Hillary Emails: Reddit Reacts to Metadata Redaction Request
Tuesday, September 20, 2016
Posted by: Mary Mack
Hillary Clinton’s emails are in the ediscovery news again.
Lamar Smith, Chairman of the House Committee on Science, Space and Technology sent another letter to the attorney for Platte River Networks about the circumstances of Hillary Clinton’s email server, and about a Reddit account. An anonymous Twitter user delved into Reddit and found a potential connection between Hillary Clinton’s IT person and a Reddit account that had sent requests for assistance asking how to mask an email address before production and how to implement a 60 day retention.
As seen on Twitter, a post from an account named stonetear:
“I may be facing a very interesting situation where I need to strip out a VIP’s (VERY VIP) email address from a bunch of archived email that I have in both a live Exchange mailbox, as well as a PST. Basically, they don’t want the VIP’s email address exposed to anyone, and want to be able to either strip out or replace the email address in the to/from fields in all of the emails we want to send out.
I am not sure if something like this is possible with PowerShell, or exporting all of the emails to MSG and doing find replaces with a batch processing program of some sort.
“Does anyone have experience with something like this, and/or suggestions on how this might be accomplished?”
Reportedly, there is a 90-day retention of posts at Reddit. The original posts reportedly do not exist. Alleged copies of the posts were gathered and put forward from archives of other unidentified Reddit accounts.
Katie Bo Williams of The Hill reports that according to the archive posts, “the post was sent on July 24, 2014. On July 23, the Benghazi Committee had reached an agreement with the State Department on the production of related records, according the FBI's investigation into Clinton's use of the server.”
Masking email addresses is a common way to redact Personally Identifiable Information (PII) from a production. The redaction is generally not done on native files, it is generally done on images. “…with true native redaction, unless you’re careful and savvy, you’ll likely change things you don’t really realize you’re changing,” according to the a white paper on Electronic Redaction on the EDRM website. There is generally a log created supporting the redaction. While not as common in the US, masking email addresses and names by replacing them with monikers like Person1, Person2, Person3 is commonly accomplished with e-discovery software in the EU to satisfy privacy requirements.
Another post reported by Steven Nelson, US News and World Report, asks about how to implement a user controlled email retention with a 60 day sweep:
Hello- I have a client who wants to push out a 60 day email retention policy for certain users. However, they also want these users to have a 'Save Folder' in their Exchange folder list where the users can drop items that they want to hang onto longer than the 60 day window.
All email in any other folder in the mailbox should purge anything older than 60 days (should not apply to calendar or contact items of course). How would I go about this? Some combination of retention and managed folder policy?
The anonymous Twitter user who surfaced the alleged archive copies of the messages, @GOPPollAnalyst, lists as her website in her Twitter bio lyingcrookedhillary.com. She identifies herself as a Masters of Law student with concentrations in eDiscovery and eLitigation. The user name stonetear was crowdsourced through Reddit, Etsy and domain registrars to connect to the technician.