Several people have made the point that, while companies may wish to be
able to recover some stored e-mail, they most definitely do NOT want
other items to be recoverable in the case of court demands that material
be handed over. Microsoft is providing a prime example of this right
now. The Department of Justice is using, to great effect, internal
Microsoft e-mail to show that they did not originally intend to
integrate Internet Explorer with Windows.
From today's news.com dispatches
(http://www.news.com/News/Item/0%2C4%2C16676%2C00.html?ndh.idirect):
Through a number of
internal Microsoft communications, the government
attempted to counter the company's contention that
it long intended to integrate the two technologies
and that it clearly conveyed that intention to the
government.
"The sequence of documents demonstrates not only
that the United States was not on notice of the
alleged 'integration' of Internet Explorer, but that in
fact Internet Explorer was not designed or
'developed' to be an integrated product with
Windows 95," the government argued.
The most dramatic piece of evidence submitted was
email sent by [Jim] Allchin, who now heads Microsoft's
personal and business systems group.
"I don't understand how IE is going to win," Allchin
wrote in an email to Paul Maritz, now group vice
president for Microsoft's platforms and applications
group. "The current path is simply to copy
everything that Netscape does, packaging and
product wise...My conclusion is that we must
leverage Windows more. Treating IE as just an
add-on to Windows [is] losing our biggest
advantage--Windows market share."
Your company may take great steps to securely delete such sensitive
mail. If it has already travelled over an insecure network, it could be
intercepted and stored by a competitor. Encryption will prevent them
reading it then. But what if they get a court order demanding you hand
over your Corporate Message Recovery Key? If all your mail is also
encrypted to this CMRK, you're in trouble.
Ian.