Compliance

The Case for Email Surveillance Software

New surveillance capabilities provide value outside the world of regulatory compliance

The-Case-for-Email-Surveillance-Software

Few concepts are more readily associated with corruption and government overreach than that of the surveillance state. Long the foundation for dystopian novels and dark fantasy, the issue of government intrusiveness has recently struggled to avoid the limelight as the exploits of hackers, foreign entities and even the US government are becoming commonplace in the internet age. While the public has largely reacted with horror and opposition to these activities, surveillance software has been quietly improving the financial sector for well over a decade. There's reason to suspect other industries might want to consider joining in.

Birth of Email Review

To learn more about the birth of communication surveillance in the financial industry, one needs to turn back the clock to the early 2000s and a business world was rocked by scandal. Enron and WorldCom shattered the public’s faith in regulators to properly recognize and capture insider trading. To restore confidence in the system, the federal government passed a series of regulations (the governing body at the time was known at the time as NASD and as FINRA following 2007) to give monitors greater visibility into employee communications. The FINRA regulations (which applied primarily to financial institutions) involved not only requirements to capture 100% of email communication, but also to monitor that data and flag potentially illicit material. A portion of said flagged data needed to also be reviewed periodically for potential insider trading or other illegal activity.

To meet the new FINRA requirements, a new breed of information governance software arose (which for the purposes of this article will be referred to as compliance software). Different brands of compliance software often varied in terms of its sophistication and monitoring capabilities, but each instance largely focused on creating full-text indexes of all emails sent or received which would then be reviewed for illicit terminology or phrasing (such as illegal guarantees of returns). Due to the stringent punishments associated with FINRA non-compliance, the compliance software was quickly adopted and enacted throughout the financial industry. The software continues to be used to this day, not only to catch insider trading, but also to review workplace language and other behavior.

Compliance without Regulation

While the use of this software outside of the financial industry has to this point been fairly uncommon, there is reason to believe that compliance software and email review may yet have new markets to exploit. As information becomes more fluid and accessible, the wrong communications can be devastating if accessed by a malicious party. The past decade has already seen a stark rise in both the degree and sophistication of hacking, and the damage that these hacks can wreak is immense. While most hacks have prioritized the theft of intellectual property, several have involved the access and distribution of emails containing inappropriate or embarrassing exchanges. The potential public relations damage from a leaked exchange depicting racism or sexism among a company’s top brass can be devastating. Email review allows compliance managers to ensure that inappropriate conversations of that nature are quickly detected and proactively handled to protect the organization in the event that said content were leaked.

While the prior use case focused heavily on the value compliance software can still provide the business world, email review can also offer as much if not more value in the public sector. There are perhaps no individuals more susceptible to reputational damage than political parties or organizations, particularly through the leak of private conversations (whether by staffers of politicians themselves). By providing communication reviewing capabilities, candidates would have the ability to be forewarned of campaign or organization misconduct and prepare not only disciplinary policy, but also proactively plan out crisis management options in the event that the information will be made public. Such organizations would also benefit from email collection and preservation to help stem some level of leaking.

Surveillance may remain a dirty word among the public, but the value that email review offers ensures that the world will only be seeing more of it in the years ahead.

Greetings all. Here at ZL I work in Business Development to find new and relevant ways to deliver our information governance solutions and expertise to organizations and businesses. Outside of work my interests center around languages, politics, philosophy and traveling.