Erase me. Go on. I dare you

You want to know what happened to all those incriminating things you did on your computer--things you thought you swept under the rug? Things like ordering the outing of a CIA agent, or plotting the realignment of certain insufficiently corrupt U.S. Attorneys? Well, if all you did was drag the relevant files to your computer's trash can, you're still screwed.

[T]he likelihood is that they erased it just like you would erase it. One e-mail is easy to find—you go into the e-mail file and there it will be. Even if they erase the whole e-mail file once, just threw it in the trash and then deleted it, it would still be there and it would be easy to find for a data-recovery expert—best [if it's] a forensic data-recovery expert. When you erase something you’re basically just erasing the index to the document—the document is still there. And if they did a simple erase off the hard drive, beyond the trash, it’s easy to retrieve. Forensically you can do it where you get all the raw data and look through it. If you or I did it, it would look like one long text file, a printout a mile long. You’d have to go through it and cipher it and find the [keyword] you’re looking for. It’s all jumbled with code all around it so it’s not easy to do, [but] forensic software can do that easily.

But you already knew that, right? So what if a certain particularly devious person like yourself--aware that phantom copies of your deleted emails were still perfectly accessible to investigators--went the extra mile and zeroed out the actual documents?

The best way is to triple-erase the file. By erasing, what you do is [write] zeroes over the whole area with a piece of software. So wherever the e-mail file is, the whole thing is written over with zeroes three times. That gets every bit of it off. There would be no trace. Nobody could get it....Let’s say you’re watching CNN and you see that [someone is] coming to get you. So you triple-erase the data—you zero everything out. But until you back your hard drive up completely, it’s still over on your server. The new data replaces the data on the server. So if you’re smart, you’d erase it from the server, too.

But devoting such extraordinary energy to scrubbing a major server completely clean--after you watched CNN and learned that you were about to be the target of a major investigation--would look mighty suspicious, no? Justice-obstructing-kinds of suspicious, perhaps.

Pretend, then, that you didn't take the risk and that the emails are still accessible and that you plan to fully comply. What should you do?

If they were really doing their job, they would have to give access to forensic specialists. Those companies can go in and find that e-mail file and then sort through it using proprietary software and hardware. But the government is going to have to open their doors. Top secret stuff is on there, I’m sure, and they’d make it hard.

Well I don't know if the "top secret" nature of those emails is relevant. If by "top secret" you--shady operative--are thinking of emails that simply contain material that might be embarrassing or illegal--material on the wide specrum between, say, pornography and, say, which members of the press should learn Valerie Plame's CIA status--then those emails (that section of the file) can be subpoenaed.

If on the other hand by "top secret" you're thinking "classified", then it raises a whole series of other questions about why you sent or received such information--clearance or no clearance--using an RNC email account and then dumped the stuff carelessly into the trash can.

Comments

Several laws would be broken by putting 'top secret' or even 'confidential' material on a non-government server, so Fred Fielding (for Rove) won't claim classified info. They will say it was subject to executive privilege (EP) - whatever that really means in law. I think there is only one SCOTUS case on this, and they read the privilege very narrowly, but that one doesn't match this situation very closely.

Some legal experts believe that only direct communication with the president is covered by EP, while at the other end of spectrum some believe any communication in the executive branch is subject to EP. This won't be resolved quickly, and the public relations aura will likely be more important than any legal proceeding.

Certainly, use of non-government networks is very unlikely to meet either the PR or EP tests, so those emails will mostly be produced if they haven't had the forensic-deletion options exercised.

Some experts say that the all the hard drives must be replaced for actual assured deletion - or even the servers themselves and the pc's used to access them.

BushCo is way out on a limb here, and we can expect much tussle since backing down won't be easy.

My opinion is that NSA should be required to cough-up what they have. What is the probability that NSA doesn't have all this stuff recorded? Zero.

Posted by: JimPortlandOR | April 14, 2007 at 02:18 PM

I always like the sound of an idea that involves subpoenaing the NSA. But even if the Republicans did trash their harddrives, it sounds like the NSA stuff is much more likely to be subjected to EP arguments than the RNC material. Sigh.

Posted by: Brian | April 14, 2007 at 02:37 PM

See a pithy tongue-in-cheek visual that skewers Karl Rove and the Bush administration's disregard for accountability...here:

http://www.thoughttheater.com/2007/04/the_white_house_announces_project_purge.php

Posted by: Daniel DiRito | April 14, 2007 at 06:58 PM