many holes or weren't working.

All that will come of this, is new requirements and a spurt of interest and money diverted from something else to pay for improvements. Which everyone will promptly forget the importance of, and start whining about the costs until something like this happens again in a decade or three. So invest in Iron Mountain I guess.

Yes.
S.M.A.R.T. HD Technology detects the oncoming crash, and in nanoseconds quickly commands the offsite server to delete everything.
This way the hard drive stays in sync with the server, like it's supposed to.

Entitlemented says

When HDs Crash, does it erase Emails at the Receive End?

Vicente says

Nothing in there about backups and server retention policies. It does talk about printing it out for permanent record, and it seems to me that implies recipients do it themselves not server admins. So it's a bit strange why that guy was being browbeaten about backups.

I thought the phrase "All federal employees and federal contractors are required by law to preserve records" was perfectly clear. What do you find ambiguous in that statement?

bob2356 says

I thought the phrase "All federal employees and federal contractors are required by law to preserve records" was perfectly clear. What do you find ambiguous in that statement?

It seems to me a vague caution to all employees. "All employees should comply with EEOC and ADA and.... embody professional principles......always wear a hat on Tuesday.....zzzzt.."

It specifically mentions that keeping a copy in Outlook itself wasn't sufficient. Therefore I would conclude that electronic retention is not a requirement, that printing it is, which is on recipients.

Which loops us right back to why are we talking about backups? That is a server admin function. Where I work, backups are for DR & business continuity. I occasionally get records requests for various reasons and after proper paperwork have to harvest an inbox. More often than not, the requestor waited too long and it's all gone. We shrug and move on.

Your inbox on Google or Yahoo goes empty, how do you get it back? AFAICT that is the account holder's problem not the administrators.

Vicente says

It seems to me a vague caution to all employees. "All employees should comply with EEOC and ADA and.... zzzzt.."

It's not a vague caution, it's a specific law that all federal employees operate under. Electronic retention is required, if not available then print and file is required. If the IRS was recycling tapes without insuring employees were saving records then the IRS is breaking the law. Someone at Lerner's level isn't a heads down drone, she knew exactly what was required and what she was doing.

From DOJ

Can Electronic Mail (E-mail) be a Record?

If you determine that an E-mail is a record, it must be filed appropriately. Unless your component has approved procedures for electronic retention of E-mail, you must print the E-mail message and file/store it in accordance with DOJ’s overall policies and guidance.

Vicente says

Which loops us right back to why are we talking about backups? That is a server admin function.

Bullshit. Server admin's don't dictate corporate policy on records retention in any corporation I've ever worked at. If your companies policy is shrug and move on then I hope you never get caught out in a major lawsuit or investigation. If the corporate attitude is the EEOC and ADA constitutes vague cautions then it is a real possibility. I find it almost impossible to believe any responsible board of directors would allow this attitude to exist.

The IRS operates under federal law, not corporate policy. If you don't understand the difference than I just can't explain it to you.

Let's all place incriminating evidence in our emails.

bob2356 says

Bullshit. Server admin's don't dictate corporate policy on records retention in any corporation I've ever worked at. If your companies policy is shrug and move on then I hope you never get caught out in a major lawsuit or investigation.

You are full of insults today aren't you.

I'm not at a corporation I work for UC Davis. I follow what the lawyers' and higher ups tell me. They say per California that email retention is not required at the server level.

I suspect it's the same at Federal. Wonks & lawyers sit down, wrangle over what can be done to satisfy legal requirements vs. what is cheapest.

Did anyone in this thread outline what is actually legally required as far as retention of email backups? NO! The text you quote doesn't require retention by server admins, it merely says if there is none it must be printed and filed IF the recipient judges they need to.

I just attempted to lend some perspective from similar issues at state level, which were casually brushed aside and insulted.

At an agency for which key goals are good if not excellent record keeping this seems self defeating. Why have an Computer/IT system if you dont use it correctly?

Is the IRS's job the fair administration of Taxes, or is it to protect its own, and act as lobbyists?

Vicente says

ou are full of insults today aren't you.

I'm not at a corporation I work for UC Davis. I follow what the lawyers' and higher ups tell me. They say per California that email retention is not required at the server level.

I suspect it's the same at Federal. Wonks & lawyers sit down, wrangle over what can be done to satisfy legal requirements vs. what is cheapest.

It's not insulting and you just verified exactly what I said, it's not a sys admin's call what to back up. It's great for you that uc davis policies aren't bound by law or fear of lawsuits. That doesn't happen in the corporate world.

