3.6 Digital Archives Identification and Administration
3.6.1 Digital archiving practices
3.6.1.7 Preserving authenticity, integrity and reliability in digital archives
116
Despite the increases popularity of cloud computing globally, many countries and professions continue to view the technology suspiciously. Findings of a study by Pan (2019) in two Chinese enterprises indicated that there was little impact of cloud-based services on the recordkeeping function in the organizations. Citing ResearchICTafrica.net (2017), Mosweu, Luthuli and Mosweu (2019:5) reported that although a number of organizations in Kenya have adopted cloud computing, government support for this technology has been minimal. Consequently, this study took cognizance of cloud computing and other preservation technologies which archival repositories must choose from to guarantee the long-term storage and survival of their archival resources.
117
Migration is a set of organized tasks designed to achieve the periodic transfer of digital materials from one hardware/software configuration to another, or from one generation of computer technology to a subsequent generation. The purpose of migration is to retain the ability to display, retrieve, manipulate and use digital information in the face of constantly changing technology.
Migration includes refreshing as a means of digital preservation but differs from it in the sense that it is not always possible to make an exact copy or replica of a database or other information object as hardware and software change and still maintain the compatibility of the object with the new generation of technology.
Although migration is commonly used in digital archiving, the process results in some degree of loss and changes in the structure and content, thereby affecting the reliability, authenticity and integrity of digital records (Asogwa 2012:206). Similarly, the process of creation for some digital record formats can reduce their authenticity.
For example, as e-mail messages are replied to, copied, forwarded, they may be altered or edited, thereby compromising their authenticity and integrity as records (Asogwa 2012:206). In addition, Jansen (2015:48) points out that when a record is removed from the system where it was originally created, for example through conversion or migration, the authenticity of the record becomes compromised.
Therefore, the fixity of digital records is not guaranteed (Bhebhe 2015:116), calling for the implementation of digital preservation strategies to ensure continued access and trust for the retrieved records.
Lemieux et al. (2019:5) speculate that today’s business arena is bedeviled by a crisis of trust. The InterPARES project defines trust as the “confidence of one party in another, based on alignment of value systems with respect to specific actions or benefits, and involving a relationship of voluntary vulnerability, dependence, and reliance, based on risk assessment” (InterPARES 2015). In the recordkeeping context, this definition presupposes the existence of records in an environment of threats, which must be conquered for the records to survive. Records therefore acquire the quality of trustworthiness by virtue of its accuracy, reliability and authenticity. The results of InterPARES 2 Project affirmed that accuracy relates to the extent to which records are truthful, precise, correct and pertinent to the subject matter. Hence,
118
records authenticity is inextricably linked to the quality of integrity, which is the proof that a record is free from tampering (InterPARES 2015). The integrity of a record is therefore judged from the manner in which records are handled and maintained over time, commonly referred to as the chain of preservation or custody (Lemieux 2016:112). Notably, the fast pace at which technology keeps changing has increased the importance of ensuring records authenticity for societal, legal and research purposes (Jansen 2015:46).
Duranti and Rogers (2012:525) equate reliability to trustworthiness of a record as a factual statement grounded on its authorship, process of creation and overall completeness. The authors suggest that the quality of reliability can be assured by introducing and enforcing the following requirements for controlling digital records:
i. Compiling records using standard templates and formats;
ii. Authenticating records by use of specific conventional methods;
iii. Embedding access privileges by assigning rights to system users based on specified competencies, the permission to retrieve, read, annotate, compile, classify, transfer, or destroy specific records;
iv. Embedding workflow rules in the e-records system defining the individual(s) authorized to perform each action for each specific group of records;
v. Controlling access to the system and specific records using magnetic cards, passwords, fingerprints, among other technologies; and
vi. Designing audit trails so that all access to the system and changes thereof can be documented in real-time (Duranti and Rogers 2012:525).
Considering the above aspects, it is clear that archivists are also engaged in digital forensics which for a long time has been associated with criminology and intelligence units. Digital forensics provides an emerging source of approaches and tools for facilitating long-term preservation by detecting forgery and manipulation as well as generally protecting archival evidence (Digital Preservation Coalition 2015:33).
In retrospect, digital archives repositories have the responsibility of preserving and availing records possessing all three aspects of trustworthiness (that is, authenticity, integrity and reliability). This is a tall order in the present-day cyberspace (in)security dispensation where digital systems and the internet are the kingpins driving the wheel of information management in organizations and academic institutions. Archivists and
119
records managers must confront and deal with the myriad of information security threats occurring in cyberspace, commonly referred to as cyberspace crimes which affect the trustworthiness of digital records and archives. In this respect, the InterPARES Trust Project recognized that blockchain and distributed ledger technologies (DLTs) can be applied to records management and digital archiving to secure digital records from tampering and manipulation (Bralic, Stancic and Stengard 2020). Though there is no universally agreed definition of blockchain, the term can be described as a form of open-source technology which supports reliable, authentic records of business transactions stored and preserved in automated accessible ledgers which are devolved and distributed (Lemieux et al. 2019:6), a technology that is mainly applied in financial, land and health records. However, research is still underway regarding the use of blockchain technology in digital records and archives authentication.