Posted Jul 12, 2004 07:14 pm CDT
Although the company denied acting inappropriately, a reporter with a major online technology publication begged to differ. He examined a computerized document that SCO created in its lawsuit against DaimlerChrysler and drew some interesting conclusions.
Specifically, he looked at the document’s metadata: invisible data embedded in a computer file that contains information about the file itself, such as when the document was created, who created it or when it was last modified.
Using this code, the reporter was able to show that SCO had originally drafted the letter with another possible defendant—Bank of America—in mind. The drafters also inserted and deleted comments, including a question about jurisdiction and venue issues.
SCO’s critics lauded the revelation as more support for their suspicions about SCO’s intentions. To lawyers, the incident stands as the latest example of the far-reaching and often unintentional effects of metadata.
“Metadata is not always a bad thing,” says Craig Ball, a Montgomery, Texas, trial lawyer and computer forensic expert. “There’s good metadata and potentially embarrassing metadata, and you need to know how to control it.”
Metadata can be as revealing as a postmark on a letter, fingerprints on the envelope, and DNA from saliva on the seal. It can reveal a cache of information, including the names of everyone who has worked on or seen a specific document, text and comments that have been deleted and different drafts of the document.
Yet tech lawyers familiar with metadata say that because it’s invisible, it’s often overlooked.
“The first thing lawyers need to know about metadata is that there is such a thing,” says Vincent Polley, chair of the ABA’s Cyberspace Law Committee and deputy general counsel for information technology and development at Schlumberger Ltd. in Sugarland, Texas. “The first thing I do when I get something is look for [metadata] like the author’s name, revisions and history.”
The capability to view deleted text, comments or revisions in Microsoft Word can be handy when drafting a letter, but it’s not necessarily something outsiders should be able to read.
And because lawyers often reuse documents and templates, there’s often no telling how much metadata they contain. “I believe that any time a document goes outside of an office you should strip the metadata,” says Donna Payne, founder of the Payne Consulting Group. “There’s no sense in giving outsiders information you don’t have to.” Payne’s company sells software that identifies and removes metadata.
Alternatively, Microsoft Word users can easily strip out much of a document’s metadata by saving it in the Rich Text Format, or .rtf. Another way is simply to send a document as a pdf file, a popular format for legal documents. Microsoft also offers a plug-in tool that will strip metadata from a document, which users can download free from the company’s Web site.
The ABA has yet to take a position on whether lawyers may look at metadata. However, the New York State Bar Association Committee on Professional Ethics published an opinion in 2001 that says lawyers should not surreptitiously look at another’s metadata.
Lawyers who send documents without stripping metadata also could end up in trouble. “I don’t know of any cases yet, but there is always the danger of malpractice if you’re not careful with client information,” says Polley. “Lawyers can’t plead ignorance when it comes to this stuff anymore.”
He warns lawyers who do peek at metadata that it shouldn’t be taken as gospel. It can be altered, both on the writing and the receiving end, and it might be inaccurate.
“What I have done once or twice is to put information into the metadata for an opposing counsel to read,” Polley admits. “Usually it’s just a little ‘Hello.’ No one has mentioned it yet, but I don’t know if that means they didn’t find it or they’re too savvy to mention it.”