At the federal government level the law is very clear. I've posted some of the relevant sections. The word MUST isn't open for interpretation except I guess at uc davis. If it's policy, and deciding what groups to audit is without doubt a policy decision, then it MUST be backed up and saved.

Vicente says

Did anyone in this thread outline what is actually legally required as far as retention of email backups? NO! Including me, I just attempted to lend some perspective from similar issues at state level, which leads to insults.

Show me the insult. Saying server admins don't make organizational (since uc is an organization) document retention policy is an insult? You are one seriously thin skinned sys admin. Especially since you came back and agreed with me.

You keep missing the point. The media is irrelevant. Email, memo's, stone tablets, pissing in the snow, whatever it doesn't matter. The legal requirement is that the content MUST be preserved somewhere, somehow. The IRS and Learner are in clear violation of the law. Whether DOJ is allowed to do anything about it is a different matter.

Again, without any insult, if you can't grasp the huge difference between organization policy and federal law then I really don't know how to explain it to you.

Yet another good reason to do away with the IRS

Entitlemented says

Is the IRS's job the fair administration of Taxes

I'm reminded of a friend who went to work at a factory as their IT guy.

As he was proposing some IT upgrades and laying out costs, the boss reminded him:

WE MAKE SCALES HERE NOT COMPUTERS! NO!

IT is a support function and subject to budgets and manhour constraints like any other support function. I deal with customers everyday who aren't IT people, don't care about IT, they just know they want it to work and spend less money this year than last on it. So if I were to lay out "hey let's spend $50K on a new tape jukebox" so we can retain more & longer, I'm pretty sure what would happen.

I don't know what your hardon is for this issue. WHAT IS THE LAW? You haven't said, you've posted several sources that attempts to summarize and explain it which is not the same thing. I'm not sure how you can say I wouldn't see THIS as insulting:

"The word MUST isn't open for interpretation except I guess at uc davis. If it's policy, and deciding what groups to audit is without doubt a policy decision, then it MUST be backed up and saved. "

Policy is not law. Policy are internal guidelines to carry out among other things laws. Example a vacation & leave policy is not per se a legal matter. People keep going on about how someone should go to jail, without pointing to what law was broken. Except that, vaguely they just don't like it, and it violates their interpretation of the Federal Records Acts.

Let us suppose Lerner was informed of IRS policy and didn't fully comply. So that is her problem, not the problem of the server admin handling backups.

If someone does something illegal, conflict of interest, and gets rid of the proof, -does it make it right? What about the spirit of recordkeeping in jobs where recordkeeping is at the heart of what they do.

And record keeping is what a firm must do, for 7 years. Does the agency that mandates that individuals must have 7 years worth of records, have to abide in spirit with the laws on a similar good faith effort to maintain records - even for 6 months. Why invest in Servers then if not?

Is it a reasonable question to ask the IRS to prove disprove that they were impartial?

Please do not assume I'm either an idiot, or deliberately trying to avoid compliance with what you think are simple laws. They are not. Witness this 18-page slideshow attempting to explain DHS take on Federal Records Act:

http://www.archives.gov/records-mgmt/toolkit/pdf/ID317.pdf

Some pages just leave me with more questions. Interpreting what is meant by Transitory, or Short-Term, or Longer-Term will vary by individual recipient choice. I read the same thing at DHS though, it seems very much focussed on recipient handling of emails and absolutely nothing is said about central IT or retention at the server/backup level.

Taking the 5th, and interpretable rules.

Is there any standard or fiduciary duty for such a job?

Vicente says

Policy is not law. Policy are internal guidelines to carry out among other things laws. Example a vacation & leave policy is not per se a legal matter.

Leave and vacation is a policy. Paying overtime is a law. The difference is perfectly clear to me. You can be sued for violating one and prosecuted for violating the other. Federal records is a law.

Vicente says

Please do not assume I'm either an idiot, or deliberately trying to avoid compliance with what you think are simple laws. They are not. Witness this 18-page slideshow attempting to explain DHS take on Federal Records Act:

http://www.archives.gov/records-mgmt/toolkit/pdf/ID317.pdf

Some pages just leave me with more questions. Interpreting what is meant by Transitory, or Short-Term, or Longer-Term will vary by individual recipient choice.

I don't think you are an idiot and never implied it. I said you seem to have trouble grasping the difference between policies and laws. I find the DHS slideshow perfectly clear. I spent about 10 years with a company that did a lot of interaction with the federal government and I ended up doing a lot of work with regs. Maybe that gives me a big advantage in reading washington speak. There is no doubt at all that the kinds of things discussed in Learners emails do not qualify as transitory, short-term, or longer term. Those are things like schedules of meeting, requests for documents, vacation schedules, etc..

