by LUCIANA DURANTI and HEATHER MACNEIL
Abstract
The research project currently underway at the
University of British Columbia's Master of Archival Studies Program
is directed toward identifying and defining the requirements for
creating, handling and preserving reliable and authentic electronic
records. This article provides an overview of the research project,
outlining its objectives and methodology, summarizing its conceptual
analysis, and presenting its major findings to date.
It is generally
recognized that, while computer technology makes the production,
transmission, manipulation, organization, maintenance and consultation
of records easier, faster, and cheaper, it also represents a threat
to their integrity, accessibility and preservation. The difficulties
associated with making and keeping trustworthy records in electronic
form provided the justification for a three year SSHRCC funded
research project which began in April 1994 and which will conclude
in March 1997. The research project, which is being carried out
by a research team from the Master of Archival Studies Program
at the University of British Columbia,"
The methodological approach
of the research project was primarily deductive, that is, it began
with a set of general premises about the nature of records and
then examined those premises to determine whether they were supportablein an electronic environment. The theoretical basis for the general
premises concerning the nature of records and the conditions necessary
for ensuring their trustworthiness were the principles and concepts
of diplomatics, which studies records as individual entities,
and archival science, which studies records as aggregations. Diplomatics
is a body of concepts and methods, originally developed in the
seventeenth and eighteenth centuries, "for the purpose of
proving the reliability and authenticity of documents." Over
the centuries, it has evolved "into a very sophisticated
system of ideas about the nature of records, their genesis and
composition, their relationships with the actions and persons
connected to them, and with their organizational, social, and
legal context."
In order to translate the hypotheses
into functional requirements for the creation, handling and preservation
of reliable and authentic records, it was necessary to explicate
those concepts in implementable terms. It was fortunate, therefore,
to find that the U.S. Department of Defense Records Management
Task Force (DoDRMTF) was actively seeking a theoretical foundation
for its reengineering effort. The DoDRMTF contributed to the UBC-MAS
research methodology its own standard modelling technique, IDEF,
which was useful for the purposes of analysing and graphically
representing the diplomatic and archival concepts, and making
their meaning comprehensible and relevant to system designers.
The templates developed by the UBC-MAS research team provided
the concepts to be represented, while IDEF provided the means
of translating those concepts into activity and entity models
that show the relationships of their components from well identified
viewpoints
Before proceeding to the
conceptual analysis of records which constituted the core of the
research, it is necessary to explain briefly the records managementframework in which that analysis has been situated. The diplomatic
and archival principles and concepts that have been elaborated
and interpreted for the purposes of the research project function
as standards for the design of record-keeping and record-preservation
systems, and for the evaluation of the records produced, used,
maintained, and preserved over the long term in electronic form.
A record-keeping system comprises a set of internally consistent
rules that govern the making, receiving, setting aside, and handling
of active and semiactive records in the usual and ordinary course
of the creator's affairs, and the tools and mechanisms used to
implement them. In other words, record-keeping is "keeping
record of action": as such, it is the presupposition for
the existence and the first object of records management,
which is the management over time, from the creator's perspective
and for its purposes, of the creator's records, of the means used
to control their creation (e.g., classification, registration
and retrieval instruments), and of the human, technological and
space resources necessary to their handling, maintenance and preservation.
Although the management is from the perspective of the creator
and for its purposes, it serves broader social aims which go beyond
the carrying out of specific affairs, encompassing legal requirements,
administrative accountability, social accountability, and historical
accountability. The record-preservation system is a set
of internally consistent rules that govern the intellectual and
physical maintenance by the creator of semiactive and inactive
records over time, and the tools and mechanisms necessary
to implement them.
Within the framework just described, the conceptual analysis of records focused on the definition of three key terms: record, reliability, and authenticity. The research team began its work by identifying and defining the components of a record in a traditional and in an electronic environment using concepts derived primarily from diplomatics. At the heart of diplomatics lies the idea that all records can be analysed, understood and evaluated in terms of a system of formal elements that are universal in their application and decontextualized in nature. This implies that records can and must be identified by their formal constituents, and not by the information they convey. Diplomatic examination shows that an electronic record, just like every traditional record, is comprised of medium (i.e., the physical carrier of the message), form (i.e., the rules of representation that allow for the communication of the message), persons (i.e., the entities acting by means of the record), action (i.e., the exercise of will that originates the record as a means of creating, maintaining, changing, or extinguishing situations), context (i.e., the juridical-administrative framework in which the action takes place), archival bond (i.e., the relationship that links each record to the previous and subsequent one and to all those which participate in the same activity), and content (i.e., the message that the record is intended to convey). However, with electronic records, those components are not inextricably joined the one to the other, as in traditional records: they, and their parts, exist separately, and can be managed separately, unless they are consciously tied together for the purpose of ensuring the creation of reliable records and the preservation of authentic records.
With electronic records, the medium is a separate physical part of the record, which is not meant to convey meaning, but whose exclusive purpose is to provide a support for the message. While a record does not come into existence until it is affixed to a medium, the neutral character of the medium in electronic records is vital to their survival, because all media designed to carry magnetically or optically affixed signals have very limited longevity, due not only to the deterioration of the material, but also, and primarily, to the obsolescence of the technology necessary to read them. The obvious implication is that the preservation of electronic records requires repeated and continuing reproduction. If the medium were meant to convey meaning per se, each reproduction would be a simple transcription of the content, with notable loss of information and authority. However, because the medium of electronic records is not imbued with meaning, each record reproduction in which the only component that changes is the medium can be taken to be a complete and effective record identical to the one that it reproduces.
A similar issue arises with the group of record characteristics that constitute its physical form. Physical form comprises the formal attributes of the record that determine its external make-up. It includes script (e.g., type font, format, inserts, colours, etc.), language, special signs (e.g., symbols indicating the existence of attachments or comments, mottoes, emblems, etc.), seals of any kind (including digital signatures, time-stamps, etc.), the configuration and architecture of the electronic operating system, the architecture of electronic records, the software, etc., that is, all those parts of the technological context that determine what the document will look like and how it will be accessed, and that, in electronic systems, are mostly "transparent," or invisible, to the user (whoever the user might be, author, addressee, or other).
Because the components of the physical form of a record are intended to convey meaning, any change in any of them generates a new and different record. This again has implications for the preservation of electronic records. Digital technology becomes obsolescent every few years, that is, radical changes take place in the configuration and architecture of electronic systems, such as the shift from a flat file concept to a hierarchical or a relational database concept. When this happens, all records generated in the obsolescent environment must be migrated to the new one, otherwise they will become inaccessible and, for all purposes and consequences, non-existent. Migration is different from copying, in that the latter is a complete reproduction of both the content and formal elements of the records (e.g., microfilming, photocopying, or transferring the same strings of bits from a magnetic tape to another), while the former is a reproduction of the content of the record, with changes in configuration and structure (e.g., imaging of analog records, or transferring of hypertext records from one database to another having a different configuration). While, after migration, the resulting records may look like the ones that have been migrated, their physical form has substantially changed, with loss of information on the one hand, and addition of new information on the other hand.
All the above implies that every process of migration must be self-authenticating. If the records are still needed by the records creator for the usual and ordinary conduct of its business, the continuing reliance of the creator on the products of the migration process by itself authenticates them. If the records are no longer needed by the records creator in the course of its business, the migration process will have to be carried out by a neutral party (e.g., a professional archivist employed by the institution or program that is competent for the permanent preservation of the records in question), and its products will need to be verified and authenticated: they would thus become authentic copies
Content articulation includes primarily elements that, in traditional documents, are called "intrinsic." With electronic records that are transmitted across electronic boundaries, the most important of those elements, that is, those referring to persons, administrative context, and action (e.g., superscription
Annotations include the "record profile," which is an electronic form that is generated when the order is given to the system to send or to close an electronic record. As an annotation it is inextricably linked to the record for as long as the record exists. It should contain all the elements of intellectual form necessary to uniquely identify a record and place it in relation to other records belonging in the same aggregation. Thus, it should represent the conceptual place where the administrative-documentary procedure joins with intellectual form, and where all components of intellectual form converge together. In fact, depending on whether a record is made or received, it should include most of the following elements: register number (if applicable), date of record, date and time of receipt, date and time of transmission (either across space or across time, that is, to the system itself), state of transmission (i.e., whether the record is a draft, an original or a copy), mode and medium of transmission, archival date (i.e., the date on which the record becomes part of a dossier or class), register number of sending office (if applicable), names and addresses of creator, originator, author, writer, addressee and any other recipient, action or matter, attachments, security protection type and means, information configuration, medium, type of file (e.g., WP, MS, Excel, Mime encoded), handling office, action taken, class code, dossier identifier (if applicable), record item identifier, and other elements required by the specific creator or activity. In electronic records systems designed to produce the record profile annotation for each record sent or closed, most of the fields listed above would be directly filled by the system itself on the basis of 1) the record header, 2) the electronic space in which the document is made or received, 3) the competence
With regard to the persons concurring in the production of electronic records, the requirement for atomic control presented by this type of record imposes a multiplication of the persons of which a diplomatist/archivist needs to keep track. Diplomatics says that, while many persons may take part in the creation of a record (among them, witnesses and countersigners), only three persons are necessary to its existence, that is, the author (i.e., the person having the authority and capacity to issue the record or in whose name or by whose command the record has been issued), the addressee (i.e., the person to whom the record is directed or for whom the record is intended), and the writer (i.e., the person having the authority and capacity to articulate the content of the record).
However, the integration of the components of traditional records is such that, once the author, addressee and writer are identified, the creator and the originator are obvious. It is not so with electronic records. Creator and originator need to be identified for each electronic record made or received and set aside for action or reference, the creator being the person producing the archival fonds in which the record in question belongs, and the originator being the person owning the electronic address or space in which the record has been generated (i.e., from which the record is transmitted or in which the record is compiled and closed).
The primary reason for the identification of the creator in connection with each electronic record relates to preservation over time. In fact, while the records are in the live electronic system in which they are produced, their creator is easily identifiable as the person having jurisdiction over the system for making, receiving and accumulating records in the conduct of business. But, once the records are taken out of the system, their location on a storage medium and in a given storage facility is no longer meaningful for the purpose of identifying their creator. In an ideal system, the identity of the creator of an electronic record would be revealed by a visual, or presentation, component of the record profile form attached as an annotation to each record item, such as a logo or a crest.
The primary reason for the identification of the originator in connection with each electronic record is that such person may be different from the author or writer of the record, especially when a record has multiple authors but only one of them is responsible for its transmission: the issue relates primarily to responsibility and accountability. The identity of the originator of a record electronically transmitted is in the header of the mail message, while that of the originator of a record that has not crossed electronic boundaries is included by the system in the record profile and corresponds to the name of the owner of the electronic individual space in which the record is closed.
The action is the core component of every record, regardless of its medium and form. An action is any exercise of will which aims to create, change, maintain or extinguish situations. A special type of action is a transaction, which is an action between two or more persons, aiming to change the relationship existing between them. The relationship between an electronic record and the action in which it takes part is usually revealed by the conceptual position that the record occupies in the dossier or the class of records to which it is connected by a classification code. Such relationship may be similar in nature to the relationship that traditional records have with juridical acts: dispositive (when the record is the essence of the act, which comes into existence with the creation of the record: e.g., the electronic records admitting patients to a hospital), or probative (when the record is proof of an act which is complete before the creation of the record: e.g., the electronic lists of registered voters).
However, most electronic records have a supporting function with respect to the action in which they take part. For example, a geographical informational system, that is, a relational database which presents data in a geographic arrangement, contains only documents (i.e., information affixed to a medium in an objectified and organized way, according to specific rules of representation), information (i.e., a meaningful group of data intended for communication, either across space or through time), or individual data (i.e., the smallest meaningful recorded facts). However, it can itself be considered a record, if its function as a database is to support a specific business activity (it does have all the necessary components of a record when it is regarded as a unit), and can produce documents that, once extracted from it and linked to other records of action, become records (e.g., a representation of the intensity of traffic in a given place that is attached or linked to a report containing recommendations for the regulation of city traffic). Another large portion of electronic records has a narrative function, that is, it does not relate to business activity other than by being expression of the way in which individuals set themselves to work and go through the informal motions of carrying out activities and decision making. While they are records themselves, they are not procedurally bound to action in the way in which the other types of records are, but relate to it in an indirect way. Supporting and narrative records are records whose existence is not required by the juridical system, but that are generated by their author for his or her convenience and by choice.
Context refers to the juridical-administrative framework in which the action takes place. With electronic records it is essential not to confuse the technology context with the administrative one. For example, there is not such a thing as "shared electronic records." While there can be "shared databases," which contain documents, information, or data accessible to many persons, each database is the responsibility of only one juridical person (and this can be a consortium of persons), and each person who uses documents, information, or data contained in a shared database in the course of its own activity generates with them in its own electronic system its own electronic records. The other point to be made in this regard is that electronic records are not generated every time a database is queried, but only when this is done in the context of a business action and both the query and the reply become part of the records of such action; in other words, most electronic "transactions" are not related to business actions and do not generate records. Ultimately, the key to the existence of an electronic record is the archival bond.
The archival bond, which refers to the link that every record
has with the previous and subsequent one in the conceptual net
of relationships among the records produced in the course of the
same activity, is an essential component of the record, in keeping
with our understanding that records are necessarily composed of
documents and the complex of their relationships. It is originary
(i.e., it comes into existence when the record is made or received),
necessary (i.e., it exists for every record), and determined (i.e.,
it is characterized by the purpose of the record).
In a sophisticated electronic system, both annotations would be included in the record profile, thereby fixing the record's relations and stabilizing them at the point of its incorporation into the central record system. In systems that are not designed specifically for keeping records, classification code or filing identifier and, if applicable, registration number are part of the metadata which constitute the data dictionary.
Content refers to the message the record is intended to convey. The content of an electronic record, for the record to exist at all, must be fixed and stable. This implies that so-called "virtual documents" cannot be considered records in the electronic environment. A virtual document consists of pointers to data residing in different locations within a database, or in multiple databases. While it is possible to see on a computer monitor the document resulting from the assembly of those data in a meaningful form, this document does not exist as such until its components are actually joined together in an inextricable way, that is, until the content of the document is explicitly articulated in a fixed form. This is different from what happens with traditional records, where a document constituted of pointers to information contained in other documentary sources is a record of the sources to be used to make another record. With electronic documents, the pointers lead to data which--being contained in databases that, by their nature, are dynamic--may vary over time. Thus, a virtual document lacks stability and may be ten different documents in a ten minute time span.
The characteristics of electronic records as articulated
by diplomatics and archival science constitute the conceptual
basis for establishing first, whether the electronic system we
are confronted with contains records, and second, whether these
records can be considered reliable and authentic. As it regards
the second issue, it is necessary to specify what is intended
by reliability and authenticity.
Reliability refers to the authority and trustworthiness of records as evidence, that is, their ability to stand for the facts they are about. Reliability depends upon two factors: the degree of completeness of the record's form and the degree of control exercised over its procedure of creation. The completeness of the form of the record refers to the fact that the record possesses all the elements of intellectual form necessary for it to be capable of generating consequences. Traditionally, no record can be considered complete if it does not contain in its intellectual form the date (which expresses the relationship between the record and its author, and between the fact observed in the record and its observer), and the signature (which assigns responsibility for the record and its content, and makes of the record a fact to be observed). With electronic records, the date given to the record by its author is not sufficient to make a record complete: the date and time of transmission to either an external or internal addressee, or the date and time of transmission to the dossier or class in which the record belongs is necessary. Moreover, the signature, whether typed or handwritten, cannot fulfill its traditional function because it can be attached to the record by anyone without possibility of verifying its authenticity, thus it does not contribute to the record's completeness. With electronic records, the function of the signature is accomplished either by the name contained in the header of mail messages or in the profile of other record types and/or by electronic seals or so-called "digital signatures," which do not have the form of signatures at all.
Procedure of creation refers to the body of rules governing the making, receiving and setting aside of records:
The other kind is directed toward verification and
includes one primary method. It consists of designing within the
electronic system an "audit trail", that is, the automatic
recording of all interactions with records, so that any access
to the system can be documented as it occurs, be it a modification
made to a record, a deletion, an addition or a simple viewing
of a record. Other rules governing the making, receiving and setting
aside of records refer to their routing,
Control over the records creation process is strengthened
even further by the integration of these record-keeping rules
with specific business processes. Integrating business and documentary
procedures includes: identifying all the business procedures within
each agency function; breaking each procedure down into its standard
six phases (initiative, inquiry, consultation, deliberation, deliberation
control, execution
Reliability and the methods for guaranteeing it are linked
exclusively to records creation.
In relation to transmission, however, the main difference between traditional and electronic records relates to the state of transmission. The state of transmission of a record refers to its degree of development and authority, that is, its primitiveness, completeness, and effectiveness when it is initially set aside after being made or received. This state can be either draft, original, or copy. A draft is a temporary compilation of a document intended for correction; drafts may be in various stages of completion. A copy is a reproduction of a record made either from an original, a draft or another copy. An original is the first complete and effective record. In other words, in order to be original, a record must present three characteristics: completeness (i.e., its form must be the one intended by its author and/or required by the juridical system), primitiveness (i.e., it must be the first to be produced in its complete form), and effectiveness (i.e., it must be capable of reaching the effects for which it was produced). With electronic records, the state of transmission is assessed in relation to their routing. Any record that is neither transmitted to an addressee nor consigned to the dossier or class to which the record belongs within the central records system (i.e., the archives or archival fonds of the creator), but that is saved in the electronic space in which it is made, is to be considered a draft because it is incomplete: in fact, the act of transmitting a record across either external or internal electronic boundaries necessarily adds components to the record which makes it complete (among these, the date of transmission and the "superscription," that is, the identity of the originator and/or author). Any record that is transmitted is received as an original, but it is saved in the space of the originator as a final draft, because, although the system will add to it the time of transmission and the identity of the originator, this record is not capable of reaching its purpose and lacks effectiveness (the system saves to the space of the originator--the individual space--a copy of every record transmitted, even if this, for whatever reason, never reaches the intended address). Every time a person retrieves a record from the central records system, he or she has a view of the original--in the case of a record received or an internal record--or of the last draft--in the case of a record sent. If the person copies the record to his or her own space, the result is an imitative copy rather then a copy in the form of original, because some of the metadata, or of the data about the record contained either in the record profile or elsewhere in the system, change. Every time a person forwards a record to another person, he or she creates an insert of the type of a vidimus, and so on. The basic concept is that, with electronic records, the state of transmission is assessed on the basis of the way in which electronic transmission affects the form of the records, every aspect of it, including the annotations (e.g., the data included in the profile or the data included in the data directory and the data dictionary).
In relation to preservation and custody, the main difference between
electronic records and traditional records is that the latter
are kept authentic by maintaining them in the same form and state
of transmission in which they were when made or received and set
aside, while the former are kept authentic by continuous copying
and periodic migration. Thus, no electronic record will ever survive
for more than a decade in its original form (the term "survival"
does not refer exclusively to physical existence, but includes
readability and intelligibility). The authenticity of electronic
records in the long term can only be ensured by self-authenticating
processes of reproduction from one medium to another and of conversion
from one digital technology to another; by the reliability of
the person or office entrusted with the authority and the capacity
of carrying out the reproduction
The processes need to be approved, validated, and periodically audited by a higher authority external to the records creator, and the person or office responsible for their accomplishment must be invested with the ongoing competence for those processes by the same controlling authority (moreover, as mentioned earlier, such person or office must be a neutral third party). As to custody, now more then ever it shall be the exclusive competence of professional archivists, for three reasons:
The main conceptual findings that emerge from the analysis
described above may be divided into two categories: 1) specific
methods for ensuring the reliability and authenticity of electronic
records
As it regards methods for ensuring the reliability and authenticity of electronic records, the major findings may be summarized as follows:
As it regards broader management issues relevant to the maintenance and preservation of reliable and authentic records, the major findings are as follows:
However, the continuum approach has fostered
at best an integration and at worst a confusion of responsibility,
accountability and jurisdiction for records that fails to recognize
very real differences in the maintenance of active, semiactive
and inactive records, differences that are more, rather than less,
significant in an electronic environment. For example, in one
of his interpretations of the continuum model, David Bearman writes:
"The records continuum...can help reunify recordkeeping around
its proper focus, the documented event.... as it...places the
issue of control of the record from the moment of its creation
within the context of the event that gave rise to the record and
the organisation or person whose activity it documents."
Secondly, the "descriptions" of the records generated by the records creator -- "metadata" in electronic systems-- have the purpose of identifying the records in the atomic context of the activities in which they participate and of the uses made of them, and are themselves records of the data that the creator needs about its own records. Being contemporary to the records, such "descriptions" put into being and manifest the archival bond at the item level, and come into existence for all the records created. On the contrary, the descriptions of the records that are made by the archival preserver come into existence only for the records that have survived after their administrative usefulness to the creator has been exhausted, and are meant to identify the records as historical aggregations (i.e., formed over time) in their evolving administrative and documentary context, and to show the records aggregations as they present themselves once their internal relationships are stabilised. Metadata may well obviate the need for description below the series level but it does not obviate the need for description at the series level and higher.
Thirdly, the selection of the records -- particularly of electronic records -- is carried out at the item level when the records are in formation, driven only by the specific action and information needs of the person handling an affair; then it is carried out at dossier level once the affair in question is concluded, according to a predisposed timetable built on the basis of the needs and requirements of the creator and in the context of the specific activity to which the dossiers relate. On the contrary, when the records become inactive, they are selected in a much broader context, which often goes beyond that of the creator, and takes into account more general and long term purposes.
Finally, the accessibility of records within the jurisdiction of the creator is exclusively on the basis of the competence and need to know for action purposes of the person requiring access, while the dissemination of inactive records is mostly for purposes different from those generating them.
