E-Discovery in practice: Where are the Emails part 2

In my last post, I looked at one of the major models for the distribution and workflow of files and data between computers – the “client-server model” – and how common this model is.  The partitioning between client and server underpins so much of information transfer such as how emails and files are transmitted and shared.  In this post I will specifically look at emails, how they get to their destination, and how the server and client handle them.

Although we use human identifiable terms for email address, and indeed for most of our internet usage, these are merely a convenience, and underneath is a computer readable form of address known as the IP address.  When you send an email you are essentially asking your email client software, such as MS Outlook, to forward the email to the recipient using the computer form of the address.  On the front of the message packet is the recipient address and on the back of the packet is the senders address, just like sending a letter in the post.

And by analogy with a letter sent in the post, the email get transferred from one major mail transfer station to another, converging after a few hops, to your email provider.  There is sits until you request it.  From this point your email provider can be considered as the Server.  When you wish to look at your emails, the software you use is acting as the client.  Typical email client programs are MS Outlook, Thunderbird, and Mac Mail, but there are many others.  These are programs that run on your local computer.  Another way to read your email is via your browser.  This is used most commonly for accessing webmail like gmail and hotmail, although most email providers make provision for this.

When accessing email, you can either leave the email on the server or you can download it to your client so that you have a copy of the email on your local computer.  At this point we need to dissect a little more technology.  The way emails are transferred and downloaded is governed by well-defined protocols.  An early and still extant form is known as the POP protocol.  The more recent form is IMAP.  The various protocols have been introduced because hardware and our usage of data have changed.

Twenty years ago hardware storage was limited and we generally had only one digital device.  Therefore, email providers did not wish to store emails for very long and preferred to delete them as soon as they were downloaded.  There was only one copy of the email and that was now on your local computer.

Forward to today and we have virtually unlimited storage and more digital devices than we have appendages.  Since the limitation of tiny storage has disappeared we now have to decide on the policies of email retention and location while the plethora of devices means we have to develop policies governing synchronisation.  Many of these policies are decided automatically on your behalf by your email provider, by the default settings of the client software, and by the IT technician you employed to set up your system.  The consequences of these policies can have drastic consequences for E-discovery later on.

Now, although my previous paragraphs have implied that the email provider is ‘out there’ somewhere in internet land, any computer domain can be registered as an email server and therefore you can host your own email service from home or from work.  A well known example of this is former U.S. Secretary of State, Hillary Clinton, who chose to host her own email server on a computer in her offices.

The problem with hosting your own email server is that it requires a great deal of administrative effort and technical expertise.  It’s usually not worth the trouble, as the Clinton example demonstrates, and therefore we normally outsource this service.  Nevertheless, the ownership of, and physical access to, the server hardware has significant consequences for E-Discovery which I will discuss in post #3.

And now a final piece of the email server puzzle.  Since any computer can act as both a client and a server, when we speak of an email server we must bear in mind the context of that service.  For example, it is typical for a business with more than a few employees to maintain a ‘server’ in the office in order to centralise the handling of emails and documents.  This office server may, for instance, run MS Office and act as a client to the email provider and will download and store emails for all employees.  An employee on the network will then make a client request not to the email provider but to the office server for his or her emails.  At this moment the office server has switched  to acting as the email server in the workplace.

In part 3 of this series I will discuss where to locate emails in the E-discovery process and the consequences of the various email server and client policies.