Again you seem to be hung up on the idea of emails and servers rather than content. Content makes it a record, not the method of delivery. There is simply no way Learner could have not known what she was emailing was a federal record. There is no way emails should have been allowed to be deleted if there was any possibility at all they contained federal records. Period. Whether it's from bad management, bad policy, or deliberate cover up it's just as illegal and the penalties prescribed by law should (but probably won't be) be applied to the person responsible.

There are ways to archive every single message that passes through mail servers. They require lots of space and redundant archivers. They also cost money.

Had IRS requested these devices, the GOP would most assuredly be complaining about how much they cost in taxpayer dollars.

I doubt they were using POP in 2011, but it's possible they were allowed to archive locally and the archive would not be likely to be backed up since it was on the local machine.

Of course, you can back up every endpoint on your network too, but there would be howls about the expense related to that.

It's like complaining about Amtrak not having frequent trains while cutting Amtrak's budget. GOP-o-critical.

CL says

I doubt they were using POP in 2011, but it's possible they were allowed to archive locally and the archive would not be likely to be backed up since it was on the local machine.

Probably not if it's private sector, but government technology is often ancient in state/local governments. It wouldn't shock me if I saw a Win95 PC in a state courthouse. The IRS, don't know what their technology budget is, but the ArsTechnica article below suggests lots of the federal government might be on WinXP machines (which would mean they are not officially supported by Microsoft without an expensive contract).

I've worked on data retention issues and e-discovery issues and nothing in this WaPo article sounds implausible, unreasonable, or conspiratorial, FWIW:

http://www.washingtonpost.com/blogs/the-fix/wp/2014/06/16/heres-how-the-irs-lost-emails-from-key-witness-lois-lerner/

Summary:
1) retention policy is 6 months, so some of the oldest emails are gone (2009-2011)
2) mailbox size was limited, so certain emails were archived locally and the computer crashed in 2011 and there are contemporaneous emails regarding the irrecoverability of the data
3) they recovered 24,000 emails from the period in question from other people's individual machines, but don't have a complete record, and they do have the newer stuff
4) bob is correct on emails being records and the policy there, but the individual user has to determine what is to be recorded -- there is a judgment call here. Hypothetically, if one sends 50 emails figuring out something and makes a final decision in a 51st, it's probably not an unreasonable judgment to consider only the 51st email to be a "record." It's unclear what was printed and what wasn't, but it's clear that some stuff was definitely printed.

The ArsTechnica article on this is quite fair on the subject and says what people who know about this topic would say (as opposed to partisan hacks):

http://arstechnica.com/information-technology/2014/06/are-those-lost-irs-emails-unbelievable-not-really/

CL says

There are ways to archive every single message that passes through mail servers. They require lots of space and redundant archivers. They also cost money.

Yes, that is very true. You are always balancing this against cost when determining a retention policy and retention procedure, and you do the same in e-discovery. The problem with archival systems is that sometimes old systems become obsolete. E-discovery rules balance for this by lowering the burden for obsolete systems and using sampling techniques on occasion. You're always balancing against cost.

The federal government is big on paper. Even though courts have moved to e-filing systems, you largely still have to make many paper copies for the judges/clerks because the federal government apparently doesn't own printers. :p But paper also has its own storage requirements and storage buildings literally burn down sometimes.

corntrollio says

Yes, that is very true. You are always balancing this against cost when determining a retention policy and retention procedure, and you do the same in e-discovery.

Exactly. You CAN archive it all if you wanted to, and had the corresponding budget. Even then, if the retention policy is 6 months, you would size the archiver to match that (and allow for growth). But you'd still adhere to the policy on the IT side, which would purge around 6 months.

Maybe it wouldn't be a bad thing if all messages were archived, if the budget allowed for it. Then again, you should have redundancy so have 2-3-4x as much investment as the size dictates.

Then again, when employees (public or private) know their messages are able to be reproduced or scrutinized they tend to find some workaround for communiques. Like Palin et al using Yahoo or Gmail.

They may keep it somewhere (NSA or whatnot), but that's a whole different ball of wax.

bob2356 says

There is simply no way Learner could have not known what she was emailing was a federal record. There is no way emails should have been allowed to be deleted if there was any possibility at all they contained federal records. Period. Whether it's from bad management, bad policy, or deliberate cover up it's just as illegal and the penalties prescribed by law should (but probably won't be) be applied to the person responsible.

There's lots of room for anyone involved to say they made a judgement call, and only in hindsight does it seem to other people it was a bad call.

As others have said, we should just ask the NSA to produce it.