All the above aims only to point out that, while activities conducted on records during their active and semiactive periods and during their inactive period may be called by the same name, such as maintenance, description, selection and dissemination, they are fundamentally and substantially different, besides being different as to perspective. This is the more so with electronic records, whose different attributes in the various periods of their life cycle are not so clearly visible and recognisable and need therefore a proactive effort of identification. However, the statements above should not be taken to imply that archivists should not have a say in the first part of the life cycle. On the contrary, this research has demonstrated that the knowledge which belongs to and identifies the professional archivist, and is constituted by diplomatics and archival science, is indispensable to the design of records systems and record-keeping and -preservation systems capable of serving the business and accountability needs of a record creator so that its records will be created reliable and maintained authentic as long as they are needed for action or reference. By the same token, the knowledge that the creator has of its own records is essential to the archivist who needs to plan a migration platform for them. But, ultimately, different parties are and should be accountable for different functions: the creator should be accountable for its action through its records, the preserver should be accountable for those records. This division of responsibility is what ensures the authenticity of inactive records and makes of them the impartial sources that society needs.
The questions the UBC-MAS project
raises about the adequacy of the continuum concept as the intellectual
basis for developing means of protecting the integrity of inactive
records are not insignificant when one considers the centrality
of such concept to contemporary approaches to the management of
electronic records. It is, for example, at the heart of the recently
completed "Recordkeeping Functional Requirements Project"
at the University of Pittsburgh. The Pittsburgh Project was a
three year NHPRC funded research project, the purpose of which
was "to develop and test recordkeeping functional requirements
and their applicability in electronic recordkeeping systems."
The different perspectives taken in the two projects are undoubtedly
a consequence of the different methods
The difference in methods
is also reflected in the way in which concepts have been defined
and terminology chosen and used. The meaning of key terms can
be defined in one of two ways. It can be defined for the purpose
of the project at hand (writers of legislation, for example, often
adopt this approach), or it can be taken directly from the traditional
use and understanding existing in the context of the body of knowledge
in which the terms have been developed. While the Pittsburgh project
has chosen the former approach, the theoretical choice made by
the UBC-MAS project has imposed the latter approach. As a consequence,
fundamental concepts, such as record, are defined by each
project in substantively different ways.
Although their differences are fundamental and, likely, irreconcilable, given the radically different perspectives, methods and assumptions on which they are based, the two projects share a common purpose: ensuring the integrity of electronic records. Implementation of the two models in a variety of organizational settings will demonstrate which approach offers the most effective means of achieving that purpose.
As a consequence of its findings concerning the necessity of adopting a two-phase life cycle approach to the management of electronic records, the same research team at UBC is now in the process of proposing another research project that will assume the point of view of the records preserver. Its overarching goal will be to identify, on the basis of diplomatic theory and archival science, a comprehensive methodology, applicable across juridical systems, cultures and technologies, for preserving the integrity of electronic records from the moment in which they are no longer needed by the body producing them and for as long as they are needed by society at large. Its specific objectives are:
The UBC-MAS research project was undertaken to test the validity of traditional diplomatic and archival concepts in the brave new world of electronic records. The conceptual analysis of electronic records and the project's findings confirm that the concepts continue to have resonance and, in fact, provide a powerful and internally consistent methodology for preserving the integrity of electronic records. At the same time, situating the analysis within a knowledge engineering framework has resulted in a fruitful re-examination and adaptation of diplomatic and archival concepts in light of the electronic records reality and helped to breathe new life into archival theory, methodology and practice.
1 The UBC research team comprises Luciana Duranti as principal investigator, Terry Eastwood as co-investigator and Heather MacNeil as research assistant. << return to text>>
2 Luciana Duranti and Terry Eastwood, "Protecting Electronic Evidence: A Progress Report," Archivi & Computer 5:3 (1995): 214. Hereafter "First Progress Report." << return to text>>
3 Ibid., 215 << return to text>>
4 Progress reports have been issued by members of the research team at various stages in the project. See Duranti and Eastwood, "First Progress Report,"213-50; Luciana Duranti, Heather MacNeil and William E. Underwood, "Protecting Electronic Evidence: A Second Progress Report on a Research Study and Its Methodology, Archivi & Computer 6:1 (1996): 37-70; Luciana Duranti and Heather MacNeil, "Protecting Electronic Evidence: A Third Progress Report on a Research Study and Its Methodology," Archivi & Computer 6:5 (1996)(forthcoming). << return to text>>
5 "First progress report," 214-15. << return to text>>
6 Term definitions and templates are included in ibid., 213-33. << return to text>>
7 Although valid for managing also non-corporate, i.e., personal, fonds, the model would have to be much more simplified because considerations of administrative and public accountability do not impinge on individuals in the same way they impinge on corporate bodies. For example, the reliability and authenticity of a record created by a private person will be determined in relation to its form, not its procedure of creation or its transmission. Such authenticity will only be tested when the individual record is presented for some specific purpose. << return to text>>
8 The activity and entity models, the glossary, and the rules associated with the activities are available for viewing at the UBC-MAS Research Project home page at http://www.slais.ubc.ca/users/duranti. << return to text>>
9 Semiactive records fall within the purview of both the record-keeping system and the record-preservation system. The record-keeping system is concerned with semiactive records as they relate to active records and the carrying out of the actions for which the records were created. The record-preservation system, on the other hand, is concerned more generally with locating, retrieving and preserving semiactive records for the creator's reference purposes. << return to text>>
10 An authentic copy is "a copy certified by officials authorized to execute such a function, so as to render it legally admissible in evidence." See Luciana Duranti, "Diplomatics: New Uses For An Old Science," Archivaria 28 (Summer 1989):21. << return to text>>
11 An imitative copy "reproduces, completely or partially, not only the content but also the forms, including the external ones (layout, script, special signs, medium and so on), of the original [record]." See Ibid., 20-21. << return to text>>
12 A simple copy "is constituted by the mere transcription of the content of the original." A vidimus falls within the category of an authentic copy and takes the form of an insert, i.e., a document "entirely quoted (if textual) or reported (if visual, like maps) in subsequent original documents in order to renew [its] effects. ...An authentic copy in general and a vidimus in particular, only guarantees the conformity of the copy to the original text." See ibid., 21, 26 (#.38, #39). << return to text>>
13 The superscription is "the mention of the name of the author of the document and/or the action. See Luciana Duranti, "Diplomatics: New Uses for an Old Science (Part V)," Archivaria 32 (Summer 1991):12. << return to text>>
14 The incription is the mention of "the name, title and address of the addressee of the document and/or action." See ibid.:12. << return to text>>
15 The protocol is the first of three physical subsections of a document. It "contains the administrative context of the action (i.e., indication of the persons involved, time and place, and subject) and initial formulae". See ibid.:11. << return to text>>
16 The eschatocol is the last of three physical subsections of a document. It "contains the documentation context of the action (i.e., enunciation of the means of validation, indication of the responsibilities for documentation of the act) and the final formulae." See ibid.:11. << return to text>>
17 Competence is a sphere of functional responsibility entrusted to an office or officer. << return to text>>
18 Access privileges refer to the authority to compile, classify, annotate, read, retrieve, transfer, and destroy records, granted to officers within an agency. << return to text>>
19 Giorgio Cencetti, "Il fondamento teorico della dottrina archivistica," Archivi II, VI (1939): 8, reprinted in Giorgio Cencetti, Scritti archivistici (Rome: Il Centro di Ricerca editore, 1970), 39. Jenkinson uses the term "interrelatedness." See Hilary Jenkinson, "Introductory," in Public Record Office, Guide to the Public Records, Part I (London: Public Record Office, 1949), 2. << return to text>>
20 In many European countries, the registration of incoming and outgoing records in a register has, for centuries, ensured reliability by tracking all the records sent and received by an agency and, within that scope, mapping all the actions associated with a matter and the way it was disposed. In the UBC-MAS project, the establishment of registration procedures, which include maintaining an electronic protocol register, has been identified as one of the rules of the recordkeeping system. As an instrument of documentary control, the protocol register is designed to serve both records management and accountability purposes. At the same time, it is a valuable instrument for capturing documentary context, since it reflects the relations among all the records that have entered and exited the agency. << return to text>>
21 For a more detailed discussion of these concepts, see Luciana Duranti, "Reliability and Authenticity: The Concepts and Their Implications," Archivaria 39 (Spring 1995): 5-10. << return to text>>
22 Ibid., 6. << return to text>>
