When emails go public. How to avoid sharing the things you should never have said
Tuesday, December 16, 2014/
There is a lesson for us all in the continuing revelations from stolen Sony emails being splashed over world-wide media. It is a lesson that Sony Pictures Entertainment Co-Chairperson Amy Pascal could have benefited from before sending emails with racist comments about President Obama. Or an email calling Leonardo DiCaprio’s behaviour “Absolutely Despicable” when he decided to pull out of a planned Steve Jobs biopic.
The lesson is a very simple one. It is that when you are writing an email (or any other corporate document), imagine that it will inevitably one day end up on the Internet for everyone to see. Even without the hacking episode, there have been enough horror stories of private emails being accidentally sent to the wrong people who have little issue with making the contents public.
The emails of Amy Pascal and other Sony Pictures’ executives reveal damaging internal discussions about business practises and commentary on a wide range of people that the company relies on to do their business. It is hard to imagine how those involve retain their credibility as more of the emails become public.
The dangers of emails being used against an organisation was something that former Microsoft CEO Bill Gates discovered the hard way during US antitrust investigations. After that point, Microsoft internally discussed a practice of not keeping any emails for longer than 6 months.
In many other cases, emails have been obtained by journalists and others and used against the owners under Freedom of Information requests.
Deleting emails after a set amount of time would have helped a great deal with Sony’s problems but it comes with its own issues. Many organisations, including universities, are subject to legal regulations governing how long official records need to be retained. Emails can be considered part of official records and so it is sometimes difficult to apply a blanket policy that requires all emails to be deleted after a relatively short time.
The problem of email could also potentially be solved by using other forms of electronic communication instead. There have been suggestions that email could be replaced with instant messaging. This is certainly the case but many of these services keep records of conversations. Google for example, allows individual hangouts to be switched into “off the record” mode, but does not allow this setting as a default for all conversations. To delete the record of the conversation, it has to be done individually.
Special software that automatically deletes conversations can be used such as messaging apps Telegram and OneOne but these require widespread use. In terms of the types of email exchanges that were highlighted in the Sony releases, it is unlikely that the participants would have had the presence of mind to use more secure communications in any event.
Although companies should be advising all of their staff, especially the senior ones about good email hygiene, there is still a much easier way of avoiding all of these issues by not writing the email (or document) in the first place. If that is not possible, then there are a few definite things you should do when writing email:
1) Always keep it brief. The more you write, the harder it is to check you haven’t said something you will regret.
2) Never write email when you are angry or emotional. Leave it for 24 hours before writing, if at all.
3) Never write email when you have been drinking.
4) Never include personal, intolerant, or insensitive statements in corporate email.
If it helps, it is also useful to imagine a prosecuting lawyer looking over your shoulder as you write every email you send.
This article was originally published at The Conversation.