One of the most remarkable things about the sudden political death of New York Governor Eliot Spitzer was how Spitzer was so oblivious to the paper, or more precisely, data, trail he was creating and leaving in his wake. As New York State Attorney General, Spitzer had based prosecutions on the same kind of evidence; phone logs, wiretaps, bank records many times. Somehow, despite this background, when he engaged in questionable behavior he documented it to the hilt.
Modern companies usually generate far more data records than their management and employees imagine, and this isn't good because at some point in the future, management and employees could find themselves facing civil or criminal action based on digital records they may not have known even existed.
One of the issues with working in a digital environment is that there is a record of nearly everything that happens in it. Nothing is in the dark, not the plane tickets you buy, not the profits you made on the last sale, not the people you call on the phone. This huge data archive remembers, even if you don't.
One key to survival in our current society is understanding how easy it is to wind up facing felony criminal charges over what was only a misdemeanor crime to begin with, if that much. The most common example of course is perjury, where people lie to cover up a minor crime, and the increase in permanent records can only create more of this type of case.
Anytime a company executive or employee provides testimony that subjects them to perjury charges, like a deposition in a civil case, or testimony in a criminal case, there is the possibility that their testimony will be compared to information from a variety of sources. Some of these data sources will be third parties, like Internet logs, bank records and phone logs. Some will be from their own internal computer records. This can be database files, Excel spreadsheets and Word documents, including some records they may not have known about.
On the positive side, computers are making it hard to get away with illegal activity. On the negative side, honest businesses may pay heavily for honest mistakes. And minor dishonest mistakes, too.
Under the current legal climate, there is a real danger that honest businesspersons can find themselves in serious trouble for simply being wrong about some fact; how much a deal made, who paid how much for something, or exactly when something happened. The only real defense is to know as much as you can about what relevant records exist and what they show.
There are many sources of permanent records to consider.
One feature common to many business applications is a built in ability to record every interaction between it and the people who use it. For instance, if an employee were able to get into the company's billing system and increase the discount given to a customer, and then change it back to the authorized discount after a transaction, both actions would be recorded. Some of the more sophisticated programs, like SAP's Process Control, automatically check a number of variables employees could change to their benefit, and report any violations of policy.
Even common business applications can be recording data that can be used in court.
The most widely used word processor, MS Word, has a built in data recorder that can record every change made to a document over the course of its development. There have been cases where companies have been proven to be in illegal possession of Word documents after a careful look at the document's built in data history proved that they were clearly created by another company.
In extreme cases, incriminating evidence can be found within the content itself. In a trial concerning intelligent design, a document purported to be a new study on intelligent design not related to creationism was proven to be originally about creationism because of a rather sloppy job of global replace. A close look at the document proved the term creationism had been replaced with the term intelligent design, and not always successfully.
Even out of the office and away from their desk computers, employees can create data trails, and not always in obvious ways, For instance, employees may be creating a data archive when they drive a car on company business.
Many modern cars come with a data recorder built into the cars computer system. This recorder functions very much like the black box recorder in airliners, and it records information about what the car is doing including speed, braking, and steering. Information in these data recorders has been used to successfully prosecute drivers for serious traffic offenses, primarily accidents and DWI cases, and used as a base for actions against the companies that employed the drivers.
There are many other sources of data trails, not all will apply to every company but many will.
Companies need to a audit the data trail they are creating and make sure every employee understands what permanent records are being created that might be used against them in the future. It's important that employees act as though they're being recorded all of the time, because one way or another they probably are.
It's also important that employees understand honesty is the best policy. If a mistake is made, it's better to admit the mistake than to get caught later, after covering up the mistake. That can land them in jail, for perjury or obstruction of justice, or both. Or in the case of Arthur Anderson, even end a company.
Such fates are possible but avoidable, if one has a realistic view of the truth. Like it or not, we live in a world that is constantly recording what everyone does. Privacy has become a moot issue. Corporations want to know everything about consumers, and consumers want to know everything about corporations. Increasingly, both just have to look at the records to find out.
It was a lesson lost by Eliot Spitzer, a master of the information game who broke it's ultimate rule.
In the Information Age, the biggest sin is to forget that anyone can find out nearly everything about anyone if they try hard enough.
Glen Emerson Morris is currently a senior QA Consultant for SAP working on a new product to help automate compliance with the Sarbanes-Oxley law, an attempt to make large corporations at least somewhat accountable to stockholders and the law.
He has worked as a technology consultant for Yahoo!, Ariba, WebMD, Inktomi, Adobe, Apple and Radius.