Preserving

1
Preserving reliable electronic documents in the
context of the Electronic Transaction Act
challenges facing records management in the
digital environment

• John A Aarons
• University Archivist
• The University of the West Indies
• Presented at the Summit by CITO
• on Knowledge Management
• 20 21 May 2009

2
Focus of Presentation

• This Presentation looks at documents and records
  in electronic formats and the challenges of
  preserving them to ensure that they fulfill the
  characteristics of a record which are that they
  are
• Authentic
• Reliable
• Integrity .
• Usable

3
Focus of Presentation

• In context of Electronic Transaction Act
• which speaks of
• a reliable electronic document
• promoting public confidence in the integrity
  and reliability of electronic documents
• the authentication and integrity of electronic
  documents

4
Electronic Documents

• The Act defines an electronic document as
  information that is created, generated,
  communicated, stored, displayed or processed by
  electronic means
• Record information created, received, and
  maintained as evidence and information by an
  organization or person, in pursuance of legal
  obligations or in the transaction of business
• ISO 15489-1 Information Documentation records
  management, 2001

5
Definitions

• Examples of digital data include anything that
  has been created or stored on a computer, or is
  made available by way of the internet, including
  CDs, DVDs, MP3s and digital broadcast radio.
• The term electronic may be considered to be a
  generative term, which encompasses all
• forms of data, whether in analogue or digital
  form

6
Value of Records

• Records provide evidence of transactions and the
  purpose of keeping them is to ensure that they
  remain accessible over time in such a way that
  they can be considered authentic and reliable
  evidence. Not only must records be accessible,
  but their intrinsic value must also be retained.

7
Attributes of Records

• Records have three important attributes content,
  context and structure
• Content is what the record says.
• Structure relates to both the appearance and
  arrangement of the content
• Context is the background information that helps
  explain the meaning of the
• document e.g. title, author and date

8
Traditional Paper Records

• For traditional manual records and paper-based
  collections, including textual and audiovisual
  records created before the advent of computer
  technologies the principal obstacle to
  preservation is the physical decay of the
  materials themselves. Paper records can become
  damaged through excessive handling and as a
  result of deterioration caused by the acids in
  the paper fibers, leaving documents brittle and
  discoloured over time.

9
A record 340 years old

• Diagram of grant of 127 acres of land in St
  Catherine to an early settler, 1668
• (From the series of
• Plat Books, Jamaica Archives)

10
Patent of land to Nanny, 22 Dec 1740
Jamaica Archives
11
Deterioration of Paper Records

• the principal obstacle to preservation is the
  physical decay of the materials
• themselves. Paper records can become damaged
  through excessive handling and as a result of
  deterioration caused by the acids in the paper
  fibers, leaving documents brittle and discoloured
  over time.

12
Creation of Electronic Records

• Today, most of the information we create is being
  done in electronic formats such as
• word processed documents
• E-mails
• Spreadsheets
• Computer generated graphics and maps
• Databases
• Web based information

13
Electronic Records

• An electronic record is
• written on magnetic or optical medium, such as
  magnetic tapes, CD-ROMs, DVDs, hard disks, USBs
  (universal serial buses) and other digital
  storage devices recorded in binary code
• accessed using computer software and hardware
• easily manipulated, updated, deleted and altered

14
Electronic Records

• The principles of the management of electronic
  records are no different to those of the paper
  record. Records must be created, captured and
  maintained in a manner that ensures their ongoing
  integrity and retrievability for as long as they
  are required to meet the business and
  accountability requirements of the Institution.
• Electronic records must remain available,
  accessible, retrievable and useable for as long
  as a business need exists or as long as
  legislative, policy and archival requirements
  exist.

15
Challenges in preserving electronic records

• The physical carrier of the record becomes
  obsolete e.g. 8 51/4 floppy discs
• The hardware needed to access the record becomes
  obsolete
• The software needed to access the record becomes
  obsolete both the software needed to read
  write the record operating system

16
Preservation of electronic records

• The question is how do we ensure these records
  remain secure, authentic, and accessible
  throughout their entire lifespan ?
• Preservation of electronic records requires the
  expertise of both records professionals and
  technology specialists. If preservation actions
  do not begin early, it might not be possible to
  preserve the electronic record, or restore it and
  use it, five years from now, never mind a century
  from now.

