We all use messaging apps. At the moment they are more important than ever for keeping in touch with family and friends. However there is a troubling trend of people adapting social messaging apps for business use, and that can have some pretty dire consequences.
The penalties for failing to comply with GDPR are huge, and apps like WhatsApp, as well as having worrying security flaws, are not compliant. Using apps like this for internal communications not only makes your company data vulnerable but opens up the possibility of large fines. Recent high profile cases involve Marriott International who were fined £99 million for a data breach, and British Airways who have are facing a staggering fine of £183 million.
1. Harassment over WhatsApp
This one, sadly, has come up a couple of times. After joining a work WhatsApp group an employee started getting bombarded with messages from a colleague who had found her number from looking at the group. There was disciplinary action for the perpetrator, but really it was the business that put their employee at risk by inviting her to a platform where her phone number would be on display. Whilst the ideal workplace would never have any of this kind of behaviour, it demonstrates one of the ways using a non-compliant messaging app means you lack control over personal data.
2. Leaver shares sensitive company information
The problem with many of these messaging apps is that even if a user leaves a group or chat much of the data is retained on their device. Even if you as the sender delete it from yours. One of our clients had issues with a former employee sharing sensitive company information after their dismissal.
After GDPR became law many people became concerned about how tech giants retain data, one took the time to contact Facebook, and received this response:
“When you send a message on Messenger a copy will be saved to your device. Deleting a message permanently removes it from your inbox and your copy is removed from our servers. Keep in mind that deleting a message or conversation from your inbox won’t delete it from another person’s inbox.”
As a social platform, Facebook argues that this is acceptable, but from a business perspective, you need to ensure you are using a platform that gives you full control of your company’s data, and the ability to instantly remove access to it.
3. Lost in the chaos
A complaint we hear from almost every client moving away from a social messaging app is that not only are they sick of the constant pings all through the day and night, but when they do need to say something important, it often gets lost in the mix. As soon as something important is announced people respond, and for users joining the conversation later on they might have to scroll up past hundreds of messages to find the announcement. This heavily informed our design decisions when creating OurPeople, using our broadcast functionality you can ensure that your messages don’t disappear without ever being read.
4. Keep your private life private
If the tool you use to communicate is also a social media platform, it opens up that person’s life to colleagues in ways that they may not always be comfortable with. We’ve heard instances where details of an employee’s personal life were shared amongst senior management. This was obviously greatly distressing to the employee and under normal circumstances they would not have had access to that information to begin with!
5. Betting on who will be fired
One client experienced employees using a company chat group to gamble on who would survive the job cuts they were facing and who would be fired. Whilst arguably a black-humour way of dealing with a difficult situation, some employees obviously found it very upsetting, and management found it difficult to contain the problem and subsequent messy fallout as they had little control over the platform they were using.
On top of the regulatory reasons and potential fines, these examples show that using social messaging apps for business purposes comes with a host of problems. However compliance doesn’t have to be difficult, it all comes down to the choices you make as a business. All of these problems could have been avoided by using a GDPR compliant communications tool, that gives you control over the chaos, such as OurPeople.