Retracting Messages – A Pipe Dream?

One question that I get asked persistently, if infrequently, is the slightly cringe inducing “someone just sent a message on chat, how do we take it off the system?”  I think this question arises more often in the context of chat/IM than it does in email for a couple reasons:

1. Usage of IM tends to be quick and informal.  It feels more natural and is certainly easier/less deliberate, to send a potentially damaging IM than it is to send an email.

2. People have used email for longer, and everyone has probably already run into a situation where they wanted to, but discovered they couldn’t, retract an email.  Because IM is relatively newer in the enterprise, they haven’t realized that, by and large, the same is true for chat/IM

But we know that inappropriate IM can be just as damaging as inappropriate email.  On large chat rooms, every message could be effectively ‘copied’ to hundreds or even thousands of people instantaneously.

 

The short answer to the question, as with email, is ‘no’.  The long answer is slightly involved.  If the IM system in question is a hosted service (eg AOL, Yahoo, MSN, RM) then once the message is sent it is outside of the enterprise network, and out of the control of enterprise IT staff.  If the IM system is a deployed enterprise IM system (eg Microsoft LCS, Lotus SameTime, an enterprise Jabber server, etc) then there is some ability to ‘retract’ the message.  Most of the time, this takes the form of an administrator manually deleting the offending message from a database.  Doing this prevents future end-users from retrieving the message through user-facing chat history tools.  If there is a separate regulatory archive, in most cases the message cannot be removed, so that a future investigation will show that the message was sent.

 

Also, and perhaps most critically, messages appear on recipients screens nearly immediately after they are sent.  Once a message appears on my screen it is nearly always impossible for an administrator to remove without visiting that PC directly and closing the window/application containing the message.  This desk visit rarely takes place, and even if it did it’s usually too late – the message has been read, or even copied, forwarded, put into an email…  In other words, as soon as the message has been sent the damage has been done.

 

I heard about a new product last night that attempts to remedy exactly this type of liability.  The company has invented something it calls “recordingless messaging”.  Messages sent through this system cannot be copied, forwarded, stored, or archived.  It claims to have both email and IM versions, as well as desktop and mobile device clients.  From my quick view it’s not possible to sign up for a free trial, but if it works as advertised I think there could well be a market for this type of service.

 

https://www.vaporstream.com/

~ by lawlorg on January 24, 2007.