Outlook: a deluge threatens

October 21, 2005

Most people take e-mail for granted. But unless staff are shown how to use it properly, they could contravene freedom of information rules and threaten university assets, writes Steve Bailey

E-mail - love it or loathe it, there is no escaping it. The benefits of e-mail are so many and manifest that they are common knowledge.

Speed, convenience, flexibility and ease of use all mean that e-mails continue to be exchanged in ever-growing volumes and to be used for everything from invitations to the pub on a Friday afternoon to the approval of changes to a contractual agreement. And yet, perversely, it is these very attributes that make e-mail a serious threat to a university's assets.

Rather than being viewed as one possible means of communication to be used when appropriate, e-mail is often automatically viewed as the only means of communication - regardless of its suitability for the purpose. How many times have you been involved in the exchange of a dozen e-mails to try to arrange a meeting when one quick telephone call could have achieved the desired result? Likewise, how often have you received an "all staff" e-mail to publicise a topic of only marginal interest to a small percentage of people?

On their own, neither of these examples represents a heinous crime or a great risk. What they do, however, is to contribute unnecessarily to the unmanageable volume of e-mails that staff are now expected to cope with.

The problems associated with this volume of information - combined with the dangerous cocktail of formal and informal messages that most people's inboxes contain and the legal admissibility of e-mails as evidence - represent a serious potential risk.

The nature of e-mail as a medium can often trap the unwary author. E-mail tends to be viewed as the electronic equivalent of a phone call - an ephemeral, informal and transitory communication in which people can swap jokes, off-the-cuff remarks and casual comments with impunity. It is not, of course, as many unfortunate individuals and organisations have discovered to their cost when the contents of long-forgotten e-mails have come back to haunt them. Fear of the "smoking gun", the e-mail that inadvertently reveals a subject in an unofficial and potentially damaging light, has long been a concern for the private sector.

The passing of the Freedom of Information Act (2000) has spread that fear to the public sector. Every e-mail sent or received by any member of staff using the institution's e-mail service is covered by, and potentially disclosable under, the Act. This is a sobering prospect when one considers the often cavalier creation and proliferation of e-mail. The situation is made worse by the configuration of most institutional e-mail servers, which often place nominal limits on the amount of storage space available to users but usually do nothing to force staff to properly manage their vast volumes of e-mail.

Considering the potential dangers posed by the existence of thousands of redundant e-mails and the public's "right to know", it may be tempting to reach for the delete button on a wholesale basis.

But what about that e-mail confirming the alteration to a contract that was mentioned earlier? Is it documented elsewhere? What would happen in a dispute if you were unable to provide any proof of what was agreed? Not only would the unmanaged bulk deletion of e-mail go against the spirit of the Freedom of Information Act, it could also lead to dangerous gaps in corporate memory and threaten intellectual, financial and legal assets.

The solution is a multi-faceted one that must include a combination of staff training and awareness, policies and technology. Institutions should make sure that they have a comprehensive e-mail policy that covers everything from acceptable use to the definition and treatment of e-mails as business records. The National Archive's guidelines on developing a policy for managing e-mail is an excellent starting point.

Staff should also receive guidance on the appropriate use and management of e-mail. Many institutions train staff on the mechanics of an e-mail package, but very few build on this in any way to advise users on good practice such as the importance of giving e-mails appropriate subject titles and when it is or isn't appropriate to blind carbon copy someone into a message.

A more controversial proposal surrounds the automatic deletion of messages from a user's inbox after a specified period, be it thirty days or three years. Such a move has a profound impact on the way in which users must view their e-mail as it shifts the emphasis from "what must I destroy?" to "what must I keep?". This approach recognises that an e-mail application is a technology for information creation and communication and not a record storage repository. The logic is that e-mails that are regarded as having a value or significance should be stored in an appropriate repository alongside the other information to which it relates for as long as is required. Any e-mail not identified as such will be removed automatically and deleted without the need for user intervention.

There are limitations and potential dangers associated with this approach and it is far from a complete solution, but it has considerable merits. As such, it is finding some favour and is being implemented or considered by a growing number of organisations as part of their efforts to tame the e-mail beast - before it bites back.

Steve Bailey is records manager for the Joint Information Systems Committee.

Further information: http:///www.nationalarchives.gov.uk/electronicrecords/adv...

Back to ICT index page

Register to continue

Why register?

  • Registration is free and only takes a moment
  • Once registered, you can read 3 articles a month
  • Sign up for our newsletter
Register
Please Login or Register to read this article.

Sponsored