Defensibly Deleting Emails and Files is Hard
Deleting emails and files is a type of initiative that looks easy at the outset, but can quickly become difficult.
Emails and files are retained, and month after month and year after year they accumulate creating digital layers called information horizons. These information horizons contain a little bit of everything: records, non-records, copies containing high-value information, no-value information, personal information, intellectual property, and even documents subject to legal hold. What makes deletion efforts hard is often this information is mixed together. Sorting out what needs to be saved requires a type of “digital excavation” in which an information archeologist has to sort through what is important and what is the information equivalent of “dirt” that can be discarded.
Perhaps the biggest challenge to deleting emails and files are employees themselves. Most employees hoard their electronic information. They save years and years’ worth of information either on their desktop or laptop, or on file shares or cloud storage sites such as Microsoft’s OneDrive.
This “save everything forever” approach is motivated by three separate drivers. First, employees think that this information has business value and may be useful to themselves or others sometime in the future. This is true: some emails and files do have business value and can and should be saved for a period of time. However, just because some information has future value, that certainly does not mean that all information has future value.
Next, some employees mistakenly believe that they are the custodian of a record or records, and as such this information must be saved. Employees tend to greatly overestimate the “this has to be saved and it’s my job to save it” factor.
Third, some employees have defensive motivations for keeping documents –to show in the future if asked that they did or did not do something. Thinking “I better save this to show I did/did not do something” retention is driven by a “just in case mentality.”
Finally, the above three reasons often combine to drive habitual retention. It is easier for many to save everything than parse through the above reasons as to why something should be saved. As alluded above, discussion of deletion can quickly surface emotional pushback. Employees become fearful of the company deleting “my stuff” that “I need to do my job.” Unless addressed, this powerful employee resistance can slow or even stop corporate-wide deletion initiatives in their tracks.
The final challenge is organizational responsibility. Most companies have traditional records, e-discovery, privacy and information security programs. Yet none of these programs necessarily are responsible for email and file deletion. Worse, standalone compliance programs can, and increasingly do, conflict with one another. Unless coordinated and integrated, these programs can easily conflict with one-another, thrwating effective deletion efforts.
For example:
- Records management that involves minimal data retention can conflict with European and US privacy requirements for time limits on retention of privacy information
- Legal hold preservation obligations can be undermined by records retention processes that require ongoing deletion
- Intellectual property management may be undermined by data cleanup projects that inadvertently delete files and emails documenting the organic development of IP
- IT outsourcing of data storage to cloud providers may run afoul of country-specific data residency regulations
This failure to coordinate standalone programs with other compliance requirements can grind work to a halt.
For more information download our 30-page guide How to Delete Emails and Files Defensibly.
