One mistake people often make is assuming the emails they send are private.
All hell can break lose when an email is disclosed to unintended parties. There are many ways this can happen to a message (and Murphy’s laws will ensure it does, at the worst possible time). For instance:
- The recipient might forward it inappropriately. This is probably the most common occurrence. Sometimes it’s an act of pure idiocy, as when you send someone a personal comment about X and before you know it they send it to X or his colleagues. But often it’s indirect: the recipient forwards a mail containing a long thread, without noticing that somewhere down the thread is something that is best not shared with one of the list of addressees.
- The recipient might try to forward it appropriately, but sends it to the wrong party instead: with today’s address auto-complete feature, anything’s possible.
- The recipient might “outsource” its processing. This is common with managers: you send them a mail and they let their TA or admin handle it.
- The recipient might expose it due to lax information security, e.g. by having their PC hacked into, or losing their BlackBerry with your mail on it. For that matter, it may also be hacked into in your own machine’s Sent Items folder.
- The recipient might print it out on paper, then dump it – a whole world of leak opportunities there.
- The authorities might grab it. Any email may be subject to discovery in case of litigation. A more extreme case: when Enron collapsed in disgrace the US government grabbed the email database off its servers and made hundreds of thousands of emails publicly available (e.g. here). It’s an invaluable source of statistics for researchers of email behavior, but in the process it exposes many sensitive and personal messages.
So, what is one to do? We’ll explore in a coming post; until then, be careful what you write!