CasinoCityTimes.com

Home
Gaming Strategy
Featured Stories
News
Newsletter
Legal News Financial News Casino Opening and Remodeling News Gaming Industry Executives Author Home Author Archives Search Articles Subscribe
Newsletter Signup
Stay informed with the
NEW Casino City Times newsletter!
Recent Articles
Mark Grossman
 

Enron and Data Destruction

7 March 2002

Enron. Document shredding. File deletion. Arthur Andersen. Not even J.R. Ewing could concoct what these boys did. Now, we talk about the Big Five accounting firms. Soon, it may be four.

It's one of those law school clich├ęs. "Law is common sense as modified by the courts and legislature." Now, let's take this idea and apply the smell test to Arthur Andersen recent actions. In case you were in Antarctica over the last few months (do they have CNN International in Antarctica?), the Big Five accounting firm Arthur Andersen destroyed many documents relating to their audit of oil industry giant Enron. Of course, they did this as Enron was about to collapse.

Now, my nose is perking up. It stinks in here. Of course, we believe that the destruction of these documents was the innocent act of a completely innocent auditor. The stench is getting worse.

Applying the smell test and common sense, you know that you can't audit a multi-zillion dollar company and then destroy the documents underlying your audit just before the bottom drops out. I'm sorry, but that doesn't take three years of law school.

What were they thinking? The only thing that would seem to make sense is that they thought no matter how bad the flak from destroying the documents, it would be worse if anybody saw the documents. J.R. Ewing where are you?

As dumb as the document destruction was, I'm betting that in our digital data world, it will turn out that it failed anyway. My bet is that if there is a proper and thorough investigation, forensic analysis of things like computers at Enron, Arthur Andersen and the homes of key people, backup tapes, recycle bins, floppy disks, e-mails and other digital data will yield a treasure trove.

We're no longer at the dawn of the computer age. It should not be a novel concept that hitting the delete button doesn't mean that you have destroyed your document. My guess is not only will it turn out that the Enron and Arthur Andersen people are criminals, but when the digital evidence starts appearing, we'll learn that they were dumb criminals--not even smart enough to effectively destroy the evidence.

Legally Destroying Data

The law does permit you to destroy data, whether digital or paper. If you apply the common sense and smell tests, you realize that the law has to allow this. The alternative is endless warehouses and data storage centers filled with things that are of no use to anyone. Of course, this begs the question: When can you destroy data?

The simple answer is you can destroy data as long as you have no reason to believe that litigation or a government investigation is imminent.

It's that smell test again. If you can smell the litigation coming, your data destruction will develop its own stench.

What your company needs to do is develop a document retention policy. With so much data living on computers, the issues relating to data retention has moved from the realm of the general corporate lawyer into the world of the tech lawyer. A good policy has to not only take into account paper documents, but even more importantly, digital data.

Even the commonly used term, document retention policy, is as dated as the term "cc" to mean "carbon copy." In both cases, the terminology has been slow to change, but I would suggest that you should really call your policy a "data retention policy," since the paper version of the data is just one form of your data and in many ways the easiest to destroy.

Enron and Arthur Andersen notwithstanding, there is nothing necessarily nefarious in having a data retention policy. It serves at least three legitimate goals. It saves valuable computer and physical storage space.

It reduces the volume of your stored documents making it easier to find something when you need it. Finally, if there is no legal obligation to keep data, it reduces the likelihood that somebody on a subpoena fishing expedition will dig up something to exploit in future litigation. All three goals are legal and proper.

To keep yourself on the correct side of the law, the first step in creating a policy is to consider any specific laws that may require you to keep certain types of documents for a specific time. If you're in a regulated industry, like banking or health care, you need to consider specific laws aimed at your industry. You also need to consider things like tax laws in case the IRS wants to audit your tax returns.

After reviewing these preliminary considerations, you have to consider all the different types of data you have and all its different forms. A data retention policy is an essential document for every business, but creating it is never easy. There's always an overlay of business needs, accounting needs and legal issues.

While it's not a fun task that immediately translates to your company's bottom line, you need to attend to putting together an effective and legal data retention policy. When you're done, if it passes the smell test and you follow your policy, you won't find yourself in anybody's crosshairs if a document doesn't exist, provided that you legally and properly destroyed it based upon your long-standing data retention policy.

Enron and Data Destruction is republished from iGamingNews.com.
Mark Grossman
Mark Grossman