Re: SUMMARY: archiving of NOMCOM information

[Theodore Tso <tytso@mit.edu>]

On Tue, Apr 09, 2002 at 10:48:52PM -0400, Donald Eastlake 3rd wrote:
> A lot of this discussison seems to be devoid of reality to me.
> 
> First of all, all that has ever been archived by nomcom chairs that
> chose to archive stuff, which not all did, was the email on the list.
> But the nomcoms I have been involved with have done most of their work
> and made most of their decisions during telephone conference calls and
> there has never been, as far as I know, any recordings made of these
> conference calls. Vague requirements to archive "the information and
> deliberations" could mean anything. Do the occasional physical nomcom
> meeting need to be videotaped and who is going to pay for that?

I don't know about past nomcom's, but this nomcom did have minutes,
which were taken, and approved by majority vote, and were published on
an nomcom-only web-site.  I believe in the previous year's nomcom,
both the e-mail archives and the nomcom-only web site were archived,
based on some comments which Bernard had made (but I may have
misinterpreted what he said; Bernard?)

So yes, we do have pretty good records of those conference calls,
although they're not audio recordings.

But, I don't think anyone is arguing that we should archive stuff for
outsiders.  It's more for the nomcom's benefit, in case nomcom gets
activitated, since it's given a **ridiculously** short time to find a
replacement.  So the question isn't about needing to archive extra
stuff, such as video taping physical nomcom meetings.  That's just
silly.  It's about making sure that people *other* that nomcom can't
get access to those archives via U.S. legal games.

> In fact, I would expect every participating nomcom member to maintain an
> email archive during their term and I find it extremely implausible that
> there would ever be any problem accessing this info during the nomcom's
> term.

Again, I was told that "Standard Operating Procedure" was to recommend
to nomcom members that they destroy their own personal e-mail archive,
and that backups would be provided if a IAB/IESG member needed to be
replaced mid-term.

> But, in reality, the theory that the nomcom email would be unreachable
> if every member destroyed their archive at the end of their term seems
> to me implausible. Considering how many ISP and organization email
> relays and servers the nomcom mail will have flowed through, even with
> more organizations having email destruction policies, I suspect that for
> years a determined effort could find old backup, spooled, or deleted but
> recoverable copies.

I don't know how many e-mail relays keep backups of e-mail that has
flowed through it, but in many cases it's possible to pick e-mail
addresses to use where you know that people aren't making backups with
long retention periods.  

Ultiuamtely, though, the big question is how big of a threat do we
think there is of someone trying to sue IETF or individual nomcom
members in an effort to make nomcom records available to the public as
part of a discovery process?  If we don't think it's very important,
then let's not bother with all of this.  I personally think the
downsides of having all of a particular year's nomcom records (e-mail,
web-site with short lists, minutes of meetings, etc.) available as
part of a public court record is such that spending a little bit of
time to worry about this is worthwhile, but realistically the
probabilities of this happening are (hopefully!) fairly low.

On the other hand, many of us do live in a country where you can get
millions and millions of dollars if your coffee is served too hot....

						- Ted