Certain things about the
Internet seem to be common sense. If you want to communicate something
sensitive, instead of posting it to a public online discussion forum, send a
private message through email to your recipient alone. If you want to avoid
potential problems with sensitive matters communicated through email, delete
messages after you read them and/or ask your recipients to do so.
In both these cases, what seems to
be common sense is wrong.
messages can be intercepted.
Email is as private as a postcard.
Although it happens relatively rarely, email can be read by others en route.
Encryption utility programs
prevent this from happening by ensuring that only your intended recipients can
read your messages and that you’re the one who sent them. For some time now the
standard has been Pretty Good Privacy (<span
style=’font-size:11.0pt’>www.pgp.com), a program from PGP Corp.
that provides excellent privacy for sensitive email.
The for-pay version automatically
encrypts email and instant messages and lets you send “self-decrypting”
messages to people who don’t have the program. The free version, available for
personal, noncommercial use, lets you manually encrypt and decrypt messages.
You can try the for-pay version for free for thirty days.
As with files on your hard drive,
when you delete an email message, it’s not really gone. It can be retrieved
from tape backups, and in various other ways, months or even years later.
Sometimes, a court will require that email be retrieved when it relates to a
criminal matter or a civil lawsuit.
Some companies have used the
argument in court that they don’t keep email for longer than a certain time,
but, in general, courts no longer buy this. They may even assume that if you
don’t produce email as requested, you’re trying to hide something.
This changing attitude was
dramatically exemplified in May 2005 by the Morgan Stanley case brought by
businessman Ronald Perelman, in which a Circuit Court judge ruled against the
Wall Street firm partly because of its repeated failure to provide requested
Other court cases have also
highlighted email retention. For instance, in June 2005 computer chip maker AMD
delivered subpoenas to nearly 40 PC makers seeking past emails to help prove
its contention that rival chipmaker Intel is trying to monopolize the market.
Regulators are getting in on the
email retention act too. Under the Sarbanes-Oxley corporate reform law, public
companies will be required to retain email. And if you deliberately delete
email with the intention of obstructing a federal investigation, you may get
hit with a fine of up to $1 million and a prison term of up to 20 years.
Tools for Email Management
A changing legal and regulatory
milieu creates new market opportunities. Eager to cash in, software makers and
computer consultants have been announcing products and services designed to
help companies create and implement email retention policies.
“Most organizations don’t have a
handle on email,” says Tom Politowski, president of Waterford Technologies Inc.
the maker of one such software program. With its well-regarded MailMeter
Archive, Waterford targets small to midsized businesses having from 50 to 5,000
email in-boxes, although Politowski says that organizations with as few as five
employees use it as well.
MailMeter Archive captures all
email that employees send or receive, and archives messages in a database. The
program not only makes retrieval easy and inexpensive, but it also lets you
analyze email to detect patterns, Politowski says.
This can help you determine
various things, including who’s sending too many email messages or too few,
who’s emailing an important client, or who might be using email inappropriately
for sending jokes, music, porn, or your customer list.
As many other people do,
Politowski suggests that any organization—large or small—create a
policy that spells out appropriate company use of email. If you send an email
his company will email you a sample email policy that you’re free to copy.
Waterford Technologies sells other
email archiving programs besides MailMeter Archive. And other companies,
including Zantaz Inc. (www.zantaz.com)
and EMC Corp. (www.emc.com),
provide email archiving programs.
Email has great utility, whether
for business or home use. But it’s no panacea. Like any communications medium,
it has its strengths and weaknesses. Sometimes you’d be smarter to pick up the
phone or mail a print-on-paper letter.
And if you want to communicate
sensitive information at very low risk, meet late at night in an underground
parking garage. It worked for Deep Throat.
Reid Goldsborough is a
syndicated columnist and author of the book <span
style=’font-size:11.0pt’>Straight Talk About the Information Superhighway.
He can be reached at firstname.lastname@example.org or http://members.home.net/reidgold.