Mitigating litigation in the muddy minefield of messaging malpractice

Laws covering your rights to read employee e-mail are varied, indistinct and difficult to work with, writes Andrew Collins.

Previously, we looked at the legal status of emails as business records and discovered the law dictates that some emails must be kept for several centuries. We pondered the lack of industry guidelines and marvelled at the White House’s dodgy backup recycling practices, which the Bush Administration has now abandoned.

Today: the mess of overlapping laws that govern enterprise email policy.

Only the very sick-minded welcome lawsuits. So if you’re not a lawyer and you don’t want to end up facing a trial judge and 12 of your peers, you’d better develop a good email policy. So says the vice-president of archive management company AXS-One David Thompson.

This is because, as we discovered previously, destroying business records at whim is a tad shady, legally speaking. And since many emails function as business records, you can’t go nuts with that DEL key or you might find an officer of the court at your doorstep, writ in hand. You can only destroy business records in line with legal requirements or your company’s email policy.

But not many organisations have such a policy, according to Thompson. Interestingly, companies in New South Wales are more likely to have an email policy than those in the other states, but for a reason unrelated to document deletion: the NSW Workplace Surveillance Act 2005.

Thompson explains: “[Under the Act,] if you don't have a policy that talks about surveillance of mailboxes for business reasons, endorsed by the individual, the mailbox belongs to the individual and not the company.”

So if your employees haven’t explicitly acknowledged your ownership of their email accounts, you can’t snoop in their email.

As you would expect, many companies have paid close attention to this and developed an email policy. This often has the convenient side effect of arming those companies with a policy allowing them to legally destroy business emails.

But ‘convenient’ is a word rarely associated with the law, and that certainly rings true here. Since the Surveillance Act is specific to New South Wales and unrecognised in the other states, interstate business gets incredibly messy.

“This stuff is always horrible. What we have here is different state-based legislation, which is a nightmare for any company,” Thompson says.

To keep you up even later at night with worry, Thompson points to the recent Crimes (Document Destruction) Act 2006 of Victoria, which stipulates that organisations cannot destroy documents that could likely be used as evidence in a future court case – one that is not yet even a twinkling in a plaintiff’s eye.

So if you have some emails that could ‘reasonably’ (the law loves ambiguity) relate to some future litigation, and your company operates in Victoria, you must keep those emails.

But what if your supplier comes from Queensland? In that case, they also must keep any related documents - a fact they might not anticipate if they’re unfamiliar with Victorian law. It’s up to you to pass on retention requirements in your contract.

Litigation is the new black

The undeniable complexity of these laws has led to some high-profile e-discovery cases in recent times, and the situation seems set to worsen.

“With the lawyers, it’s almost becoming fashionable,” Thompson says. “They realise corporations will want to avoid e-discovery because it's so expensive.”

In one case where an employee was axed by his company, the fired employee and his lawyer decided to sue the company for constructive dismissal (being forced to resign due to the company’s unfair behaviour). They gave the company a choice: conduct e-discovery of emails over a 5-year period - which would have set the company back millions of dollars - or pay a settlement of $250,000.

Understandably, the company paid up. As Thompson says, “It pays to write the cheque.”

Apparently only 20-30% of e-discovery cases find their way to a courtroom. And lawyers say that in a lot of these cases, if the companies could have easily tracked down the evidence they were asked to in their archive of records, they would not have settled.

But this is not always the case. Several tobacco companies have forked out millions to track down documents, only to find that the documents hurt their case, and they should have paid the settlement when they had the chance. The best case is often to pay them off.

The Australian Wheat Board (AWB) represents another example of costly e-discovery litigation. It rocketed from obscurity to infamy in late 2005 when it was revealed that the company had paid kickbacks to Saddam Hussein. The ensuing e-discovery costs were astronomical.

The company has learnt its lesson according to Thompson - $30 million later - with AXS-One now managing the AWB’s records.

But will others learn from the AWB’s example? Thompson says no: there’s still a prevailing attitude of ‘it won’t happen to us’.

But, he warns, “They are going to get caught out at some point, because we’ve all been using these email systems for 15 years with no control.”

Read more on IT risk management