Today the Information Commissioner’s’ Office in the UK confirmed a review of the private use of messaging applications by UK Government officials. This review follows an investigation into Lord Bethell, the health minster’s use of WhatsApp.
The communication challenge for Governments and organizations
Governments and organizations have official channels for communications. Email is an obvious channel. The UK Government also enables messaging over Google Workspace. However only if there is no need for there to be a record of the conversation.
The rise in popularity of messaging applications like WhatsApp, WeChat, LINE, Signal and Telegram as an easy way of communicating means that increasingly employees use these applications for more than just personal conversations. They are particularly popular when dealing with external parties like customers, clients, suppliers or perhaps constituents.
Visibility – central issue
Conversations on messaging applications – especially those on personal accounts – are not visible to organizations. Personal messaging applications and corporate systems do not automatically interface so an organization cannot monitor or automatically record them. Essentially they are a compliance black hole.
In the case of the Bethell investigation, the ICO’s Elizabeth Denham said while the use of private email and other communication channels “does not in itself break freedom of information or data protection rules”. However, she also stated her concern that that “information in private email accounts or messaging services is forgotten, overlooked, auto-deleted or otherwise not available when a freedom of information request is later made”.
Data Loss and Privacy
It is possible that these accounts are personal accounts on personal devices. Consequently, there are risks if– as in the case of Lord Bethell – the phone is not available for investigation. Data on a lost, replaced or otherwise compromised phone is not easily recoverable. Some organizations ask employees to download all their messages and store them. This relies on employee compliance and opens issues of employee privacy.
It is important for enterprises to consider how to capture conversations on channels like messaging applications. The retention, security and preservation of all communications is vital to enterprises and government departments. Both need to have a full and complete record of external communications for compliance, GDPR, regulatory and legal reasons.
In this specific case, these conversations are vital to questions regarding the award of £85m of contracts for antibody tests to Abingdon Health.
How to respond
LeapXpert’s Federated Messaging Orchestration Platform, enables organization to use messaging applications. Conversations are centrally monitored, recorded, and audited for breaches in real-time. The organization has complete visibility of conversations to messaging applications over the FMOP. Additionally, organizations can proactively set rules, processes and keywords to prevent breaches of protocol. All from one centralized platform.
Visibility a priority
In the event of a legal challenge or audit, the organization can provide a full record of messaging application conversations. This is particularly vital if the phone has been lost, discarded, the employee departs or questions arise regarding deleted messages.
Consider the case that a government department or organization needs to provide messages sent by a senior official (as in this case). Using LeapXpert’s FMOP, admins would be able to provide a complete record of both sides of the conversation. This includes any files, images, voice notes etc. sent.
Organizations have the option to set ethical walls. This prevents conversations between individuals that should not converse due to governance, regulatory or for ethical reasons.
Enabling employee productivity
As employees conduct conversations from a centralized platform, they do not have to switch between messaging applications. This not only increases productivity but also streamlines any data and record management. The centralized platform makes it easier for individuals to safely communicate within their organization’s guidelines.
Policy a good first step
Many organizations have policies on the use of messaging applications – banning them or putting caveats on their use. Policies constitute a good first step. However, LeapXpert’s FMOP means that industries like the government and public sector can embrace messaging applications to better deliver public services.
LeapXpert believes that with proper technology in place to manage compliance, regulatory and visibility organizations can embrace messaging applications like WhatsApp with little risk.
To learn more about how to embrace messaging applications for your organization – talk to LeapXpert
Interested in knowing more? Read our blog on why invisible conversations are a risk to enterprises.