SWISS red-faced over metadata information left in press release

Whatever your view on where we are on the economic road to recovery (or not) no business can afford any tarnish to its external image. As reported in the Guardian this week Swiss International Air Lines Ltd has a red face and a tarnish to its image in Canada at least due to an inadvertent link of metadata.

SWISS, as they refer to themselves in the press release, included review comments in the document that they sent out. Although the press release might be 'boring,' as reported by the Guardian, it provides a salutary lesson on how features that are useful in the review stage of a document can be a danger if they are not managed correctly when completing the final version that will be sent out.

The file, comments and all, can be found on the Guardian website.

Companies need to remember that converting a document to PDF alone does not protect them from leakage of confidential or embarrassing information via metadata. Although I was not personally sent the press release, and it is not obvious from the posting on the Guardian site, I would say that the release was sent in PDF. Take a look at the other metadata in the PDF file and see what you think (PDF Producer: produced on a Mac, author: initials in this instance, and so on).

This is the perfect example of why it is so important to ensure you have a system in place to automatically remove the metadata information within a document. While the data contained in this file wasn’t damaging to the company, it was definitely embarrassing. Had the data been company private, this could have been a very different situation for them. Make sure your company and your data is protected.

Only a week left for the Survey on Mobile Device Usage

We are delighted with the number of participants who have already completed the 3BView Survey on Mobile Device Usage and Document Security over the last two weeks. The results are already looking very interesting.

With just one week left until this survey closes (end of day EDT 23rd October), if you have not yet contributed then your participation would be very welcome. Please access at http://www.zoomerang.com/Survey/?p=WEB229PNSVQD9C

The survey focuses on access to, and usage of, business applications from mobile devices, with particular focus on the risks associated with information contained within document metadata when using these applications.

We will be publishing summary results on our website, with full results available to survey participants, who will also will be entered into a draw to win an upgraded phone of their choice – either a Blackberry Storm 9530 or an iPhone 3GS 32GB.

3BView Surveys the Legal Market on Mobile Device Usage and Document Security

Following on from my post last week, we at 3BView are conducting a survey on the usage of mobile devices in the day-to-day practice by legal practictioners around the world. The survey focuses on access to, and usage of, business applications from mobile devices in particular access to documents and risks associated with information contained within document metadata via such applications.

We will be publishing summary results on our website, with full results available to survey partcipants. Survey participants also will be entered into a drawing to win an upgraded phone of their choice – either a Blackberry Storm 9530 or an iPhone 3GS 32GB.

Access the survey at http://www.zoomerang.com/Survey/?p=WEB229PNSVQD9C from now until Otober 23, 2009.

More details can be found here.

PDF documents and metadata - some examples

Before I do a deeper dive into what metadata a PDF document contains, let's take a look at what must have been the main headline hitting example in 2008 of sensitive information being discovered within PDF metadata.

I am referring to the situation Google found themselves in with a submission they made, supposedly anonymously, to the Australian Competition and Consumer Commission regarding eBay and their proposal to force their users to use PayPal. After speculation on many blogs about the author of the anonymous submission one Dave Bromage took a look at the metadata in the PDF document and let the world know who it was. Despite the submission being replaced with a new version without the revealing metadata the word was out. I won’t comment on the reasons why this was at least embarrassing to Google (this is one report that gives the details as well as showing the metadata contents), but will add that there was an additional chuckle in the techie community that the metadata also showed that the document had not been created using Google’s own word processing app, one being The Register. My main comment is that this unintentional leakage of information involved a regulator as well as embarrassment at the very least to the originator (author and company).

The submission also had masked what would have been visible text about the submitter within the document. However the PDF did not have any security applied to it so it was very easy to copy that area of the document and paste it into another text processor to see the underlying information. Facebook/ConnectU have just this month fallen foul for the same reason. Numerous other examples in this area, GE and the US Justice Department being a couple of examples from 2008. If you want to mask visible text at the very least add security settings to the PDFs that you generate to disallow copying and pasting of text. Also look at redacting software which fully removes and masks text whilst retaining the layout in the PDF document.

I am sure it is pure coincidence that one of the other headlines in 2008 around information garnered from PDF metadata also involved Google, but from the other side of the fence. As reported here metadata in a PDF version of a lobbying letter from the Corn Farmers to Congress linked, albeit tentatively, the author back to some of Google’s political adversaries.

