This message will self-destruct

This message will self-destruct

By Stuart Finlayson

Or will it? Not according to Microsoft, which insists the Information Rights Management function of Office 2003 will not result in emails and other documents vanishing into thin air.

The TV series Mission Impossible, which first aired in the 1960s, is best remembered for the opening segment to each episode which always included the tape-recorded mission objectives and went as follows:

"Your mission, Jim, should you decide to accept it (followed by the details of each mission). As always, should you or any member of your I.M. Force be caught or killed, the secretary will disavow any knowledge of your actions. This tape will self destruct in five seconds."

Fast forward to 2003, and the release of Microsoft's Office 2003, or more specifically, the Information Rights Management (IRM) functionality within Office 2003, with its expiration date input capability for emails and other documents, has seen parallels drawn with the self-destructing messages of the famous show, and has caused much consternation within the records management community.

Central to this wailing and gnashing of teeth among record and document managers (as well as those employed in other professions where retention of documents and emails is of paramount importance) is not the ability to prevent printing, copying and resending of correspondence (although each of these functions have raised pertinent questions of their own),it is rather the ability of the sender to set an expiration date on the life of the document.

"The ability for the sender to decide that an email can be destroyed after a certain period of time is against all the principles we - the records management and information management profession - have been trying to address since the mass introduction of the PC and probably before this time. The introduction of the personal PC and with it the disappearance of many central records sections, the typing pool and the secretaries, to all but the powerful few in executive positions is seen by many as the point of change and the subsequent failure to capture an organisations' information in a structured, retrievable and risk aversion manner," laments Laurie Varendorff, who owns his own records and information management consultancy in WA.

"This ability in Office 2003 to stop the printing, copying, resending and to set a timeframe for the destruction of the email could be a bigger disaster to good governance at all levels of corporate and government organisations than any previous event," he believes.

Fears over the supposed threat posed by the expiration function of IRM to properly maintain records in adherence to the law prompted David Roberts, Director of the State Records Authority of New South Wales, to issue an advisory to all public sector records managers in the state to block the use of IRM to their employees.

"This functionality allows the creator of an email message to limit the recipients' ability to forward, copy or print the message, and can even direct the message to 'self destruct' after an allotted period of time. Similar attributes can be applied to documents by their authors," said Roberts in his mailout.

It went on, "This functionality has significant implications for recordkeeping and, more broadly, for the way that organisations conduct their business in the electronic environment.

"State Records and the Department of Commerce's Office of Information and Communications Technology are working together to develop guidance for public offices on the appropriate use of information rights management in Microsoft Office 2003 products."

Roberts also made abundantly clear the views of State Records NSW that the IRM functionality had the potential to land records managers in deep trouble.

"Inappropriate use of this functionality, either within a public office or by external parties communicating with it, may prevent a public office from capturing and keeping electronic records needed for ongoing business, accountability or other reasons. It may also result in breaches of the State Records Act 1998 and of obligations to produce documentation to competent external authorities."

So what does Microsoft have to say about this whole debacle? Well, while holding its hands up and admitting that there could have been more clarity from the company on this new functionality, it refutes the widely held belief that messages will 'self-destruct' or vanish into thin air.

"I think there is a lot of confusion around (IRM) in the market, and where there is confusion, I can understand why people would be unclear about it," says Jane Huxley, Director of Information and Worker Client Business Groups at Microsoft.

While acknowledging that the ability to set an expiration date on delivered messages does exist, it is what happens when this expiration date is reached that has been misinterpreted, which according to Huxley, has caused unnecessary alarm.

"Making a message not visible and destroying it are two very different things. Documents do not disappear-they are still in the mail store. The information remains on the server in its original state. What it does is it prevents people from accidentally forwarding, deleting or copying sensitive information, but a determined individual can still get to it." In spite of that, Huxley admits that this functionality may still prove to be a turn off to many.

"This technology probably isn't going to be for everybody. It may not be appropriate, particularly where confusion or concerns exist. Basically, this is a way of controlling information from falling into the hands of a malicious user or protecting information that may be time sensitive."

"IRM is a good piece of technology for people who have a very specific need to control information. It is not switched on by default and it does not destroy emails or make documents disappear. I do think that we probably could've been a little clearer up front about that and helped people to understand it a little more."

So who did Microsoft visualise using this function when they created it?

"This technology would be extremely well implemented in an environment where information expires," says Huxley. "Let's say, for example, you are a pilot working for an airline and you download flight information manuals before you take off. Now, those flight manuals will get out of date. Using Information Rights Management in that environment, the pilot would not be able to download material that was out of date-they would be forced to go looking for the new information or click on the link that would take them there. That is an example of very time-sensitive information where this type of technology could be very well put to use."

Another example of the usefulness of IRM that Huxley describes, which can be applied on terra firma, is within the human resources (HR) department of an organisation, where sensitive information such as performance reviews and salary information can be shared across email while preventing it from being copied, forwarded or printed.

"Used in the right environment, it is a fantastic piece of technology," insists Huxley. "The point is it is not switched on by default-that decision is made by the business, not by the individual; and it does not delete information-it cannot make things disappear."Huxley acknowledges that determined individuals within an organisation will be able to circumvent the anti-print, copy and forward functions within IRM, and that it is designed primarily to prevent "accidental" copying, forwarding and printing of sensitive information.

With that being the case, and IRM falling short of offering watertight security, what real value is there in having it activated?

"IRM is not a traditional "security" feature - it is a corporate policy enforcement feature," says Jason Cahill, Lead Program Manager for IRM in Office 2003. "When we've talked to customers about what they needed from Office, one of the resounding things we heard was "I'm tired of having sensitive information leak out of my company by casual abusers." IRM is our answer to that problem. When you create a piece of sensitive content, you can apply IRM, just like you would type 'Confidential - Do Not Forward' today. The software will apply that policy and enforce it for all recipients. The value add is that once you send content with IRM, no one can "accidentally" break company policy and forward e-mails or share out documents unless they have permission to do so."

Business Solution: