| | |

Sensitive Documents – Lessons

This week was interesting for many reasons. First, it feels like Donald Trump may have finally lost his ability to run for president in 2024. It feels as though he was so grossly irresponsible with sensitive government documents that it could not only cost him his political career but likely land him in jail.

While he was at the top levels of government and likely had authority to view those documents while in office, I think the biggest stink is that he wasn’t returning them within a timely manner and the National Archives was getting a little antsy. I can see that they need to keep track of where those documents are at all times and having any classified documents outside of a controlled secure environment seems, at minimum, incredibly irresponsible and reckless, though it is unclear of the sensitivity of the documents.

Obama had 30M documents outside of the white house but those documents were reportedly all unclassified, though they could’ve have been unclassified by Obama himself before he removed them.

Surely if there was bad intent or espionage at foot, Trump could’ve just copied everything, turned over the originals and just done whatever he wanted. I blame the process and whoever might be keeping track of where the documents go. Surely Trump didn’t pick up those boxes himself and walk them out. Lack of security on multiple levels, but not excusing his reluctance to respond quickly to formal requests for documents. I don’t think an espionage charge is going to stick.

This only validates the need for any business to track information including who has access to it, where it is stored and rank content based on sensitivity. Categorizing data as trade secrets, for example, and having confidentiality agreements in place can help keep things organized. Many companies share data between global employees and contractors, making it even more difficult to track data and have legal power to enforce the rules.

I received a random notice a few months ago from Google that someone put in a request to download all of my data via a service called Google “Takeout” and scheduled regular exports of that data. Surprisingly, it seems the Google Takeout service does not have two factor authentication prior to requesting downloads or scheduling data exports. Anyone could hack into someone’s account and download off of their Google data. #google

Similar Posts