IETF LLC Records Retention and Management Policy
The IETF LLC Records Policy is to ensure compliance with the IETF LLC’s Privacy Statement and applicable legal and regulatory obligations
Who is a Covered Individual? The IETF Administration LLC (“IETF LLC”) Board Directors, employees and contractors, as well as any volunteers and/or agents who are formally authorized to act on behalf of IETF LLC in some capacity and are considered by the LLC to be acting in that capacity (collectively, “Covered Individuals”).
Who is not a Covered Individual? IETF participants, IRTF participants, IESG members, the IRTF Chair, IAB members, IAB program members, working group chairs, research group chairs, directorate participants, the Independent Submissions Editor, the Independent Submissions Editorial Board, NOC volunteers, Tools team volunteers, the Ombudsteam, the Sergeants-at-arms, trustees of the IETF Trust, and any individual not involved in the IETF, except if such individuals are formally authorized as Covered Individuals (such as an IETF LLC Board Director).
The Records Retention and Management Policy (the “Records Policy”) of the IETF Administration LLC (the “IETF LLC”) includes the Records Retention Schedule in Schedule A (which may be updated independently of this policy). Document retention is the process of managing all types of business documents and records to ensure that they are readily available for as long as they are useful or are required by law to be retained. In general, when documents are no longer useful and are no longer legally required to be retained, they should be destroyed.
Objective of the Records Policy
The purpose of this Records Policy is to ensure compliance with the IETF LLC’s Privacy Statement and applicable legal and regulatory obligations, while also increasing efficiency and consistency of record storage, minimizing litigation costs, ensuring reliable and accessible records of IETF LLC’s actions and decisions, and ensuring the orderly destruction of relevant documents. The IETF LLC Board shall review this Records Policy periodically to ensure that it continues to meet these objectives. The IETF itself conducts its standards development process openly, and as such many materials are retained -- potentially permanently -- in support of the transparency of IETF processes (e.g. list archives, meeting attendance lists). Individuals seeking removal of information may have rights to do so, and should refer to the IETF Privacy Policy for more information.
1. Storage
Electronic records of relevant IETF LLC documents should be stored in the document management system as may be prescribed by the IETF LLC Board from time to time for the time periods set forth in the Schedule.
Any physical copies of financial, personnel or other confidential records should be stored in secure file cabinets and be locked at the end of each business day.
2. Oversight
The IETF LLC Board shall oversee the implementation and administration of this Records Policy.
3. Records Destruction
At the expiration of the retention period for a particular document, as indicated in the Schedule, a document is eligible for destruction. The IETF LLC will review documents eligible for destruction and subsequently conduct the records destruction on a periodic basis, on not more than an annual basis. Printed records must be shredded and electronic records must be erased or destroyed and no longer retained in a retrievable form.
4. Document Retention During Litigation and Other Proceedings
In the event of a lawsuit, service of a subpoena, or initiation of government proceeding, inquiry or investigation that relates to IETF LLC records, the IETF LLC may be required to retain some or all relevant documents relating to the matter, even if the IETF LLC is not yet a party to the lawsuit, target of the investigation, or recipient of a subpoena. If the IETF has records that relate to current or reasonably foreseeable legal proceedings, the IETF LLC shall (with the advice of counsel) evaluate whether it has document retention obligations and the breadth of material that is likely to be encompassed by such obligations. These records will be placed on “Legal Hold” and the original records or copies of the records will be segregated physically or electronically, as applicable for retention as long as necessary.
5. Notification of IETF LLC Legal Counsel
As soon as any Covered Individual learns that the IETF LLC is subject to or is reasonably likely to become subject to litigation, a government investigation, or a subpoena, IETF LLC counsel shall be notified immediately.
The IETF LLC Executive Director shall notify Covered Individuals as appropriate concerning legal requests and requirements concerning the retention of documents in IETF LLC custody.
Policy version: 1
Last updated: 31-October-2019