The Bush administration was ordered this week to take a number of steps intended to help preserve email messages sent between 2003 and 2005 that had been thought to have been deleted -- but the way the court order was phrased offers a number of loopholes to avoid the intent of the order.

Aside from the political issues about jurisdiction regarding the Federal Records Act and the Presidential Records Act -- which the Bush administration is using to fight the court order -- there are a number of technical and procedural issues that are applicable to any IT department facing electronic records discovery associated with a court case.

"The dispute over recovery of the missing e-mails was provoked by the disclosure four years ago that the White House, in switching to a new internal e-mail system shortly after Bush's election, had abandoned an automatic archiving system meant to preserve all messages containing official business," reported the Washington Post. "Under the new system, any of the 3,000 or so regular White House employees could access e-mail storage files, enabling them to delete messages."

Potentially millions of email messages -- including those covering key moments related to the invasion of Iraq and to a federal probe of the leak of Valerie Plame Wilson's classified employment with the CIA -- could have been missing.

The Justice Department reported last week that after a $10 million investigation, it had located 14 million email messages, which it said it would turn over to the National Archives. However, the serendipity of the find, along with the refusal of the department to detail the procedures it had used to locate the email messages, raised suspicions.

The court order directed the Executive Office of the President to search the workstations, and any .PST files located therein, of any individuals who were employed between March 2003 and October 2005, and to collect and preserve all e-mails sent or received between March 2003 and October 2005 and to issue a preservation notice to its employees directing them to surrender any media in their possession–irrespective of the intent with which it was created–that may contain e-mails sent or received between March 2003 and October 2005, and for EOP to collect and preserve all such media.

So -- aside from the fact that, with the inauguration scheduled for Tuesday, any such email is probably long gone -- what are the problems with this court order?

  • It covers only workstations. Email sent from other hardware, such as Blackberrys, is not covered.
  • Email potentially sent from other email systems, such as Yahoo! Mail, to circumvent regulations around government email, is not covered.
  • Only email that is saved in .PST files is covered. Even Microsoft Outlook doesn't use only .PST files for all email files.
  • If an individual was a contractor, and not an employee, it is not clear whether they will be included.
  • The order refers to "any media" -- which includes portable hard drives, CDs, DVDs, memory sticks, and flash drives. This not only points out the inherent insecurity in allowing such media, but also how difficult it would be to prevent people from destroying such media or taking it outside. Will employees be strip-searched to make sure they're not hiding a USB drive somewhere when they leave the White House? Don't be silly.