By Helen Brown -
Snapshot
- Metadata is technical information stored on a network, computer, device, application, or in an electronic file about a communication.
- Understanding what (and how) information can be disclosed by metadata allows practitioners to safeguard a client’s confidential and privileged information and appropriately manage risk.
- As client confidential information can be disclosed through metadata, best practice necessitates implementing a strategy surrounding the creation, management, archiving and destruction of metadata in all types of communications.
While one notable legal figure may have famously struggled to define metadata when the term first came to prominence, there is no reason why you should be the same a couple of years on. It is important that legal practitioners have some understanding of metadata in order to safeguard a client’s confidential and privileged information. Metadata is:
- technical information (not usually visible to a user);
- stored on a network, computer, laptop, device, application, or in an electronic file (e.g. Microsoft file, Excel spreadsheet, PowerPoint presentation, PDF or image);
- about a voice, digital or electronic communication.
Metadata encompasses a wide range of information, such as:
- electronic documents: email messages, MS Word documents, PDF documents, PowerPoint presentations – metadata tells us who created a document, the date of creation and modification, editing time, type of device, and the software used to create the document;
- digital images: information such as the geographic location and type of camera used (Richard Matthews, Explainer: How Law Enforcement Decodes Your Photos The Conversation) Digital images are metadata-rich: there are typically 460 metadata tags in a digital still camera file format (Camera and Imaging Products Association, Standard of the Camera and Imaging Products Association, Exchangeable Image File Format for digital still cameras Exif version 2.3);
- telephony: the date, time and duration of a communication;
- unencrypted text messages and instant messages: the date and time created, sent and received;
- the IP address of a web page visited, including browser used.