23 The routing of electronic records involves establishing the boundaries of general, group and individual space within the electronic system by defining in which of these spaces records may be made, received, registered, classified, revised, stored and so on. << return to text>>
24 See Luciana Duranti, "Diplomatics: New Uses For An Old Science," Archivaria 31 (Winter 1990-91): 14-19. << return to text>>
25 Reliability, it should be pointed out, is also a matter of degree. The methods identified by the UBC-MAS research team are designed to achieve the maximum degree of reliability. Individual records creators will have to determine for themselves the degree of reliability required for each type of record created, depending on the business purposes the record serves and the legal requirements associated with it. The methods described here will be, necessarily, selectively applied. << return to text>>
26 This is of course a responsibility involving supervision over and accountability for the technical work. << return to text>>
27 The detailed rules developed by the project may be found on the home page of the project and in the third and fourth progress reports on the project published in Archivi & Computer 6:5 and 7:2. << return to text>>
28 The records system and its components are defined earlier in this article. See pp. 5-6, supra. << return to text>>
29 Protecting authenticity may even run counter to narrowly defined agency interests. A recent example is the alleged tampering of documents relating to the Somalia affair by staff of the Canadian Department of National Defence. << return to text>>
30 For a detailed discussion of the significance of archival custody to the authentication of records over time, see Luciana Duranti, "Archives as a place,"Archives and Manuscripts 24:2 (November 1996):242-256 and Terry Eastwood, "Should Creating Agencies Keep Electronic Records Indefinitely?" ibid.:268-85. << return to text>>
31 The main features of the continuum approach as it has developed in North America are outlined in Jay Atherton, "From Life Cycle to Continuuum: Some Thoughts on the Records Management-Archives Relationship," Archivaria 21 (Winter 1985-86):43-51. << return to text>>
32 David Bearman, "Item Level Control and Electronic Recordkeeping," paper delivered to the annual meeting of the Society of American Archivists, San Diego, Calif., 29 August 1996, p. 23. << return to text>>
33 Ibid., 22. << return to text>>
34 Richard J. Cox, "Putting the Puzzle Together: The Recordkeeping Functional Requirements Project at the University of Pittsburgh; A Second Progress Report," in University of Pittsburgh Recordkeeping Functional Requirements Project: Reports and Working Papers: Progress Report Two (Pittsburgh: School of Library and Information Science, University of Pittsburgh, March, 1995), 1. << return to text>>
35 The methods adopted by the Pittsburgh research team have been discussed by Seamus Ross in his "Commentary on the Pittsburgh University Recordkeeping Requirements Project: A Progress Report (Delivery Draft)," a paper presented at the Society of American Archivists' Annual Meeting in Washington, D.C., September 1995. << return to text>>
36 The functional requirements are justified on the basis of "cultural warrant" and validated on the basis of case studies of "organizational culture." The investigations of both cultural warrant and organizational culture focus exclusively on American recordkeeping practices and requirements. See Richard Cox, ed., University of Pittsburgh Recordkeeping Functional Requirements Project: Reports and Working Papers (Pittsburgh: School of Library and Information Science, University of Pittsburgh, September 1994, March 1995). << return to text>>
37 Although the concept of record is clearly central to the Pittsburgh project, it is somewhat difficult to locate in the literature presenting it a clearly identifiable definition of record. Records are sometimes described as "recorded transactions providing evidence" and at other times as "evidence of transactions." See Richard Cox, ed., University of Pittsburgh Recordkeeping Functional Requirements Project: Reports and Working Papers (Pittsburgh: School of Library and Information Science, University of Pittsburgh, September 1994, March 1995), passim. In the first formally published mention of the Pittsburgh project, David Bearman, who served as the consultant to the Project, defines an electronic record as "information that participates in 'transactions.'" See David Bearman, " The Implications of Armstrong v. Executive [sic] of the President for the Archival Management of Electronic Records," American Archivist 56:4 (Fall 1993):683. Despite these slight differences in wording, the definitions are consistent in their focus on the concepts of "evidence" and "transaction" as the defining features of a record. A single, standard definition of each of these concepts does not appear to have been developed for the purposes of the Pittsburgh project. In the glossary developed for the purposes of the UBC-MAS project, record is defined as "any document created by a physical or juridical person in the course of practical activity." Key terms used in the definition, e.g., document, juridical person, are also given separate definitions in the glossary. See Appendix C, Third Progress Report, or view the UBC-MAS Research Project home page. << return to text>>
38 In a commentary delivered at a session on the Pittsburgh project at the 1995 meeting of the Society of American Archivists, (Washington, D.C., 31 August 1995), P.C. Hariharan discussed some of the inadequacies of the project's method of defining functional requirements. << return to text>>
39 Personal fonds containing electronic records will be more easily accomodated in the proposed project since it will adopt the point of view of the archivist preserving the records. The point of view of the creator of the records is not relevant to the purposes of the proposed project. << return to text>>