Lora Bentley spoke with Greenberg Traurig shareholder Adam Landa, who co-chairs the law firm's national e-retention and litigation preparedness practice group about Vanish, an encryption technology that, in essence, allows the creation of electronic documents that self-destruct. Though he likes the idea, it presents practical concerns when one considers retention requirements, Landa says. (Next week look for Landa's comments on Vanish as it relates specifically to e-discovery requirements.)
Bentley: You've read and written about Vanish. What is your initial reaction?
Landa: Technologically, Vanish is a very good idea. My biggest concern with that technology is... Well, there are two things. One, how a company deals with its retention obligations or its preservation obligations in view of data that, let's just say for the moment, self-destructs.
The first example that came to mind as I was reading the white paper on Vanish is the broker-dealer. A broker-dealer has an obligation to retain every communication as such for three years, and for two years in readily accessible form. So a client sends an e-mail to a broker instructing a trade, and the e-mail is set up to "vanish" in 30 days. Should the broker-dealer reject the e-mail? It can't be retained for three years as required by law. What will happen if the client says, "Yeah, but I instructed you to make a buy," and the client can prove that somehow. That's one example, but there are all kinds of industries that are regulated and required to keep things.
Then there are company document retention policies. A company policy may require me to keep things, but now I can create or receive a document that can't be maintained in accordance with the policy. That's the first concern.
Bentley: Which indicates there's another?
Landa: The other thing that Vanish presents is the sender of a message may or may not want to keep a copy of that message that isn't composed or created with Vanish. I mean, I'm thinking this is a great technology for my Facebook post that I was hiking yesterday. Who's going to care about that? I can see why I'd want that kind of stuff to vanish -- personal comments and the like.
But when you start applying it to business communications, you have to think about what the recipient is going to do with the communication.
Bentley: Do you mind expanding on that?
Landa: I have not worked with a Vanish-enabled client yet -- the software itself -- but typically in an e-mail you can copy and paste or cut and paste content. So if you cut content out of a Vanish e-mail and you paste it into a text file or some other media, it's not going to vanish. You're still going to have a record of what that e-mail was. Or if you print it, or if you print it to PDF, those things aren't going to vanish the way the e-mail would. It concerns me that people would send things that they think are going to be gone, but they're not. Even at a minimum, if someone gave you this technological explanation of how you could create a Vanish client that would prevent someone from creating a PDF or cutting and pasting, you could still pull out your digital camera, point it at the screen and take a picture, and there it is.
Bentley: OK. So you're not really in complete control?
Landa: You're really relying on downstream client behavior, and by clients I mean technological clients that could either prevent printing or could create PDFs that would also be encoded to vanish. Conceivably you could do that. But I wonder how I would feel about your software being able to get into my copy of Acrobat?...I think it's a wonderful idea. I think its time has definitely come, and it has application to all kinds of things, but I think any company that is considering permitting the installation of Vanish clients has got to deal with how it's going to intersect with retention requirements.