Features - Enterprise Data Insights:

THE RISK OF EMAIL
By Andrew Moffat

Over the past decade, email has become a cornerstone of corporate business and has quickly replaced written documents, faxes, and even the telephone as the primary communication conduit for most corporations. As computer technology has advanced and people have become accustomed to using email, the importance and complexity of email has evolved from a few simple text messages into a multitude of mission-critical documents. Negotiations, bids, proposals, contracts, legal agreements, regulatory forms, and a host of other vital correspondence now find form in email.

But with this progression comes increased corporate risk. Email is essentially a "corporate memory" of how an organization has conducted itself. A potent and powerful factor during litigation, courts in the US, as well as many other countries, have ruled that email relating to potential litigation must be preserved as evidence and is subject to disclosure. Email can often show -- with a high degree of reliability -- who said and knew what. Email is often a modern litigator's primary weapon in the search to uncover a needle in a haystack.

As email becomes the default method of business communication the ability to archive, search and understand vast stores of email with effectiveness and ease is imperative in order to mitigate corporate risk during litigation. The essential questions are: What does your email say about your company and the conduct of your employees? Would you be comfortable having your email exposed in a court of law, tantamount to a retroactive wiretap on your communications?

Email is the "Smoking Gun"

For trial lawyers email often represents the "smoking gun" that will win their case or force a settlement. Attorneys aggressively lobby courts for access to their opponents email stores. This in itself can be a significant corporate risk. Consider the case of a female employee who brought a lawsuit against software giant Oracle. The woman had a romantic relationship with CEO Larry Ellison, but was eventually fired for an unrelated cause. In retribution, the woman sent an email message from the account of another Oracle executive saying, "I have terminated [the woman] per your request." Based on the email, the employee filed a wrongful discharge and sexual harassment suit against Ellison. But the district attorney found the smoking gun in the Oracle email audit logs, and eventually proved that the woman had falsely created the email message. She was prosecuted for perjury and falsifying evidence. (Wall Street Journal, January 29, 1997)

Perhaps the most popular example of damning email in litigation is the US Department of Justice's antitrust trial against Microsoft. The content of email traffic between Bill Gates and other Microsoft executives was startling and captured attention in many corporate boardrooms. This message rang clear: If a damaging email exists, someone will find it, and it will most certainly resurface to haunt you.

To delete or not to delete…

To mitigate the potential risks associated with discovery, some companies have a policy to intentionally delete email messages (after 30 days, for example). This type of approach can backfire, however, as was the case in the "fen-phen" diet drug suit. One of the manufacturers was severely sanctioned for overwriting tape backups for several months after litigation had begun. The court instructed the jury to infer that the deleted messages contained evidence that was potentially damaging, and that the company had either negligently or intentionally destroyed the evidence.

Another risk that is often overlooked is the fact that a great deal of personal email is transmitted via corporate messaging systems. This can leave a company open to both litigation and theft. The free flow of email means the backdoor is potentially always open. One example is a recent case that involved a contract employee at Gillette Company who was caught using email to sell stolen plans for the company's new Mach-3 razor.

In short, the risks associated with email are significant in terms of litigation, exposure of corporate and employee behavior, and theft of proprietary information. In order to mitigate these risks, companies must understand where all of their email records are located, what they say and who is saying it. Only by implementing a comprehensive email archive strategy that adheres to proper records management principles and policies, and organizations mitigate the risk email presents in the Information Age.

Author's BIO

Andrew Moffat, CD, B.Admin is the founder and CEO of EDUCOM TS Inc. EDUCOM TS Inc is an industry leader in the development of software solutions focused on the mission-critical management of corporate e-mail. EDUCOM products help clients establish e-mail retention policies, protect corporate intellectual property, increase speed of information retrieval, and reduce costly e-mail server overload. EDUCOM's flagship product is Exchange Archive Solution (EAS), offering intelligent storage management for Microsoft Exchange mail stores. To learn more about EDUCOM TS Inc or the subject of e-mail management visit www.educomts.com.