[Moims-rac] Authenticity, confidence, and proof

[Don Sawyer]

Hi Helen,

I think I'm in full agreement.  See some brief responses below.

On Oct 15, 2007, at 3:33 PM, Helen Tibbo wrote:

> Dear BOFers,
>
> Great discussion today on authenticity. I wish my class could have  
> been following along. Sorry for not participating more, my home  
> connection just doesn’t seem to be working for this purpose – not  
> very trustworthy I am afraid.
>
> Today’s conversation did raise a few questions for me. First, what  
> is the goal of this standard? I know we talked about this a long  
> time ago but perhaps we need to revisit purpose here given the  
> discussion of proving the maintenance of authenticity. Indeed, what  
> is the purpose of audit and certification? Is it not to give  
> contributors and users of repository materials confidence that what  
> is deposited will remain essentially as it is (essential  
> characteristics preserved) over time and that any changes are  
> documented (changes from migrations, etc.) and that the materials  
> will remain available, accessible, and understandable?
This is certainly my view.

> Even if future users never check on this, won’t they generally  
> assume it to be true? It seems that none of this is in the  
> “absolute proof” business and that we can only prove when  
> authenticity (or entire documents/objects) are lost.
Agreed.
> Even the highest level of certification will not ensure digital  
> longevity and authenticity, anymore than best practices in analog  
> repositories will ensure that no objects go missing or that none  
> are defaced in some way. None of this is providing certainty; only  
> risk projections that provide confidence. For example, when the  
> local board of health inspects restaurants an “A” rating does not  
> mean that you won’t get food poisoning if you eat there but that it  
> is much less likely than if there is a “B” rating (I believe they  
> close down places with “C” ratings). The evidence the inspectors  
> collect is data regarding cleanliness, pests, and the temperature  
> of foods that are supposed to be hot or cold when the unannounced  
> inspection is done. It is a snapshot from which they infer future  
> behavior. I trust my board of health inspectors in Chapel Hill  
> enough to actually pay attention to the posted grades in the  
> restaurants, but I know, any food could harbor bacteria, etc. at  
> any time. Yet, the inspections (which are educational for the  
> cafes) and the resulting certifications (the posted grades) are  
> useful and well worthy their cost even if they do not provide  
> absolute certainty that I will remain well after eating out.
>
> In North Carolina there are over 800 analog “cultural  
> repositories,” and even to the very untrained eye they vary greatly  
> in “trustworthiness” without any sort of certification. They range  
> from repositories at UNC and Duke University to one room  
> collections of buttons or farm implements run by folks in the  
> countryside with no repository training. I think, perhaps naively,  
> that most visitors more or less understand the differences…
>
> Isn’t part of the issue for us that it is much harder for  
> contributors/users to make the trustworthiness decisions in the  
> digital realm than in the analog? We are not providing certainty  
> and I think any certification should make that clear.
>
> So it is not “proof” of authenticity that we can ask for but rather  
> the track record of behaviors that provide us confidence that the  
> repository will continue to follow good practice in the future.

Yes, there are no guarantees, only 'best practices' that we hope can  
be checked to some level to establish a degree of trust.
>
> My greater concern is in identifying the elements of any list such  
> as TRAC that are the most likely to indicate either a repository  
> that is likely to fail or one that is likely to succeed. Back to  
> the restaurant analogy: I am more concerned when hot food is not  
> kept hot and cold food is not kept cold than things like food being  
> stored on the floor or even roaches. One is much more likely to  
> become sick from food that was left at room temperature than if a  
> bug crawled on it… What are those food temperature equivalents for  
> the preservation likelihood of digital objects??
Yes, not all 'requirements' are necessarily equal in terms of  
establishing trustworthiness.  I think some of the existing TRAC  
requirements are 'not essential'.  At NSSDC we're in the process of  
trying to document how we do, or will, meet most (but not all) of the  
TRAC requirements.  We've extracted the ones we think are most  
important for this analysis.  I see this as an evolutionary process  
since we're learning as we go, both at NSSDC and in the development  
of this document.  Perhaps when we get to audit scoring, or even  
before, some requirements will become less significant or even 'nice  
to meet but not mandatory'.  That said, our experience is that it is  
VERY easy to have information corrupted by gaps in detailed processes  
and that tracking of actions within the archive/repository is very  
important.  Tracking this at the right level of detail is tricky, and  
then what provenance should be saved and what can be deleted?  We're  
trying to address this as we re-engineer our processes.  And, we've  
been in this business for 40 years!

don


> -Helen
>
>
>
>
>
> Dr. Helen R. Tibbo, Professor
>
> School of Information and Library Science
>
> 201 Manning Hall
>
> University of North Carolina at Chapel Hill
>
> Chapel Hill, NC 27599-3360
>
> tibbo at ils.unc.edu
>
> Tel: 919.962.8063
>
> Fax: 919.962.8071
>
>
> _______________________________________________
> Moims-rac mailing list
> Moims-rac at mailman.ccsds.org
> http://mailman.ccsds.org/cgi-bin/mailman/listinfo/moims-rac

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ccsds.org/pipermail/moims-rac/attachments/20071015/474b260f/attachment.htm