Time and time again we see news stories and legal case writes ups where it has become obvious employees still have no idea that an email is not a private communication. I find most employees, even corporate legal department types, still consider an email is like a verbal conversation in a parking lot; once its ended, it doesn’t exist anymore (unless it was recorded).
A recent example came from the Goldman Sachs Congressional hearings where the following exchange took place:
US Senator Carl Levin: “And when you heard that your employees, in these e-mails, when looking at these deals, said God, what a shitty deal, God what a piece of crap – when you hear your own employees or read about those in the e-mails, do you feel anything?”
David Viniar, chief financial officer, Goldman Sachs: “I think that’s very unfortunate to have on e-mail.”
This is a prime example of a probably very smart guy never considered that specific content in that email would every show up in a blog much less the front page of the Wall Street Journal. This problem of unguarded content in emails has become a major liability for many companies and organizations. Another example is the email flap recently over the emails between various researchers at various universities around the global warming question.
Organizations are doing themselves a huge disservice by not training their employees around proper email use and its implications if not followed. I am not addressing the “right” or wrong” questions about these two specific examples, just the fact that very smart people continuously ignore the consequences of questionable emails.
So what can organizations do to protect themselves from this kind of liability? Well there are two steps that you can take to drastically reduce your liabilities around smoking gun emails. First, train all employees (not just once but at least annually) on your email use policy (hopefully you have one that addresses this kind of behavior). But also just as important is to educate them on the consequences of inappropriate email usage. Explain to them the eDiscovery process and what that means for email. Government agencies as well as attorneys regularly ask for and get emails from organizations in litigation or agency subpoena.
Also educate them on the email technology. I can’t count how many times I have had CEOs, CIOs all the way down the line to line workers explain to me that when they delete an email from their email box, it’s really gone. Show them why that’s not the case with a couple of the hundreds of case examples where company employees believed the same thing and what happened.
The second step is to put technology in place that helps you zero in on this type of behavior before it ends up in court and on the front page. Many organizations will think this is “big brotherish” and not fitting with their organizations culture. I disagree with this reasoning…Putting protections in place to ensure proper business behavior is a common sense measure to reduce your legal liabilities. Install an email archiving system so that email is secured for some period of time via retention policies and also have content monitoring capability to be able to monitor, in real time, occurrences of content/behavior your organization has deemed out of bounds. Along with this technology, be sure to explain (repeatedly) to each and every employee that all of their emails are being captured for a period of time and that some are actually being monitored for content. I guarantee you that your employees will be overly careful what they put in emails going forward.