The lesson from these examples is that you should not assume that converting and sending/publishing a PDF removes metadata that could contain sensitive information.

California Bar Journal reviews legal metadata position

The California Bar Journal, in this article, presents an excellent round-up of the problems for lawyers, including the myth that PDF documents are safe from metadata leaks, and the latest legal position in the US. Worth reading.

Scottish council caught out by tracked changes

It’s that old classic: sending out a Word document with information you really, really don’t want to reveal left in tracked changes.

This time the metadata culprit is Aberdeenshire County Council, which managed to send out a report on waste management, containing incriminating details of problems in tracked changes that hadn’t made it into the final report.

Even worse than the information revealed is the inference that the council had covered up the information it didn’t like on the problems – and the press has certainly taken this line.

Two good articles on security: user behaviour and balancing risk

Happy New Year! This seems a good opportunity to mention two good articles I read last year, but didn’t blog on at the time.

Firstly, Network World ran an article by Michael Osterman in June based on a survey of user behaviour. It’s short and to the point, but contains useful gems like the fact that 71% of users check work-related email from home on their own computer. Certainly confirms for me that we’re on the right lines to put our ILP protection on the email server, not on the desktop – if you’ve got server-based protection, you’re covered regardless of which PC is used.

Then this article in APC magazine contains some interesting views from Microsoft on why the security threat is often “overblown”, and how you need to balance the cost of a security measure against the perceived risk and the cost of any security problems that may arise. It’s common sense really, but worth remembering, and I’d add the point that you need to think about how long a solution may take before it’s up and running effectively; sometimes the simple and fast solutions are the best.

US legal position on metadata still unclear

As far as I can work out, the position in the US on the legal status of metadata is still being sorted out. Have a look at this good review of recent “ethics opinions” in The New York Law Journal – there still seems to be plenty of conflicting views.

The article concludes with good advice: check your local rules and case law, and use metadata scrubbing tools to remove metadata from documents you send (where this is permissible).

One day we’ll have clarity, no doubt.

PR agencies leaking data as much as the rest of us

Love or hate them, PR agencies are part of today’s business world. They do have a riskier position than most in the looking foolish stakes, though, as they are in frequent contact with journalists who will generally grab any opportunity they can to wind up their PR colleagues.

The latest one is a delightful example on Valleywag, the Silicon Valley gossip site – just look at all those tracked changes that were left in the email to the journalist from the PR.

But wait: it gets better. The PR sent an email threatening legal action if her original email wasn’t removed. Guess what? Valleywag ran that email too.

Scottish politician in donations row due to metadata

UK readers will be familiar with the row about dodgy political donations that’s currently surrounding the Labour party. It was perhaps only a matter of time before metadata gave someone’s secrets away – as it has a habit of doing in political rows.

Well, it happened this weekend – the Sunday Herald newspaper printed allegations that Scottish Labour chief Wendy Alexander was aware of the potentially dodgy nature of a donation weeks before she had claimed to be. The smoking gun? Metadata in a Word document showed the date it had been saved (November 5^th) and that the username was her husband’s.

The row is all over the press now, and Alexander may end up having to resign, or even being prosecuted under the UK’s election finance laws. It’s becoming almost commonplace to see these metadata leaks pop up in political rows, and I’m sure the more clued-up journalists check the properties and tracked changes on every Word document they get hold of! Remember PDF documents aren’t normally safe either unless you’ve taken the right steps to make them secure.

You can’t steal what isn’t there

Yesterday’s story on the loss of 25 million child benefit records reminded me about the loss of more than 45 million customer records stolen from TJX, the parent company of retailer T.J. Maxx. The article, a while back, in Information Week describes it as the “largest breach of customer data”.

An interesting article, but the key point is right at the end: “With any luck, the TJX Effect will teach retailers this basic lesson: Thieves can't steal sensitive customer data if retailers aren't storing it.”

But governments have to store sensitive data -- they really do need to get things sorted, or the trust of the public will be lost forever.

AT&T lawsuits rumbling on

AT&T is one of the highest profile companies that’s been publicly identified as having committed an ILP faux pas – letting the cat out of the bag about alleged collusion with the US government in alleged illegal wiretapping (the lawsuits are still going on – so I’m going to use the word ‘alleged’ as often as I can just in case).

