As an IT professional, like all professionals, I have certain responsibilities and skill sets to maintain. Would you trust a mechanic who can’t change your car’s oil or a doctor who can’t use a stethoscope? While at work today, if your IT department told you “We don’t safeguard any data, so your email, documents, and spreadsheets are at risk. Good luck!” would you complain? Would you question your company’s competence at maintaining your business’ data? To go a step further, what if your boss told you to do one thing, but the company did the exact opposite?
Welcome to the Lois Lerner/ IRS Email Scandal.
I won’t rehash the details or take sides, this is a discussion on technology and how it is used. Before your eyes glaze over, I want to address three points.
1. To the layperson: I won’t bore you with details or technical terms. This isn’t that kind of article.
2. A mea culpa to fellow IT geeks, this is an oversimplification and I understand that. Most of the planet doesn’t need to hear about RAID, NAS, SAN, perms, ACLs, offsite storage, n-bit encryption, etc.
3. This will be platform and party agnostic. I’m simply explaining why the email controversy is garbage. Republicans v. Democrats and Microsoft v. Apple (among others) won’t occur here.
First, how does email work? From your “client” (computer, smart phone, pad, etc.) you type and send an email. It goes to a “server” (Server A) which transmits that to a destination (Server B). Your recipient’s client then reads that email from Server B. In business, Company A backs up/ stores email from Server A and Company B does the same with its server. These backup copies are then kept for a predetermined period. For the purposes of an audit, the IRS advises you to keep any and all data for 7 years. My personal experience working for Fortune 500 companies parallels that 7 year “suggestion.”
“Mechanically” the data should be secure, but what about people? Again, to possibly oversimplify, administrators or those with similar authority can manually delete data or control software to do this through pre-determined “rules” such as after 6 months, 10 years, everything from a certain person, everything with a certain keyword, etc. In short, you have to be incompetent or malicious to “lose” data.
Enter the IRS
Generally speaking, business and individuals keep data for 7 years, per the IRS’ advice, but what about the IRS itself? “Uh oh, spaghetti-ohs!” See, the IRS keeps data for 6 months and even allows employees to determine what to keep as part of the public record! Imagine being audited and telling the IRS “Well, I decided to not retain those receipts. Audit’s off, right?” As the English would say, “Not bloody likely, old chap!”
So wrap your head around all of this: you keep data for 7 years, the IRS retains data for 6 months, regardless of that IRS employees determine what’s retained for that 6 month period, and ALL of these defy basic-to-intermediate level IT practices. Are you angry yet?
But wait! There’s more!
Now we’re told the email does in fact exist, but can’t be searched. This is more garbage. Email is stored in a database and databases are searchable. How does Google work? Through a massive database. Ever try to find a word on a webpage or within a document? That’s essentially a small database or indexed capability. In the real world, in the business world, email is stored where it can be accessed. Again, the explanation defies reality and technology alike, UNLESS some person did this through incompetence or malicious behavior. Now are you angry?
Following the Enron Scandal, Congress passed the Sarbanes-Oxley Act of 2002 which holds management (such as CEO’s) accountable for financial information. How do you prove financial information beyond what’s reported to the IRS? Email, spreadsheets, stored documents…this should all sound familiar. Not only do we have laws against deleting data and holding corporations accountable, we have protests against those very CEO’s and other “1%’ers” in the US. So, what about our government? What happened to “We the People?”
We the People have a “SarBox”, and that’s the ballot box. We have a mechanism to hold our politicians accountable. The IRS email explanations only make sense if you don’t know anything about technology. Pardon me, but your ignorance allows the lies to become reality. Data is stored and if it isn’t, someone did that. With the IRS’ own policy, if it isn’t marked for public record, someone did that too. That’s why you should be angry, regardless of your political affiliation, you should be angry because our representatives CHOSE to lie to you. They chose to play upon your ignorance and the media CHOSE to pass those lies along as the truth. Your government didn’t just exploit your lack of IT knowledge, it willfully chose to ignore its own “suggestions” to We the People AND it allows the very people and organizations who have the most to lose to determine what to keep.
Information Technology doesn’t have to be rocket science or brain surgery, and neither is your Constitutional right to vote. Exercise your own form of Sarbanes-Oxley at the polls this fall. Get mad as hell and don’t take this anymore.
© 2014 The Havok Journal
© 2023 The Havok Journal