Seeking to prevent sensitive, potentially embarrassing or financially damaging information from reaching tattletale blogs, American corporations are resorting to employee-monitoring software that scan e-mail attachments for confidential data relating to acquisitions, mergers, firings and even earnings reports. Some go so far as to physically deny the user access to specific websites or e-mail addresses. And according to The Wall Street Journal, a Spanish software maker has developed a program that can “peer inside e-mail for sensitive or confidential information, block the message and alert managers.”
These are terrific programs and the companies should be congratulated for their efforts to stymie the rumormongers, gossip girls and purveyors of untruth, even though this approach does sound a little bit like what they do in Iran and China. Still, there is some question as to whether filtering programs are an adequate defense against the rising tide of employee indiscretion and gabbiness. Employees still have access to ingenious devices called telephones. These devices, including easily concealed handheld units, sometimes referred to as mobiles, are extremely useful in bypassing conventional channels. Thus, an employee denied computer access to the websites JustAxed.Com or RecentlyRiffed.Net could circumvent his employer’s electronic safeguards, either by telephoning the website directly, or by calling a friend and having him relay the information in an e-mail.
“An unscrupulous employee determined to leak information is virtually impossible to thwart,” sighs Chip Sunderland, president of Motley & Foolproof, an Austin, Texas-based firm that retrains employees to resist the temptation to leak. “They’ve got their phones, they’ve got their Blackberries, and now they’ve got Twitter. If a person is determined to leak sensitive information, there’s not much a company can do about it.”
Sunderland’s partner, Sarah Pendelton, agrees.
“We had a company planning to lay off 3,500 employees that didn’t want the press to find out until late Friday afternoon,” she recalls. “So Thursday morning, they installed a program banning access to specific websites, disconnected all the landlines and jammed the cell phone frequencies. Then they told the entire workforce that there was a tornado watch down in the valley and a possible eruption of an Ebola epidemic and a tsunami, so it wasn’t safe for anybody to go home until Friday. Damned if somebody didn’t go up on the roof, slap together a makeshift megaphone and holler out: ‘They’re laying off 20 percent of the work force. And they said there was an Ebola epidemic. Anybody out there listening?’ A passing motorist heard it, reported it to the blog SuddenlySalaryless. Com, and before you knew it the Eyewitness News TV crews were out in force. Boy, did that company have egg on its face!”
The problem here is what Sunderland calls “retrommunication,” the perverse use of archaic, superseded and even primitive technologies to bypass new ones.
“Just because you invent the car doesn’t mean I can’t ride a horse,” says Sunderland. “Your using a gun doesn’t mean I can’t use a knife. It’s all well and good to block this and monitor that. But what about text messaging? What about faxes? What about overnight delivery services?”
Pendelton, who believes the most effective blog-stymieing technique is to hire dumb but highly ethical employees who do not know how to use the Internet and are too poor to own cell phones, says that no matter how hard an employer works to block leaks, leakers will always find a way to get the information out.
“I’ve seen bloggers getting reports from carrier pigeons, semaphores, tribal drums, S.O.S.,” she says, ruefully. “I’ve heard of leakers using messages in a bottle, sign language, the pizza guy and even smoke signals. One guy was so determined to leak confidential data to a blogger that he hired a skywriter to spell the words: ‘Viratech Laying off 4,500 Workers This Weekend. And I’m One of Them.’ So you can see the scale of the problem we’re dealing with here.