Feeds

Self-destructing email – what Bill wants for Xmas

But it's not quite as simple as that, fortunately

  • alert
  • submit to reddit

Application security programs and practises

The self-destructing email is almost upon us, according to a piece in the morning's New York Times. The breakthrough (if breakthrough it is) comes a little late for Microsoft, but Fort Redmond should look on the bright side - all of those awful trial exhibits add up to an amazing sales pitch to companies who don't want the same thing to happen to them.

But that of course is one of the problems as well. What do you think would be the reaction if Microsoft today started wiping its emails from its systems? Or if Microsoft developed a product that made it easier for itself and its major corporate customers to do so? The Feds wouldn't be happy, and the general conclusion would likely be that industry was giving itself carte blanche to do whatever it wanted, because there'd never be any evidence.

That's not of course how the companies developing email control systems would put it, but it's certainly how a lot of corporations are likely to see it, if the software flies in the first place.

The way the developers put it, what they're actually trying to do is to give customers the ability to control their information, stop it leaking, and stop email that only amounts to casual conversations escaping and being used against them. In its trial defence Microsoft argued that the brutal language used in its internal emails fell into this category, and couldn't be interpreted -- as the DoJ did interpret it -- as being official company policy.

Which up to a point is fair enough. In casual conversation quite a few people in business are prone to promise to do unspeakable things to rival companies, and some of this now gets transferred into email. So how come email gets recorded but the casual conversations don't?

Well, there you have the problem as far as Microsoft is concerned, anyway. Quite a bit of the trial evidence consisted of long documents of strategic significance, with accompanying emails (some of them including the rough stuff) commenting on them. How do you tell the difference between casual conversation and strategic documentation when it's all mixed up together? You don't, and if it's left to the corporations to decide where the line lies, they're going to draw it extremely tightly.

And anyway, self-destructing email looks extremely difficult to do. You have to be able to control the ability to copy the email, to print it out, to take a picture of it on screen -- it does rather look like you have to have all of the PCs in your organisation heavily locked down in order to even stand a chance of total control. Set against that challenge, developing software that makes email messages destroy themselves after a set period of time sounds pretty easy, but unless you can plug all the holes, what's the point?

Probably the best companies can hope for is to increase their ability to reduce information leakage, rather than eliminate it, in which case the documents that are being subpoenaed in current legal actions are still likely to exist, either somewhere with the organisation or with a business partner.

If companies went much further than this and actively destroyed documentation, then you could turn the casual conversation analogy on its head. They would effectively be shredding sensitive information that had been carried by email. And what happens to companies who shred information they think might get them into trouble? ®

The Power of One eBook: Top reasons to choose HP BladeSystem

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Airbus promises Wi-Fi – yay – and 3D movies (meh) in new A330
If the person in front reclines their seat, this could get interesting
UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill
Just 49 MPs oppose Drip's rushed timetable
Want to beat Verizon's slow Netflix? Get a VPN
Exec finds stream speed climbs when smuggled out
Samsung threatens to cut ties with supplier over child labour allegations
Vows to uphold 'zero tolerance' policy on underage workers
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.