Recorded information vs recorded communication and why email servers have the best provenance
One of my side projects at the moment, is the development of a manage in place training course and risk assessment tool.
There are lots of facets to an assessment, but the one that I've been grinding on most is provenance.
I've been thinking about a traffic light system for systems to help people judge the reliability of the records that are in them.
Nothing complicated - green for high-trust, red for "use at own risk" - and probably yellow etc. for somewhere in between.
I've come to a conclusion that I don't really like much - which is that the best provenance in most organisations is in the email server.
The reason is simple - I have no idea what got done with most records in most of the records management systems I've seen. I have no idea what the outcome from a process of creating a set of documents was, I have no idea whether most of them are drafts. If they're "final" (published, whatever) I have no idea what that means for most of them - were they actioned, are they being used?
Then I go to an email server.
Every bit of it represents communication between people - messages conveyed.
Any document attached was actually sent.
What's in the body of the email was almost definitely consumed.
It’s also a tiny snippet - so it’s likely almost all significant information.
It puts me in a real bind.
If I was going to traffic light a system, I'd green light the mail server and yellow light the records system.
It's got me thinking about the difference between recorded information and recorded communication - and how much more trustworthy something becomes when it represents action in concert - the conveying of what programmers would call "state" between two people.
I'm still forming my thinking on all of this - what do you think?
Dear Karl, Merry Christmas and Happy New Year to you!
Being a long-term fan of yours doesn’t prevent me from criticizing some of your views – and this is one of such cases.
I am living and working in a country where in-court disputes about the legal and probative value of e-mails are common, with their outcomes generally not quite favorable for email systems - in brief, in most cases standalone email has near-zero probative / legal value, unless it is either a part of sequence of emails or is underpinned with other proof (e.g. clauses in contractual agreements to use specific emails for business, or real-world actions clearly committed in response to certain emails). Also, daily get I in my mailbox dozens of fake emails with clearly fraudulent credentials. Trusting them blindly would be a folly.
At the same time Russian EDRMS and business solutions routinely record a lot of records processing information (e.g. who, what and when did something reacting to this very record, when a record was sent to accountable officials and what decisions were taken by them etc.). If Australians do not do that, that’s your fault rather than the fault of the RM and business systems! :)
As I see it, you are unfairly blaming the poor innocent information systems for the shortcomings of your national recordkeeping practices!
You say that “Any document attached was actually sent” – alas, no! I’ve seen worldwide popular email systems that allowed tampering with send or received messages, and on some occasions that resulted in court cases.
In email systems, uncontrolled deletion or moving to some obscure folders are common, along with inboxes filled with many thousands of uncategorized messages.
You also say that “What's in the body of the email was almost definitely consumed”. – Well, you are a dreamer … Emails being overlooked is common.
And then you say something really hilarious: “It’s also a tiny snippet - so it’s likely almost all significant information”. Wha?! Do you truly believe, that, say, Twitter is a treasure trove of important information just because tweets are really small chunks of text?! I’d say length of message in totally unrelated to the quality of the information.
Hoping to meet you in ISO TC46/SC11 one day! :)
Natasha Khramtsovsky