| Pages in topic: [1 2 3] > | Files lost forever - Anyone to blame? Thread poster: José Henrique Lamensdorf
|
|---|
I take non-disclosure seriously, having my own policy published on this page.
I learned the lesson in the ancient days before the Internet, when I had to drive across town with hard copies and 5¼" floppy disks to deliver my translation. It was some sensitive information training course on automated methods to detect credit card fraud. Done, delivered, accepted, paid... See more I take non-disclosure seriously, having my own policy published on this page.
I learned the lesson in the ancient days before the Internet, when I had to drive across town with hard copies and 5¼" floppy disks to deliver my translation. It was some sensitive information training course on automated methods to detect credit card fraud. Done, delivered, accepted, paid, deleted.
On the next month I did a somewhat similar job for a competitor of theirs. Again... done, delivered, accepted, paid, deleted. Absolutely NO "leakage" other than my growing experience, though each company's jargon was somewhat different.
Three months later, the first client called me. They wanted me to do some minor changes on the translation. I told them I didn't have their files any more. They insisted, said they had misplaced the floppies, couldn't locate them. They offered to pay anything reasonable for me to retrieve those files. I said there was no way I could recover them. A couple of days later they sent me those floppies via messenger.
I'll never know if they were 'testing' me or not. Anyway, that case led me to make sure my clients' files were beyond anybody's reach - mine included - after a job was completely finished and closed.
In the very beginning of this year I was assigned a video translation and subtitling job by a local translation agency, a frequent client of mine. The end-client was one of the largest and best-known companies around, mostly in electronics. The subject in the videos was hi-tech IT, so the original hiring party could be assumed as being computer-savvy.
I received the videos via WeTransfer, so it was deemed as an acceptable safe method. On Jan. 30th I uploaded the subtitled videos zipped together, about 1 GB to WeTransfer, which sent the link the agency, and they immediately sent the link for download to the client.
For the record, files on (free) WeTransfer remain there available for download for only one week. If I subscribed, they'd stay there forever during my subscription, but I think it's safer to have them automatically deleting the file to save their space on disk.
On Feb. 2nd, I received a warning from WeTransfer that nobody had downloaded those files, and that they would expire (and get deleted) in two days. I called the PM, told her I could save all files to a data DVD, but she said it wouldn't be necessary. She would call the client again, and e-mail them the download link again.
On Feb 25th, I received a call from the PM, saying that the client tried to download the files, and couldn't any more (of course!). So I uploaded them again, sent the link to the agency, and they relayed it to the end-client.
This time, I did not receive a warning that nobody had downloaded it before expiration, so it was reassuring.
Later I did another similar-sized video dubbing job for the same PM, this time for an automotive company, and everything was all right. They requested one minor change in one of the videos, and confirmed that they were very satisfied with all others.
So last week, Mar. 20th, I asked that PM if it would be OK to close both cases and delete all those files, both the IT and auto videos. She said it should be all right, since both companies had accepted the jobs and paid.
Yesterday, Mar. 25th, the PM called me. The IT company had fired the employee in charge of those videos (and other things, of course), and they couldn't find the corresponding files. Could I resend them? Of course NOT!
One point to consider is that I always offer clients to check my video translation before subtitling or dubbing. I offered this to the electronics company, they said (via agency) that it wouldn't be necessary; I had done enough work for them already. The auto maker was a first-timer with me, so I sent them the dubbing script. They checked it, and said (via agency) to dub exactly as translated, no changes.
I still have somewhere on my e-mail server the auto dubbing scripts, so if I had to redo it from scratch, they could save on the entire translation. However the electronics firm translation for subtitles - at least on my side - is gone forever.
I'd welcome the input, especially on lessons to be learned about security vs. retrievability, from my esteemed Proz colleagues.
[Edited at 2015-03-26 11:43 GMT] ▲ Collapse
| | | | Tom in London
United Kingdom
Local time: 08:54
Member (2008)
Italian to English
| I don't quite understand | Mar 26, 2015 |
Didn't you still have the files on your own hard drive? If not why not?
| | | | | I held them for 49 days | Mar 26, 2015 |
Tom in London wrote:
Didn't you still have the files on your own hard drive? If not why not?
I held them on my hard drive for 49 days (though my stated policy is 30), and offered to burn them to a data DVD (answer = not necessary). Then I destroyed them completely.
If anyone hacks my computer, or ransacks my office, they won't get those files. These were not particularly confidential, I think, however now and then I handle quite sensitive stuff, so the general security rule applies.
| | | | | I keep all files forever | Mar 26, 2015 |
Problem solved!
| | |
|
|
|
Radian Yazynin 
Local time: 10:54
Member (2004)
English to Russian
+ ...
| Called, said, answered... | Mar 26, 2015 |
I would suggest that you and your direct client (the agency) include special requirements (with provisions of failure to act, too) on the job closing procedure in the document you counter-sign so that there's nothing left hanging and your client doesn't even endeavour to ask for data restoring.
[Edited at 2015-03-26 12:47 GMT]
| | | | Michael Beijer
United Kingdom
Local time: 08:54
Member (2009)
Dutch to English
+ ...
| I think you're being paranoid. | Mar 26, 2015 |
I keep everything I ever translated, forever, in a nicely organised folder structure, both on my various computers and online (via Dropbox). If anyone asks me for anything, I can find it instantly. Either by navigating to where I think it should be or using dtSearch. Disk space (both local and online) is ridiculously cheap these days; why not make use of it?
I find it very useful to keep everything, for various reasons. For example, if I get sent a job for an ongoing client, ... See more I keep everything I ever translated, forever, in a nicely organised folder structure, both on my various computers and online (via Dropbox). If anyone asks me for anything, I can find it instantly. Either by navigating to where I think it should be or using dtSearch. Disk space (both local and online) is ridiculously cheap these days; why not make use of it?
I find it very useful to keep everything, for various reasons. For example, if I get sent a job for an ongoing client, I still have everything I ever did for them, which can come in very handy. If you destroy everything, you are also destroying a lot of useful information. I have all kinds of different databases on my computer: large corpora (IT, legal, business, education, etc.), translation memory and termbase collections, term research documents downloaded from the internet, etc.
Just make sure to protect yourself adequately. In 20 years, I have never once heard of a single case of a colleague having been hacked or anything confidential being stolen or misused. I think you're being paranoid.
Michael ▲ Collapse
| | | | Tom in London
United Kingdom
Local time: 08:54
Member (2008)
Italian to English
José Henrique Lamensdorf wrote: Tom in London wrote:
Didn't you still have the files on your own hard drive? If not why not? I held them on my hard drive for 49 days (though my stated policy is 30), and offered to burn them to a data DVD (answer = not necessary). Then I destroyed them completely. If anyone hacks my computer, or ransacks my office, they won't get those files. These were not particularly confidential, I think, however now and then I handle quite sensitive stuff, so the general security rule applies.
I think I know who's to blame.... sorry to say....
We probably all have sensitive files on our computers, but deleting them is surely not the solution, especially since they are probably still on email servers (unless we carefully delete our old emails from the server).
| | | | | That's a good idea | Mar 26, 2015 |
Radian Yazynin wrote:
I would suggest that you and your direct client (the agency) include special requirements on the job closing procedure in the document you counter-sign so that there's nothing left hanging and your client doesn't even endeavour to ask for data restoring.
We assume that any organized client will have a procedure in place, whereby the requester of anything from outside will sign off the invoice as "goods/services received and deemed okay" to clear it for payment. As this requester was discharged, maybe s/he signed off some such (or other) papers without a glance.
The agency having in place some minor final release formality (which they should fwd to me) would be a good option to prevent such situations.
| | |
|
|
|
| Aren't you overdoing it a bit? | Mar 26, 2015 |
The need for non-disclosure is obvious, but the need to delete clients' files so quickly isn't, and I wonder if you aren't overdoing that part and causing more problems than necessary.
If the files to be translated were sensitive at military or intelligence level, you wouldn't be allowed to download them to a private computer in the first place, so we don't need to discuss such a case.
If a client specifically requires the files to be deleted after a certain period, the... See more The need for non-disclosure is obvious, but the need to delete clients' files so quickly isn't, and I wonder if you aren't overdoing that part and causing more problems than necessary.
If the files to be translated were sensitive at military or intelligence level, you wouldn't be allowed to download them to a private computer in the first place, so we don't need to discuss such a case.
If a client specifically requires the files to be deleted after a certain period, then by all means abide by that, but you'd also need to wipe any remains from the recycle bin and all backups.
If you need to recover a deleted file, the first place to look is obviously the backups and the recycle bin. Even if it is no longer in the recycle bin, the file may still not have been overwritten on the disk or other storage medium, and you could try various 'undelete' programs to try to recover it. Even when overwritten, specialised laboratories can in some cases recover data by analysing the magnetic levels on the disk, but we can forget about that for our purposes. Intelligence services may do these things with disks recovered from terrorists, but that's not in our league.
As for how long to keep the files, non-disclosure is not the only thing to take into account. What if you are sued after three years? Then you have wiped all the evidence and depend exclusively on what your opponent can present. What if the fiscal services accuse you of under-reporting revenues and ask to compare the amounts you have declared with the actual work done? In France, you should keep such evidence for ten years, as that is when the statute of limitation sets in for tax investigations and lawsuits between professionals. It is the same in Germany. So I keep client files for ten years, then shred paper files and delete computer files. They would still remain in my online backups unless I'd switched backup provider in the meantime, as I use Crashplan that never deletes files unless I ask them to. Once it’s set up, I don’t have anything to do to ensure that even files updated just hours ago are backed up automatically.
Solicitors too are required to keep client files for a certain number of years for similar reasons. I don't think we need to delete client files so much faster than solicitors.
In any case, these are my views. Maybe there are good arguments to alter them, maybe not. ▲ Collapse
| | | | | Another important point, free e-mail service | Mar 26, 2015 |
Tom in London wrote:
We probably all have sensitive files on our computers, but deleting them is surely not the solution, especially since they are probably still on email servers (unless we carefully delete our old emails from the server).
I only use paid and liable e-mail services. If anything leaks from my e-mail, my e-mail server has the resources to face a million-dollar lawsuit either way. It's cheap, some USD 5~10/mo., but security is guaranteed.
On the other hand, any translator using Gmail, Yahoo, or some other free e-mail service should be prepared, in case the content they sent or received via e-mail finds its way to the public via Google, Yahoo, etc. Their service agreement states that any content going through there may be indexed and published.
| | | | | Gmail and Yahoo may not publish your e-mails | Mar 26, 2015 |
José Henrique Lamensdorf wrote:
On the other hand, any translator using Gmail, Yahoo, or some other free e-mail service should be prepared, in case the content they sent or received via e-mail finds its way to the public via Google, Yahoo, etc. Their service agreement states that any content going through there may be indexed and published.
I don't know which part of their agreements you interpret to mean that they may publish your e-mails, but this is bound to be a misunderstanding.
Maybe what they say is intended to mean that since e-mails are not encrypted, confidentiality in transit cannot be guaranteed. But that does not mean they can choose to publish your e-mails. They'd face massive lawsuits for breach of privacy laws in many jurisdictions if they did.
Maybe some of your clients have particular requirements that justify the use of encryption or special services, but that's still not a reason to delete everything so quickly.
| | | | Michael Beijer
United Kingdom
Local time: 08:54
Member (2009)
Dutch to English
+ ...
José Henrique Lamensdorf wrote: Tom in London wrote:
We probably all have sensitive files on our computers, but deleting them is surely not the solution, especially since they are probably still on email servers (unless we carefully delete our old emails from the server). I only use paid and liable e-mail services. If anything leaks from my e-mail, my e-mail server has the resources to face a million-dollar lawsuit either way. It's cheap, some USD 5~10/mo., but security is guaranteed. On the other hand, any translator using Gmail, Yahoo, or some other free e-mail service should be prepared, in case the content they sent or received via e-mail finds its way to the public via Google, Yahoo, etc. Their service agreement states that any content going through there may be indexed and published.
