Re: DISCUSSION: archiving of NOMCOM information

[Matt Holdrege <matt.holdrege@verizon.net>]

But Ted, we all have our own email storage. All you have to do is encourage 
nomcom members to keep nomcom email on their laptops til the year is over. 
That way each member has control and can delete it whenever they want if 
they are worried about lawsuits. In fact, this is what happens already. I 
know I still have all the nomcom emails from this year and I know certain 
other nomcom members have the same.

So we absolutely do not need to send off an archive to the secretariat or 
any other external host.


At 08:25 PM 3/27/2002, Theodore Tso wrote:
> My understanding for why the nomcom information was archived was for
> the protection of the nomcom members.  The basic issue is this: once
> the nomcom is finished with its primary responsibility after the first
> IETF meeting of the year, (and my, does it feel good!) they are most
> likely done unless someone on IESG or the IAB does something very
> uncharitable and dies on us (as happened most recently), or otherwise
> creates an opening.  At that point, the nomcom has an unreasonably
> short time to find a replacement sucker^H^H^H^H^H^H self-sacrificing
> individual willing to volunteer large amounts of his/her professional
> life.
>
> If all of the materials collecting during the first three months of
> the nomcom were discarded, then there would be no possibility for the
> nomcom to be able to do its job in the required time-frame.  However,
> if the nomcom members were to hold onto the information, then they
> might get sued to release that information, and the expenses for
> defending the lawsuit and having lawyers submit motions to keep the
> information out of discovery are huge and subtantial.
>
> So, it is for the protection of the nomcom members that all of the
> information is archived, and then sent to some organization (which I
> believe is currently the secretariat, not the ISOC president, but
> whatever), that has enough sharks w/ Armani suits to at least slow
> down legal attempts to breach the confidentiaility of the nomcom
> records.  After that the records are handed over to the secretariat,
> all other copies of the information are destroyed, for the nomcom
> members' protection.
>
> Then, if nomcom needs to be activated to refill a position, the
> information is sent back to the nomcom chair, who then repopulates the
> mailing list archives and resends the pertinent information to the
> nomcom members so they can do their job.
>
> This is the only reason that I know of that the information is
> archived.  If that is the case, then the retention interval of the
> information should be one year --- once the current year's nomcom is
> finished, and a new nomcom is appointed, there's no reason to keep the
> old records around any longer.  Also, one could argue that perhaps the
> ISOC trustee should not have the key to the encrypted archive, but
> rather that the key be split using secret-sharing techinques, and sent
> to the IAB and IESG chair, plus three other randomly chosen IAB/IESG
> members, such that 3 out of the 5 shares must be available in order to
> reconstitute the encryption key.
>
> This preserves the confidentiality of the nomcom archives, while still
> protecting nomcom members from potentially huge legal fees.
> (Remember, the ISOC gives legal insurance to IAB, IESG, and WG chairs,
> but not to nomcom members.)
>
> If the are any other reasons why the nomcom information should be
> archived for longer than year, I don't know what they might be, and
> those who would argue for a longer retention period should state why
> they believe it should be necessary.
>
>                                                 - Ted
>
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.elistx.com/subscribe>