Internal communication and the dilemma of the ephemeral
Uber, which has been involved in a range of scandals, from sexual harassment to paying off hackers who stole the company’s data, all largely the result of an end-justifies-the-means culture that is driving its rapid growth, is once again under the spotlight after choosing Wickr Pro as its internal communication platform. Wickr Pro not only boasts strong encryption, but also a feature whereby messages can be automatically eliminated after a certain period, making it very hard to keep records of what people say and that would potentially hinder any investigation into alleged wrongdoing.
To what extent should companies be obliged to store information about their business processes? We’re not necessarily talking here about some “dark” or intrinsically malicious use, and instead an application that simply explains in its contracts that it makes little sense to preserve all a company’s information; what’s more there is a risk involved in doing so. Companies do not preserve recordings of corporate meetings that detail “who said what” at each moment that potentially led to a decision, so why store all communications, such as instant messaging, which are essentially conversations? What happens when these conversations take place on platforms such as WhatsApp, Telegram, Signal or others that are encrypted and, therefore would be inaccessible to a hypothetical subsequent investigation?
Wickr Pro has a point:
Companies can decide that after a certain period, messages can be deleted, after which, they cannot be recovered, not even from Wickr’s servers. Companies are usually required by law to keep emails and other documents, whereas instant messaging conversations, which are increasingly common in corporate environments, particularly as younger people join the workforce, are by their nature short-lived, although in many cases, they can be the way certain decisions with potential legal consequences. are communicated.
We should not be surprised if some companies would actively prefer to communicate decisions in ways that will not be recorded for posterity, to avoid any investigation in the future. And while the use of a device or channel intentionally designed to hide information in a hypothetical investigation could be interpreted as a breach of the obligation to preserve records that might be relevant to an investigation, the use of that same channel for security reasons and to avoid information theft is a different matter.
What role will these types of communication channels that hinder traceability in the decision-making processes play in the future? There seems little chance of banning them, given that they are little different to water cooler chat, which no one in their right mind would demand companies to record and store, but it doesn’t take much to create clandestine channels that might provide impunity in certain decision-making processes and bad faith in doing so would be hard to prove. To what extent are companies required to be fully transparent? Will the availability of these types of tools change organizations’ communication policies?
(En español, aquí)