José, that's nonsense. You don't actually believe that Google has the right to publish my private emails publicly. Where on earth did you hear that? They reserve the right to use your data to improve their service, not to publish it online!
And as an aside, it has been my experience over the years that it is always the person with the supposedly reliable, paid email service who ends up having problems (server down, can't send attachments, lost emails, viruses, spam, fishing, etc. etc. etc.). For a laugh, Google BT mail review: https://www.google.co.uk/search?q=BT%20mail%20review&oq=BT%20mail%20review&aqs=chrome..69i57j0l5.2689j0j7&sourceid=chrome&es_sm=0&ie=UTF-8
I actually use a paid version of Gmail (Google Apps for Work) myself, because I want the 24/7 support, but the free version of Gmail has always been rock solid and secure in my experience.
Michael
| | |
|
|
|
| Google policy | Mar 26, 2015 |
Michael Beijer wrote: José Henrique Lamensdorf wrote:
On the other hand, any translator using Gmail, Yahoo, or some other free e-mail service should be prepared, in case the content they sent or received via e-mail finds its way to the public via Google, Yahoo, etc. Their service agreement states that any content going through there may be indexed and published. José, that's nonsense. You don't actually believe that Google has the right to publish my private emails publicly. Where on earth did you hear that? They reserve the right to use your data to improve their service, not to publish it online!
Found this on the web:
7. Privacy. As a condition to using the Service, you agree to the terms of the Gmail Privacy Policy as it may be updated from time to time. Google understands that privacy is important to you. You do, however, agree that Google may monitor, edit or disclose your personal information, including the content of your emails, if required to do so in order to comply with any valid legal process or governmental request (such as a search warrant, subpoena, statute, or court order), or as otherwise provided in these Terms of Use and the Gmail Privacy Policy. Personal information collected by Google may be stored and processed in the United States or any other country in which Google Inc. or its agents maintain facilities. By using Gmail, you consent to any such transfer of information outside of your country.
Michael Beijer wrote:
And as an aside, it has been my experience over the years that it is always the person with the supposedly reliable, paid email service who ends up having problems (server down, can't send attachments, lost emails, viruses, spam, fishing, etc. etc. etc.).
Well, I didn't mean 'just any' paid e-mail service.
I use two of them. One is included in my web site hosting package from Plugnet, and their e-mail service really sucks, for all the problems you mentioned and a few others. I only use it for 'first contact', since the address is published on my web site.
My main e-mail service is from Mandic, of which I personally know the founder, but no longer the owner. He sold it to some big-time US investors. He used to be a redundancy freak, and that mentality remains as of today. Over a 20+ years span, they have been down for a total of less than 12 hours, and their tech support is as available and effective as it could be.
| | | |
José Henrique Lamensdorf wrote: Their service agreement states that any content going through there may be indexed and published. if required to do so in order to comply with any valid legal process or governmental request (such as a search warrant, subpoena, statute, or court order),
Every single company or person has to hand over such information if requested to do so under such circumstances, whether or not they write it in their T&C.
This obviously does not mean that they may publish such information. Obviously, they may not.
| | | | | "Publishing" may not be so obvious | Mar 26, 2015 |
This obviously does not mean that they may publish such information. Obviously, they may not.
I don't have a link, but I remember someone writing about a translation job that passed through Google. It was not published anywhere in the open, but sentence pairs from it resurfaced in Google Translation.
| | | | | Pages in topic: [1 2 3] > | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Files lost forever - Anyone to blame? | CafeTran Espresso | You've never met a CAT tool this clever!
Translate faster & easier, using a sophisticated CAT tool built by a translator / developer.
Accept jobs from clients who use Trados, MemoQ, Wordfast & major CAT tools.
Download and start using CafeTran Espresso -- for free
Buy now! » |
| | TM-Town | Manage your TMs and Terms ... and boost your translation business
Are you ready for something fresh in the industry? TM-Town is a unique new site for you -- the freelance translator -- to store, manage and share translation memories (TMs) and glossaries...and potentially meet new clients on the basis of your prior work.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
Translation news