They must be regretting this a LOT! There’s an interesting article in the Guardian about this case and the general topic of privacy and how it’s changing in the electronic world.

E-discovery seminar and downloadable presentations

I attended a very interesting e-discovery seminar just over a week ago in Washington DC, organised by GTSI and with an excellent set of speakers. Metadata and archive formats (ODF and PDF/a are key archival formats) were mentioned frequently.

The presentations are all available at this page.

E-discovery and the FRCP amends – one year on

It’s nearly a year since the US’s Federal Rules of Civil Procedure (FRCP) that govern e-discovery were amended. CNET has an excellent round-up of recent legal cases covering the discovery of electronic data – really a must-read for anyone concerned with this area.

The author also quotes Williams v Sprint, a slightly older case from 2005, where the judge ruled that where electronic documents are required to be produced, they must be in the original format including metadata. This still seems to be a grey area, and the FRCP guidance seems to also have picked up on the judge’s statement in this case that producing documents “as they are maintained in the regular course of business” is sufficient.

The lesson? Put in place a policy now that manages and cleans metadata in business documents, before any litigation!

Error by FTC gives away Whole Foods’ business secrets

This Sunday’s Observer newspaper in the UK carried a book review talking about innovative business practices that mentioned Whole Foods as an example of using new internet techniques (not sure if that includes your CTO criticising rivals online under a pseudonym?)

Anyway, it reminded me of the bizarre story from August: the Federal Trade Commission (FTC) managed to electronically file documents as part of a court case involving Whole Foods Market’s proposed $565 million takeover of Wild Oats Markets. The words looked redacted but were just shaded black.

The accidentally revealed portions included Whole Foods’ marketing strategies, and how it apparently negotiates with suppliers to drive up costs for Wal-Mart stores.

Guess what? The Associated Press managed to download the document before the FTC realised their mistake and replaced it with a clean version. The Washington Post has the full story here.

Come on guys, it’s not rocket science to avoid these mistakes. Is it?

Company insiders are biggest IT security threat

According to the Computer Security Institute, the biggest threat to corporate IT security isn’t viruses, it’s insiders.

The CSI has released its 2007 “Computer Crime and Security Survey” – there’s a good write-up here and you can also download the full report (PDF).

The report is based on responses from IT security staff in U.S. businesses and government bodies. 59% of respondents reported “insider abuse of network access or e-mail”.

MacUser covers data disasters and information leak prevention

The recent MacUser edition (14^th September) has got a great article about potential data disasters from hidden data and emails. And guess what? 3BView gets a mention as we are the only metadata removal tool for Macs (as far as I’m aware).

The article doesn’t appear to be online yet, but MacUser’s site is here.

Leaked emails reveal company’s secrets

Controversial P2P “mitigation” company MediaDefender has got itself into trouble when 700MB of internal emails were distributed on the Internet this weekend. It appears that an employee had forwarded all of his emails to a Gmail account, which has then been accessed by someone else.

According to this report, the emails gave away many secrets about the company’s operation, including evidence that MediaDefender had intentionally misled the outside world about some of its activities. The emails apparently also included financial details including salaries, Social Security numbers and home addresses of some of the company’s employees.

It’s a point that everyone must be familiar with, but it bears repeating: email is a dangerous thing. And it’s not rocket science to realise that having controls to filter and monitor emails going outside your company can help avoid this kind of problem.

Stating the obvious: mobile mistakes are easy to make

It seems common sense to me that anyone using email out of the office is going to be more at risk of making silly mistakes. It may be late in the evening, they may be rushed as they’re concentrating on something else, or they may be using a mobile device that’s not as easy to use as their main office PC or laptop.

The business climate nowadays only encourages this, what with mobile working being so heavily encouraged, clients in different time zones and so on.

So it only seems logical that information leak prevention should cover users when they’re out and about. Doesn’t it?

It still surprises me that so much effort in ILP focuses on desktop tools, which by definition won’t cover remote working and PDAs, Blackberrys etc. The server seems the only sensible place to put the ILP protection.

I did get my assumptions backed up recently by some research from Nokia, which is always nice. This says three quarters of workers use mobile devices to email clients outside working hours, and paints a picture of them “writing their emails from locations including pubs, parties and taxis”. Scary stuff!

Automated Metadata Removal

Take a look at the report on the TechnoLawyer Blog