Ephemerallaw: Data Storage

Tuesday, August 19, 2008

Data Storage

As a general rule, one of the easiest ways to make sure data isn't stolen is to not have it. Unfortunately, as mentioned in this paper from GFI Software there are often legal requirements that prevent a company from purging its data. As the paper mentions, there are a variety of securities regulations that require companies to keep records. While true, that's only part of the story. For example, electronic discovery rules can prohibit a company from purging its records. What's (potentially) worse, even if a company doesn't purge it's records, it can still be sanctioned under the electronic discovery rules if it's records aren't in a reasonably accessible form.

The moral of the story? You need to know not just how to protect data, but what data to keep, and how to keep it in a form where you can get it back.

3 comments:

John Taylor said...: William,

I spent a number of years as an engineer in the motion picture industry. In the last few years of my career digital storage of content was a major issue that was solved by automatic daily back-up to various media such as DLT. The tapes were stored off line. "On line" intranet drives were used for new media and the back ups were recalled on an as needed basis. Does this sort of thing qualify in the situations you just mentioned?

John; August 20, 2008 at 8:15 AM
William Morriss said...: John,

Your daily backups of motion pictures probably wouldn't be covered by the securities regulations mentioned in the GFI paper. However, they could very easily come within the scope of the electronic discovery rules. In that case, you wouldn't need to just worry about whether you'd stored the tapes, but whether you could find the relevant tapes when you needed them, and whether you could read the data from the tapes once you found it.; August 20, 2008 at 7:28 PM
John Taylor said...: William,
Thanks but what I was trying to ask is that would that sort of technology (DLT etc), and daily backup procedure be applicable to sensitive data storage.

The motion picture business has its own unique theft issues, and IP and anti-piracy laws apply to those.

I was only referring to the use of these methods to take PII off line and still have it available as required by law.

John; August 25, 2008 at 9:28 AM

Post a Comment

Privacy Statement

The authors value the privacy of their blog viewers. This site does not currently collect personal identifying information ("PID"), except: (1) to the extent that your browser provides PID, like your e-mail address or the site you linked from, to this site's server; (2) to the extent that you provide PID to this site in an e-mail; and (3) to the extent that you provide PID to this site in a CGI form (for example, when you complete a search request on this site’s “Search this Site” search feature. Your PID will be used only for the specific purpose for which you submitted the PID, except that it may be used in an aggregated form to gauge the popularity of this site. "Cookies" are pieces of information that some web sites transfer to the computer that is browsing that web site, and are used for record-keeping purposes at many web sites. Use of Cookies performs certain functions such as saving your passwords, lists of potential purchases, and your personal preferences regarding your use of the particular web site. This site uses Cookies to gather anonymous traffic data. Your browser is probably set to accept Cookies. However, if you would prefer not to receive Cookies, you can alter the configuration of your browser to refuse Cookies. This site contains links to other sites. The authors and their employers do not share your personal information with those sites and are not responsible for their privacy policies. We encourage you to learn about the privacy policies of those entities. Children under 13 years old are not the target audience of this site. To protect their privacy, the authors prohibit the solicitation of personal information from these children. The authors reserve the right to change this Privacy Policy at any time by posting a new privacy policy at this location. You can e-mail any further questions to wmorriss@fbtlaw.com.

Disclaimer

This site is provided for informational purposes only. The views expressed herein are solely those of the authors and should not be attributed to their employer or their clients. These materials do not constitute legal advice and do not create an attorney-client relationship between you and us. Please note that you are not considered a client until you have signed a retainer agreement and your case has been accepted by us. This site should not be used as a substitute for competent legal advice from a licensed professional attorney in your state. Got it? THIS SITE IS "AS IS." WE MAKE NO REPRESENTATIONS AS TO THE ACCURACY, TIMELINESS OR COMPLETENESS OF THE STUFF HERE AND YOU SHOULD NOT RELY UPON IT. USE AT YOUR OWN RISK. WE EXPRESSLY DISCLAIM ALL WARRANTIES. This may be an advertisement. Your mileage may vary. Past performance does not guarantee future returns. Do not run with scissors. NOTE: This disclaimer is largely taken from the established and extremely well written blog Patent Baristas.

Ephemerallaw

Tuesday, August 19, 2008

Data Storage

3 comments:

Useful Resources

Blog Archive

Contributors

Other Sites

Privacy Statement

Disclaimer