17
Electronic Transaction Act

• This Act came into effect April 2, 2007.
• The objects of the Act are set out in Section 3
  are to
• (a) facilitate electronic transactions by means
  of reliable
• electronic documents
• (b) promote the development of the legal and
  business
• infrastructure necessary to implement secure
  electronic
• commerce
• (c) eliminate barriers to electronic commerce
  resulting from uncertainties over writing and
  signature requirements

18
Electronic Transaction Act

• d) promote public confidence in the integrity and
  reliability of electronic documents and
  electronic transactions, in particular through
  the use of encrypted signatures to ensure the
  authenticity and integrity of electronic
  documents
• (e) establish uniformity of legal rules and
  standards regarding the authentication and
  integrity of electronic documents
• (f) AND, VERY IMPORTANTLY, TO facilitate
  electronic filing of information with Government
  agencies and statutory bodies and to promote
  efficient delivery of Government services by
  means of reliable electronic documents

19
Authenticity of an electronic record

• An electronic record can be considered authentic
  if it retains all the significant properties upon
  which its authenticity depends, including
  reliability, integrity and usability,
• and if the actions taken to preserve the record
  over time can be demonstrated.

20
Characteristics of Trustworthy Electronic Records

• Reliable ones whose content can be trusted as
  a full and accurate representation of the
  transactions, activities, or facts to which it
  attests and can be depended upon in the course of
  subsequent transactions or activities
• Authentic - records proven to be what they
  purport to be and were sent or created by the
  person who purports to have created and sent them

21
Characteristics of Trustworthy Electronic Records

• Integrity - refers to the complete and unaltered
  characteristic of a record.  Another aspect of
  integrity is structural integrity.  The
  structure of a record, that is its physical and
  logical format and the relationships between the
  data elements comprising the record, should
  remain physically and logically intact.  Failure
  to do so may hinder the records' reliability and
  authenticity.
• Usability - a record which can be located,
  retrieved, presented and interpreted

22
ELECTRONIC RECORDS

• How can electronic records be considered reliable
  and authentic ?
• they must capture and describe the transactions
  they represent
• once created, they must not be capable of change
  without creating a new record
• should preserve context as well as content

23
Authenticity in a Digital Environment

• this is complicated by the fact that the
  preservation of electronic records always entails
  some form of transformation. Digital preservation
  requires the management of objects over time, and
  the techniques used may result in frequent and
  profound changes to the
• technical representation of that record

24
Challenges of Digital Preservation

• The time span of any given computer technology
  is, typically very short
• perhaps five to ten years at most. This rapid
  rate of obsolescence applies to file formats,
  software, operating systems and hardware. The
  challenge of digital preservation, therefore,
  lies in
• maintaining a way to access digital objects in
  the face of rapid technological obsolescence

25
Development of Policies

• Along with policies there needs to be procedures
  built on standards and best practices
  documentation that shows that they have been
  followed.

26
Evidence Act

• Evidence Act amended in 1995 to include
  electronic records, provided that the court is
  satisfied that procedures were put in place to
  safe guard the integrity of the information.

27
Evidence Act cont

• The 1995 amendment made provision for the
  admissibility of documents produced by a
  computer in any proceedings as evidence provided
  that, among other things,
• The computer was operating properly not
  subject to any malfunction
• There was no reasonable cause to believe that the
  validity of the document was affected by any
  improper process or procedure or by inadequate
  safeguards in the use of the computer
• Section 31G

28
Developing a Preservation Policy

• A preservation policy is an essential foundation
  for any sustainable digital preservation
  programme. Preservation decisions should aim to
  minimise the risk that electronic records will
  become inaccessible over a defined period. A risk
  assessment analyses the dangers
• that electronic records may become unusable and
  the impact or consequence of losing
• the record, such as the risks faced by the
  organization or the public if the evidence is not
  available

29
Monitoring Technological Change

• It is important to monitor technological change
  to identify potential risks to specific
• records.
• It is also important to assess the current and
  future record-keeping needs of the
• organisation and to identify vulnerable and
  valuable documentary evidence that needs to be
  preserved

30
Assessment

• Once the risk assessment and records assessment
  have been completed, and any
• urgent technology concerns have been identified,
  it is possible to establish priorities
• for action. For example, some records may have
  great evidential value and so need to
• be protected as a priority

31
Digital Storage

• A digital storage system ideally consists of the
  hard disc drive with tape backup,
• repository management software to manage data and
  metadata, and hierarchical
• storage management (HSM) software.
• Data on hard disc must also be duplicated on data
  tape

32
Storage of digital data

• No computer storage medium is adequate for
  long-term, archival preservation of records
  because of its limited life expectancy. The most
  generous estimate of physical obsolescence is
  within 30 years. Technological obsolescence,
  though, will probably come within 5 to 10 years.
  As a result, you should assume the need to
  migrate all your files within a short amount of
  time to a new storage medium

33
Managing Storage Media

• The media on which the records and metadata are
  stored must be managed and refreshed as required.
  Part of storage management is concerned with the
  physical storage of the collection and, in
  particular, the media on which it is recorded

34
Refreshing

• The periodic need to refresh electronic records
  onto new media is inevitable given the
• continuous changes in computer storage media.
  However, selecting the best media
• available can reduce the frequency for refreshing
  data, since high-quality and stable
• storage media should remain usable for a longer
  period.

