Company employees and customers alike have become accustomed to communicating quickly and easily. The business adoption of new technology and communications platforms accelerated during the pandemic and has continued in the post-COVID-19 hybrid workplace. Spontaneous insights, business planning, and brainstorming sessions are no longer limited to hallway conversations, coffee breaks, or impromptu office meetings. Instead, ideas are instantly texted or messaged on platforms like Microsoft Teams and Slack. For the ever-cautious compliance professional, the record created in the back-and-forth among employees using digital shorthand can be of genuine concern. These brief, off-the-cuff messages across text-based digital channels are typically less formal than emails. Such chats may lack detail, clarity, and background information and, without context, may give rise to problematic interpretations.
Relying on compliance policies and procedures to limit and monitor the business use of messaging platforms is a Sisyphean task. It also doesn’t reflect the demands of today’s business environment. A better approach is to educate employees on how responsible communication mitigates risk while acknowledging the utility of these communication methods.
DOJ wants to know what you’re texting
The March 2023 revision to the U.S. Department of Justice (DOJ) Criminal Division’s Evaluation of Corporate Compliance Programs reinforced the importance of responsible business communications across all platforms.[1] Among other updates, DOJ made clear its expectation that companies ensure all communications—including those on personal devices, communications platforms, and messaging applications—are accessible and can be preserved by the company. This includes apps where the messages automatically disappear from recipients’ conversation histories (aka ephemeral messaging), such as WhatsApp, Signal, WeChat, and Telegram. It is DOJ’s view that access to this content reflects the effectiveness of the company’s ability to adequately report, investigate, and remediate potential misconduct and violations of law. The government’s interest in accessing these messages is to detect and investigate possible misconduct, capture a contemporaneous record of communications, and determine intent. In response to DOJ’s guidance, compliance professionals are advised to make thoughtful, well-reasoned decisions about policies and procedures governing using and accessing messaging on personal devices, communications platforms, and messaging applications.
But what of the underlying message content itself? A text chain suggesting a return-on-investment analysis of supposedly nonpromotional activities might interest agencies investigating a manufacturer’s actions in life sciences. Similarly, a poorly worded chat discussing the impact of a merger on product availability could be a red flag for antitrust agencies seeking to evaluate the competitive effects of a proposed merger. In these circumstances, ignorance is not bliss.
