Leading Technology Vendors Unite to Address Compliance and Information Retention Challenges

Leading Technology Vendors Unite to Address Compliance and Information Retention Challenges
Internet Law & Policy Forum to Host Compliance and Management
of Electronic Information Working Group

Seattle, WA - March 7, 2005 - Leading global technology companies today announced the formation of the Compliance and Management of Electronic Information (CMEI) Working Group. As part of the Internet Law & Policy Forum (ILPF), the CMEI Working Group will work with both public and private sector representatives, as well as other industry groups to create a global, cross-industry framework for managing electronic information for compliance.

Hitachi Data Systems, HP, Network Appliance (Nasdaq: NTAP), Open Text (Nasdaq: OTEX), Oracle (Nasdaq: ORCL), Plasmon (LSE: PLM), Sun Microsystems and VERITAS Software Corporation will provide guidance on best practices for companies working to comply with information retention and maintenance regulations. Additionally, the group will offer counsel to legislators regarding technical and business challenges of regulatory compliance and facilitate information exchange between business, technology and regulatory bodies.

"Enterprises are allocating significant resources to meet compliance regulations but lack the historical context on which to base program roll outs," said Harald Collet, chairman, CMEI Working Group and product manager, Records Management and Compliance Support, Oracle. "Without this context, the tactical efforts of complying with imminent regulations may not be in alignment with strategic objectives. Our goal is to provide these organizations with the information they need to implement effective compliance strategies that maximize technology investments and minimize disruptions to existing business practices."

AMR Research predicts that companies will spend $6.1 billion in 2005 just to comply with the Sarbanes-Oxley Act, which is in addition to the resources already committed to retention and maintenance requirements found in US federal, state, and international law. The rapid growth of regulation, combined with the ambiguity of many of the requirements, has made compliance not only difficult and expensive, but also in some cases impossible.

For example, a financial institution based in the US with offices in the UK is required to comply with both US data regulations and UK data laws. Under US law, companies must retain all records, including customer data, for seven years. In the UK, a company must immediately destroy all customer information when the customer terminates his relationship. No matter what the company does, it will violate one of these laws.

"As an organization known for providing substantive and objective analysis of difficult questions facing the business and technology community, the Internet Law & Policy Forum is an ideal host for the CMEI Working Group," said Andrew Konstantaras, executive director, Internet Law & Policy Forum. "The group is tackling significant challenges facing the public and private sector, and we look forward to helping them collaborate with other industry organizations to achieve success."

As a result of market conditions, legal concerns and regulatory requirements, companies, technology vendors and regulators are facing specific challenges, but there is common ground when it comes to compliance:

  • Regulators want to raise the levels of compliance as quickly as possible
  • Companies want to minimize the risk of non-compliance
  • Technology vendors want to provide solutions that help customers address regulatory requirements

"Global businesses and legislators are working diligently to make universal regulatory compliance a reality," said David Yockelson, executive vice president, META Group. "Having this broad base of technology vendors working together to help facilitate discussions about compliance and provide advice around best practices is a valuable asset for stakeholders on all sides of the compliance issue."

The CMEI Working Group will develop and publish best practices, checklists and summaries of legal and regulatory requirements to provide compliance guidance. Additionally, the group will hold a series of forums where technology vendors, regulated entities, government leaders and policy experts can discuss the impact of law on end users and develop recommendations and guidelines that will facilitate compliance while allowing companies to continue effective business operations.

For more information about the CMEI Working Group and to join the listserv, please fill out the information at: www.ilpf.org/CMEI-Signup.html.

About the Internet Law & Policy Forum
Founded in 1995, the Internet Law and Policy Forum (ILPF) is dedicated to the sustainable global development of the Internet by bringing law, policy, business and technology together as it addresses some of the most critical issues facing the Internet. The ILPF is an international nonprofit organization whose member companies develop and deploy the Internet in every aspect of business today. Through its conferences, working groups, and expert workshops, the ILPF provides a neutral forum and international perspective in order to discover best practices and develop practical solutions for the multi-faceted challenges posed by the Internet. For more information, please see www.ilpf.org.

Greg Lunsford
Zeno Group
(415) 369-8106