John, I think you are confusing application level meta data with operating system level statistical data. When a file is created, updated and in some cases read the operating system updates the file statistics. In this case the operating system does not know or care what application the file belongs to. In fact if it did this would probably be controversial in light of anti-trust law. In some operating systems such as MS Windows you can change the behavior of the OS using registry "tweaks" so that you can turn off last read statistics to enhance efficiency. It would also not be hard to write a program that changed any of the statistics on mass (if you wanted). On the other hand you have Application Level meta data, this is created and maintained by the application (Office, Acrobat et al). Copying or moving a file does not invoke these applications so this meta data will not be changed. It is common for applications to hook into the Windows system to add functionality. So in the case of Adobe Acrobat, it installs a hook which adds a PDF tab when you right hand click on a file. The code in this tab would open the file and extract data for use in the PDF tab. The process of reading this file will update the last accessed statistic at the operating system level (if this has not been disabled). The functionality you seek has been provided on Mainframes via SMF for decades. This functionality has slowly been creeping into Windows and should be more advanced in Longhorn when it is released mid-year. As for UNIX/Linux audit capabilities are sadly not at the forefront of development activities. On the issue of courts understanding the ins and outs of technology, this is all relatively new to them. In most cases arguments related to matters such as these are simply an adjunct to the case. Any finding should therefore be seen with a view that they will evolve as precedents are challenged and new arguments emerge. Gerard List archives at http://lists.ufl.edu/archives/recmgmt-l.html Contact [log in to unmask] for assistance