35
MIGRATION

• One method of active preservation is known as
  migration. Migration is the process
• of translating data or digital objects from one
  computer format to another format in
• order to ensure users can access the data or
  digital objects using new or changed
• computing technologies.

36
Migration at Obsolescence

• this approach advocates that objects be
• migrated only as and when dictated by
  technological obsolescence that is, when they
• are about to become inaccessible. Records can be
  migrated to new file formats or to
• current versions of old formats or they can be
  migrated to open-source formats
• through normalization

37
Migration

• Migration-based preservation strategies are
  similar to refreshment, in that both
• approaches involve converting the digital object,
  rather than the technology used to
• create it, to a form that can be accessed in a
  contemporary environment

38
Normalization

• Normalization is sometimes referred to as
  migration on ingest. (The process of
• transferring records to a digital storage
  repository is referred to as ingest.)
• Normalization involves migrating a digital object
  from the original software into an
• open source, standards-based format so that it
  can be used without having to rely on
• the original, possibly proprietary, software
  system used to create it.

39

• Normalizing seeks to
• minimise the frequency and complexity of future
  migration cycles by going straight to
• an open source format that, ideally, will always
  be available and accessible. Research has been
  underway for some time to create software
  solutions that will
• facilitate the process of normalizing records
  e.g.
• XENA, PDF/A.

40
PDF/A

• PDF/A is a file format for the long-term
  archiving of electronic documents.
• It is based on the PDF Reference Version1.4 from
  Adobe Systems is defined by ISO 19005-12005
• Document Management electronic document file
  format for long-term preservation Part 1

41
XEMA XML Electronic Normalising for
Archives

• It is a free and open source software developed
  by the National Library of Australia to aid in
  the long term preservation of digital records.
• Written in Java, it performs 2 important tasks a)
  detects the file formats of digital objects
• b) converts digital objects into open formats
  for
• preservation.
• http//xema.sourceforge.net/

42
Emulation

• the process of using one computer device or
  software program to imitate
• the behaviours of another device or program,
  thereby obtaining the same results when
• accessing or using digital objects. Emulation
  strategies use software or hardware
• called the emulator to recreate the
  functionality of obsolete technical environments
• on modern computer platforms

43
Establishing Security and Access Controls

• The physical infrastructure required to store and
  manage electronic records must be protected from
  accidental or deliberate damage
• Information technology (computer) systems should
  be protected from intrusions by external hackers
  and other unauthorized users
• Access and permissions must also be controlled.

44
Managing Metadata

• Metadata needs to be maintained not just from the
  time the record was created but
• also to record any active or passive preservation
  processes any physical or logical changes to a
  digital object or any other changes to the
  nature and content of the record.

45
Back up of Information

• It is essential that the storage system be backed
  up and that multiple copies of all data are
  stored in order to provide a safeguard
  different types of storage media should be used
  for back up copies. For example, one copy might
  be stored on hard drives and the others on CD
  disks or tape drives

46

• Clearly articulated policies are also required
  for the creation and management of system backups
  so that all actions taken to preserve electronic
  records are methodical and well managed.

47
Planning for Emergencies

• The digital storage system must be protected
  against both natural and human-caused disasters.
  This protection comes from establishing a
  business continuity plan, which identifies how an
  operational service will be restored in the event
  of a major disruption.

48
Case of authentification of digital documents

• In 2005 American Express took a person to court
  for not paying credit card debts seeking to
  recover the money. The judge determined that the
  company failed to authenticate certain records in
  digital format.
• Stephen Mason PROOF OF THE AUTHENTICITY OF A
• DOCUMENT IN ELECTRONIC FORMAT INTRODUCED AS
  EVIDENCE, October, 2006, www.armaedfoundation.org

49
Judges comments

• The focus is not on the circumstances of the
  creation of the record, but rather on the
  circumstances of the preservation of the record
  during the time it is in the file so as to assure
  that the document being proffered is the same as
  the document that originally was created
• Stephen Mason, Authentic digital records laying
  the foundation for evidence Information
  Management Journal Sep/Oct 2007

50
Safeguarding digital data

• Matters to be taken into account --Identification
  of the computer equipment programmes
• Entitys policies procedures for the use of the
  equipment
• How access to the database is controlled?
• How changes to the database are logged?
• Structure implementation of back up data

51
Conclusion

• In order to prove that that records submitted as
  evidence are reliable, usable and have integrity,
  one should ensure that there are policies and
  procedures in place based on standards and best
  practices and that they are documented
  followed,
• demonstrate that the appropriate controls are in
  place to prevent unauthorized access

52
THANK YOUJohn A AaronsUniversity
ArchivistOffice of Administration The
University of the West Indies,Mona, Kingston
7john.aarons_at_uwimona.edu.jm