I would be very unhappy about emails addressed to me which threatened to
disappear at a time other than of my choosing. If I am expected to do
something on the basis of an email, then I require to keep that email
until my needs are satisfied. We could all work up plausible scenarios
in which the lack of the source document undermined our authority or
audit requirements.
Of course there will be some areas where this might be legitimate but
almost certainly these would be mutual and highly structured. I still
doubt the 100% water tightness of any solution outside a very small
number of very closely controlled environments.
It is relevant that the "recall" feature only works if the original
message has not been read (or delivered locally for reading?) This
seems a sensible compromise. If I have read it, I may have taken action
or formed an opinion in the light of that and am entitled to retain the
message to underpin my actions.
Regards
Jim
----------------------------------------------
Jim Whitaker
Head of Information Management and Internal Communications
British Educational Communications and Technology agency
Millburn Hill Road
Science Park Telephone 024 7679 7452
Coventry 024 7641 6994 (Ext 3341)
CV4 7JJ Fax 024 7684 7071
=================================================
-----Original Message-----
From: Ian Welton [mailto:[log in to unmask]]
Sent: 15 November 2004 14:28
To: [log in to unmask]
Subject: Re: [data-protection] M$oft Information Rights Management
Service (run by them)
Lloyd M J B (ISeLS) on 15 November 2004 at 12:06 said:-
> it would appear
> that any user
> can put a deletion date on an email or Word document rather than have
> such decisions be made according to the University's records retention
> schedule.
I think setting the weed date feature on mail you send has been around
for some time, as has the ability to recall e-mails, both providing
individuals with some control of the data they transmit.
It is interesting how data retention periods can change, sometimes
irrespective of the data subjects wishes, as data moves between
organisations/individuals. Some of those changes are clearly
understandable, others seem very puzzling.
A standardized retention period seems to have done nothing to leverage
any technological potential in support of the DPA principles, and the
weed and recall facilities have been very little known about.
It would be interesting to hear reasons from the various sectors behind
(not)allowing the sender of received e-mail to determine the retention
period for any e-mail they may send to the organisation. Where does
that divide sit/and why?
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
