Email management is a constant tug-of-war between legal and compliance stakeholders and those working within specific business units. The former wants to delete nearly everything, while the latter would prefer hanging on to every last thread and attachment.
While having a comprehensive archive of previous clients, vendors, and internal communications can be a useful resource, itโs simply not worth the risk for your colleagues standing guard against potential liabilities. To better understand their perspective, letโs dig into the various reasons why theyโre so anxious to delete old emails.
Whatโs different about email
Email messages arenโt the only digital assets representing possible legal risks, but their innate nature as a communication medium poses an additional danger. Itโs far easier for emails to accidentally end up in the wrong hands since theyโre designed to be forwarded, replied to, and get ccโd or bccโd on. Plus, employees donโt treat email messages with the same caution and diligence as they might a spreadsheet with birthdates or a database full of credit card transaction records.
However, many emails are considered records, which puts them into an entirely new category when it comes to retention, destruction, and organization. How theyโre handled isnโt just personal preference, it has far-reaching ramifications.
Reason #1: Privacy and security regulations
In the wake of many headline-grabbing data thefts and leaks that included personally identifiable information (i.e. PII), itโs more important than ever to protect individuals from having their contact information, health data, financial info, Social Security numbers, and other sensitive data from falling into the wrong hands.
To meet this challenge, regulations have popped up around the world that severely penalize firms that play fast and loose with this personal information, particularly in the event of a breach, theft, or leak. Hefty fines have been levied against companies of all sizes, including massive penalties levied in 2023 such as Meta fined โฌ1.2 billion for GDPR violations in Ireland, Amazon fined โฌ746 million for GDPR violations in Luxembourg, and TikTok fined โฌ345 million for GDPR violations in Ireland
Itโs not just tech companies either. H&M faced a โฌ35 million fine from Germany and British Airways was hit for โฌ22.4 million in the United Kingdom for GDPR violations as well. In the United States, the California Consumer Privacy Act has already walloped Google with a $93 million fine as this law and other state-level regulations come online, and federal agencies such as the Federal Trade Commission and Consumer Financial Protection Bureau are also penalizing firms for data breaches, such as the $575 million settlement with Equifax for a 2017 incident.
While itโs unlikely any lone email could lead to nine-digit fines from a regulator, itโs the legal departmentโs duty to protect the organization from such actions, and emails can play a part in important data or security info escaping into the wild.
Reason #2: Legal discovery
In both civil and criminal matters, oneโs culpability ultimately comes down to evidence. Lawyers from both sides paint a picture of guilt or innocence using exhibit after exhibit to supplement testimony. Email is no exception to this, and these messages have played a major role in determining the outcomes of many cases, such as when a Steve Jobs-authored email contributed heavily to a $400 million judgment against Apple in 2013 or when internal emails concerning the risks of OxyContin emerged during the ongoing Purdue Pharma legal saga.
Any conversations documenting even a hint of law-breaking can prove devastating for firms if unearthed during discovery, so legal obviously wants no record to remain. The same theme extends to internal personnel matters, where emails might be used as evidence during lawsuits from current or former employees.
But more innocuous emails can also make things tricky for firms tied up in litigation or audits because, unlike personal emails, work emails are considered business records. From breach of contract to accounting violations, lots of things may get unearthed and used during official proceedings and in settlement negotiations.
Reason #3: Maintaining IP and trade secrets
Whether youโre worried about filing your patents before the competition or simply donโt want a secret recipe to get exposed, thereโs a lot of information in internal emails that the organization would prefer to remain private. Schematics, project plans, formulas, architecture diagramsโฆ this is not the kind of material that should be left to knock about in employee inboxes for years on end, one errant keystroke away from getting accidentally forwarded.
Deleting as much sensitive info as possible and limiting its presence to specific, central storage locations with proper security and version control is a wise best practice.
Reason #4: Protecting contract terms and pricing
Whether your organization is the vendor or the customer, legal doesnโt want contract details being shared beyond those who actually needs to know. If these details get out, it could scuttle negotiated deals and have partners who may have agreed to โless favorableโ terms looking to revisit things.
These matters are also extremely valuable to competitors, who could leverage this info to optimize their own supply chain or steal your customers with sweeter deals. And, of course, leaked contracts represent the potential for major confidentiality breaches with more private and litigious customers or vendors.
Reason #5: Clearing out the noise
Finally, legal might also just want employees to delete all the useless emails theyโll never use again because it makes it harder to find the 5% of them that matter or must be retained for a specific time period for compliance purposes. With frequent purging and a little organization, itโs much easier to locate those important emails later.
Selective Email Disposition
Maintaining proper email hygiene is easier when end users have tools that empower them to quickly categorize and organize their emails, and thereโs no better place to do that than right from your inbox. With harmon.ie, end users can save emails to SharePoint or Microsoft Teams and add metadata for easier discovery all without leaving their Outlook.
As edicts from legal to delete this or retain that get handed down, itโs essential not to overlook the importance of the end-user experience in fostering adoption and compliance. Make it easy for everyone to manage their email according to legalโs policies and start your free trial today.
