Unseen Data Risks: 5 Things to Never Put in an Email

Almost daily there are news reports of emails being breached, hacked or searched. Much of this resulted from information that was intended to be between certain parties spreading with the exposed information costing victims their identity, bank account, reputation and even their job.

Besides generally being too trusting of internet and email security, there is little understanding of what happens when an email is sent and who can access these communications.

When corporate email is saved to desktops, accessed through networked computers or forwarded throughout an organization, many duplicate copies could be made for backup recovery, saved to networks and even hidden on the desktop in PST folders. Each time a copy is created, the risks of it being accessed by unintended eyes increases exponentially. Even when all sending and receiving parties delete an email communication, it’s never really gone.

With litigation, compliance and security costs on the rise, many corporations are starting to manage email that takes place on their servers. But email governance is a relatively new concept for most and organizations are struggling to create and enforce policy. As a result it is up to the individual users to protect themselves and there are certain things, no matter how innocuous they may seem, that should never be written in an email.

1 – Let’s start with the obvious: never send personally identifiable information through email. Sure, it seems convenient when you need to update the HR department, complete a loan application with a bank or wrap up a purchase with an online sales rep, but sharing Social Security and credit card numbers, dates of birth and other forms of personally identifiable information can put a person at risk.

Of course there’s always the risk that the person on the receiving end of the email is unscrupulous and will use that information for their own personal gain, but that email is backed up and archived throughout networks and if the system is breached, that information could be at anyone’s disposal. And although most states have laws requiring companies to notify customers/users when there’s a breach of records, there’s a good chance it won’t happen.

2 – Keep your legal/potential legal problems to phone calls or risk more legal problems. Asking for legal advice could be considered an admission of guilt, or at least an admission that you knew there could be a problem. Depending on the circumstances or subsequent action taken, failure to act or even an act of premeditation can be accused.

Whether it’s about child custody, a corporate litigation event or a personal-injury case, when asking friends and family for advice or just discussing the case – pick up the phone.

3 – If it’s not work, don’t send it through a work email. Everyone’s heard this before – employers own the email server their employees use, so all employee email is property of the corporation and can be accessed by said corporation. Yet, we still send anything and everything through work accounts.

Sure, that viral kitten video sent to a colleague will not do much more than reallocate a few minutes of everyone’s day, but other chatty work email can get you in hot water. Remember that Wednesday night party you were bragging about and called out sick the next day, the school play you forgot to put in for and came down with a stomach bug early that morning or those vacation photos from Cancun you uploaded – while your coworker may not tattle, your email will. Of course honesty is still the best policy, but not putting your deceptions in writing is the second best. Once perceived as a liar, your days at work are probably numbered.

4 – Slang terms don’t make you trendy, but they do make you vulnerable. Vulnerable for misinterpretation. Vulnerable for accusations. Vulnerable for lawsuits. If you’re a rapper racist, bigot or prejudicial words may have multiple connotations, but for corporate America and the general public they don’t. Whether it is meant as a joke, nicknames between buddies or an attempt to blend with a younger crowd, these words should never be used.

Paula Deen’s recent ‘lack of judgement’ has made headlines, causing her empire to fall and her millions of fans to offer no defense. She’s not the only celebrity to have their reputation lost after poorly or ignorantly choosing words (actors Michael Richards, Alec Baldwin, Mel Gibson; musician 50 Cent), and if once beloved celebrities can fall in an instant – where would your job and reputation land when using one of these terms in passing or even out-of-context? Forget email, it’s best to never speak them either.

5 – There’s a thin line between compliment, correction and harassment. Whether it is meant to be an innocuous statement, observation or compliment, comments on appearance, work ethic and character can be used as part of class action and employment lawsuits.

Blowing off steam about a colleague that has been late to work every day for the past month since becoming pregnant, making a comment that items have gone missing since the latest hire or complimenting wardrobe choices can bring you into lawsuits. Few approve of it, but we live in an environment that is overly politically correct and a tad sue happy. What may seem like a private conversation or a flattering remark is too often misinterpreted or coincides with another string of events – like the pregnant colleague being passed over for a promotion – that drags you into litigation.

Use the current headlines as a reminder – email is never really private and it is never really gone. While some corporations are bringing in data profiling technology to audit for PII, reduce their chance of breaches and permanently delete email for the same reasons above, you can take control of your data security today by being a little smarter about what goes into your emails.

If in doubt about what to write, just assume your boss, your mother and your neighborhood identity thief will be reading.