What does your Chief Legal Officer think of social and collaboration tools?
Because of all the recent hype provided by Microsoft on Office 365, I happened to be doing some research on competitive products and ran across a legal article that posed some questions for me. Simply because of our products I do have some interest in eDiscovery and have known that what is acceptable evidence is changing as fast as technology.
For example, if I am an employee and I post something on my personal Facebook account, if I am at work, the company I work for is legally liable for what I post. What I recently learned was the same applies to text messages and phone messages, although some courts cut the company slack as deleting messages from a cell phone stating, “there has been no showing that the innocent clean-up of personal electronic devices to allow them to function was unusual, unreasonable or improper under the circumstances.” Some courts rule the opposite way. BYOD is an issue in many organizations and not solely from an IT perspective. For example, if employees use their personal devices for work, then the company does have a duty to preserve the data and from a reverse point of view, does the company have the right to retrieve data from an employee’s personal device without their consent.
Getting back to the point, and not quickly I may add, with the so called rise in business social tools and applications, the organization can be at increased risk. Since most data breaches are caused internally, the participation in business social processes that encourage employee participation, collaboration, and communication can at least raise an eyebrow of concern. This is not meant to be a slamming of social, I just started to wonder when opening the floodgates of communication, how does an off-chance remark get tagged for potential litigation? Like any other business application it needs to be managed, administered, and in the case of these tools, monitored.
The above excerpts were taken from an article by Electronic Discovery and Information Law Practice Group, and can be reached at (212) 351-4057 or (949) 451-4330