In the first of a two-part comment on Law.com’s Law Technology News [1], Leonard Deutchman discusses the recent case of TR Investors LLC v. Genger No. 3994-VCS, Delaware Court of Chancery [2] (Dec. 9, 2009) [PDF]. Somewhat oversimplifying matters, the relevant facts were that during the course of litigation between Genger and TR Investors (the Trump Group), there was a stipulated status quo order that provided, in part:
. . . the plaintiffs and the defendants, and their respective officers, directors, agents, [etc.] . . . are hereby restrained and enjoined from, directly or indirectly . . . tampering with, destroying or in any way disposing of any Company-related documents, books or records . . . .
At a point in the process of determining which documents on computer hard drives were relevant to the action and which were personal, Genger deliberately caused the unallocated space on the drives to be overwritten, thus effectively destroying any data that might have been recovered and intelligible.
The court found Genger in contempt of the order because among other things in so overwriting the unallocated space his employee at his direction removed “temporary files that were stored on Genger’s hard drive.”
Deutchman lays out the basic situation in this first part of “Does Discarding Unallocated Space Deserve Contempt?” and begins a critique of the judgment. He concludes the first part thus:
No IT professional or typical user would consider unallocated space to be a “backup” space, akin to an external drive or backup tape used to affirmatively back up files, simply because forensic searching could possibly locate therein lost files in their deleted or temporary states. An apt comparison might be considering a waste basket next the desk of a poet a “backup” because one might be able to assemble the completed poem from the dozens of discarded drafts found in the basket. In sum, then, the court’s factual conclusions are unsubstantiated.
Clearly, whether or not this judge is correct in fact and in law — are any and all data fragments “records”? — an important part of any document security policy will address the regular or routine “cleaning” of unallocated space on hard drives, just as it will the more mundane removal of metadata from documents created by word processors and the like.