There are different reasons why organisations have to consider destroying records. Every time you do so, does not necessarily mean that you are breaking the law. The reasons include the following:
- Routine records destruction programs.
- Manual cleaning of the files: Many companies “clean up” their e-mail periodically by asking employees to clean out their inboxes and having administrators remove archives. Often, this action is driven by a concern that old e-mail represents a lingering liability in the event of litigation. While this clean up action may be prudent, deleting e-mail in this way raises concerns especially if (i) the e-mail is not deleted in terms of a document retention and destruction policy or (ii) the company is in the process of litigation.
- Auto-deletion: Typically auto-deletion of e-mail is by necessity based on non-content based criteria such as message size or age. Neither of these criteria will in all likelihood survive a court challenge, as the statutory record retention requirements are based on the relevance of the content of the record. Usually, the only way to determine this is by manual inspection of the content.
- Intentional record destruction: In order to prevent the other party from using the evidence against you.
- Inadvertent destruction of a record or acts of omission: I.e. doing nothing to prevent the destruction of e-mail. This can happen for example where one fails to stop backup tape rotation, reformatting the laptop of a former employee for a new employee and deleting old e-mail.
There is also no such thing as “perfect records retention”
By virtue of the above, it is clear that there is also no such thing as “perfect records retention“. So what then are the legal effects of destroying records? There is a difference between destroying a record that the law says you must retain and one which you destroy in the ordinary course of business.
Records the law says you must retain
There are several other consequences of destroying records the law says you must retain:
- You will be penalised if there is a penalty for destroying that document;
- The record might be rejected by regulators such as the JSE, FSB and SARS;
- The destruction might make it impossible for you to derive a benefit (e.g. VAT invoices may be disallowed for purposes of claiming input VAT);
- It may lead to a penalty; and
- It may constitute an offence (See for example the “Regulations for the Retention and Preservation of Company Records, 1983” as promulgated under Government Notice R2592 of 25 November 1983 in terms of the Companies Act 61 of 1973.)
An example of an Act which makes destroying records an offence before the end of its statutory retention period is contained in section 90 of the Promotion of Access to Information Act 2 of 2000 (PAIA). Section 90(1) provides that “a person who with intent to deny a right of access in terms of this Act – (a) destroys, damages or alters a record, (b) conceals a record, or (c) falsifies a record or makes a false record, commits an offence and is liable on conviction to a fine or to imprisonment for a period not exceeding two years.
Destroying records in the ordinary course of business
It is not a criminal offence to destroy a document unless the law requires you to retain it and that law specifically makes it an offence to do so.
Destruction is an acceptable stage in the records life cycle: You may destroy or delete electronic information when there is no continuing value or need to retain it.
Retaining superfluous electronic records has associated direct and indirect costs and burden that go well beyond the cost of additional electronic storage. In a presentation at the Association for Records Managers and Administrators (ARMA) conference in 2005, it was identified that up to a third of all information residing on corporate servers is either a duplicate or a non-record, and could be immediately destroyed. The direct costs of storage include additional disk space, bandwidth, hardware, software, back-up and archival systems and the cost of their related media migration requirements and possibly even storage area networks to store such records. The cost of storage alone can be significant, particularly where minimum standards exist concerning the storage media for such information.
The indirect costs include the cost of technical staff for maintaining these records, the cost of personnel classifying such information, and the potential cost of outside counsel to review and exclude irrelevant electronic information in the discovery process.
Systematic deletion of electronic records is not synonymous with tampering or spoliation of evidence
To the contrary, carrying out a formal disposal program based on sound retention principles is good business practice.
- Absent a legal requirement to the contrary, companies may adopt programs that routinely delete certain recorded communications, such as e-mail, instant messaging, text messaging and voicemail.
- Absent a legal requirement to the contrary, companies may recycle or destroy hardware or media that contain data retained for business continuation or disaster recovery purposes.
- Absent a legal requirement to the contrary, a company is not required to preserve all metadata.
In the ordinary course of business, organisations routinely migrate information from one form to another. For example, some organisations use a printed or imaged document as the final or official version of a record. Printing an electronic document to an image (such as .tif or .pdf formats) or paper can eliminate some or all of the metadata associated with the electronic version of the document. This metadata can include system information (such as file identification tags) or it can contain potentially more meaningful information (such as author, editors, and dates associated with creation, editing or printing of the file).
Each company needs to understand which metadata needs to be retained for legal and business reasons.
Adverse inferences being drawn by courts
If an opponent in a court case has asked company X to retain a document, or company X should have foreseen that it was going to be required in evidence, the court can draw an adverse inference against company X and find that company X did not take the court into its confidence. This could result in the court not believing company X’s version of events and rejecting its evidence either in whole or in part. If company X is unable to prove its case because of this, its claim might fail, or it may conversely fail to successfully defend a claim brought against it.
The fact that a would-be “deleter” tried to delete relevant information will spur ancillary arguments around company X’s Records Management Policy. Moreover, benign attempts to “clean the files” may be regarded as suspicious if litigation later arises.
Delay in implementing the routine destruction of records may expose company X to allegations of document destruction. Companies who do not have records destruction policies will be unable to defend any allegations that they tried to break the law or were trying to hide improper behaviour. Its formal document management policy will state that it is the policy of the business to retain all relevant documents and comply with all applicable law.
The question therefore arises as to when company X is under legal duty to stop destroying records or documents (including e-mail) in terms of its document retention and destruction policy? The duty to stop starts when legal proceedings are reasonably anticipated. An adverse inference would in all likelihood be drawn if the destruction takes place after legal proceedings have been instituted. In terms of South African law, unless otherwise provided by statute, the court would in all probability look at the intention of the party in respect of the destruction. That intention could also be drawn from circumstantial evidence.