Metadata gets a lot of bad press. Whenever it’s mentioned, someone is getting blistered by hidden data they negligently left in an electronic file.
Metadata is actually a functional and necessary element of files managed by a computer operating system. A computer tags each file with indexable snippets of information such as the file’s creation date and author so that the operating system can properly identify and catalog the file among thousands.
Applications like Microsoft Word also add a few items of metadata to a file such as word count, comment tracking and how many revisions were made on the document.
All of this supplementary information is truly useful, but metadata gets a bad rap when computers clash with the legal system because metadata usually reveals information that was not intended to be seen by others.
For example, in 2004 Microsoft Word’s “track changes” feature revealed that a software company who filed a complaint against DaimlerChrysler had also prepared an identical complaint against Bank of America. In fact, the document revealed the exact minute where someone had deleted “Bank of America” as the defendant and inserted DaimlerChrysler Corp. The Microsoft Word document also exposed several comments between the attorneys drafting the document. These revelations were published by CNET when they obtained the publicly filed Word document.
In 2006, a Microsoft PowerPoint file from Google posted for financial analysts included “speaker notes” that revealed confidential financial projections (see article here)–information that the company routinely protected to a high degree.
Neither of these metadata gaffes were devastating, but they did produce a lot of embarrassing press that I’m sure both companies would have been glad to avoid. The sad truth is that both PR catastrophes could have been avoided if the respective document authors had educated themselves on the basic fundamentals of scrubbing for metadata.
As long as documents stay inside a firm or company, the risks of metadata are minimal. But when documents or files are sent outside the firewall, or posted to a public Website, the risks are notorious.
The most effective method for avoiding the hazards of metadata is to never e-mail an electronic document. A printed document is completely stripped of electronic metadata and can safely be faxed or “snail-mailed.”
Attaching an electronic document to an e-mail, however, has become the de facto method for distributing documents. If you send a Microsoft Word document, your recipient will open the document in their own copy of Word and freely view any comments or hidden information that you inadvertently left in the document.
This is why you’ll hear many strong arguments for converting electronic documents (e.g. Microsoft Word, Excel, etc.) to the Portable Document Format (PDF) before distributing them. PDFs provide significant advantages over Microsoft Word files when sent via e-mail.
First, a PDF will look exactly the way you intended as long as your recipient has at least the free Adobe Reader . If you send a Word document, you may have created the document in Word 2007, but your recipient may still be living with Word 2003. There shouldn’t be any problem viewing the document, but different versions can sometimes clash and misinterpret formatting preferences.
Next, a PDF is hard to edit or modify. Obviously, this isn’t helpful when you intend to collaborate on a document, but if you are sending a finalized draft to opposing counsel or an external customer, you should always convert a Word document to PDF (which can be done through a full version of Adobe Acrobat or one of the many other applications that will “print” PDFs).
If you still insist on sending original, native files via e-mail (e.g. Microsoft Word or WordPerfect), you should employ a metadata “scrubber” to identify and clean out unnecessary metadata. Most of these software scrubbers can be deployed at strategic locations in your workflow, such as when you attach a Word file to an e-mail message and hit send. The software “scrubber” can pop up and gently inquire if you’d like to check that file for metadata before sending.
One of the more popular metadata removal tools for the legal profession is Metadata Assistant from Payne Consulting. Other metadata removal tools include Workshare Protect and iScrub from Esquire Innovations Inc.
Realizing that metadata has routinely given its Office software a bit of a black eye, Microsoft has incorporated more tools into Office 2007 to reveal and clean metadata. Microsoft Office now lets you “inspect” a file for embedded items like comments, versions, annotations, document properties, watermarks and hidden text. You can elect to have the Office application scrub any of this information leaving you with a file that simply contains the content and nothing else.
Regardless of which software you employ to supervise metadata, you should establish official guidelines for how your company and legal department handle electronic documents sent outside the company. It is unwise to play the “metadata lottery” and hope that you will never be embarrassed by rogue metadata.
Metadata continues to gain recognition in the legal world to the point where it is being actively searched. A 2006 ABA Ethics Opinion suggests that lawyers who receive electronic documents are free to look for and use embedded metadata even if the documents came from an opposing lawyer. Note, however, that the Florida Bar and a few other states have taken the exact opposite viewpoint and impose an obligation on a lawyer to NOT try and obtain metadata from an electronic document.
Sending a document with embedded metadata is like sending a supplemental note with your signed Christmas card that tells your recipient exactly where you signed the card, what time you signed it, the writing surface that you used, how long it took you to sign the card, and any off-hand comments you might have thought about your recipient as you signed the card. Some things are better left unknown. Shouldn’t you ensure your electronic documents don’t reveal more than you intend?