Instant messaging is today’s go-to means of communication. Being fast and straightforward, it is indispensable in the corporate environment. Employees have become to rely on text messages since it’s often more convenient and efficient to text a colleague or partner rather than calling them on the phone or sending an email. However, many of the used chat apps aren’t suitable for business purposes, don’t meet legal data-privacy requirements, and are used under the radar, as “shadow IT”.
The new EU General Data Protection Regulation (GDPR)
100 days to go: Companies operating in Europe must comply with the new EU General Data Protection Regulation (GDPR) by May 25, 2018. The new law is a step in the right direction: It strengthens the rights of Internet users, protects their privacy, and punishes offenders. In summary, the following can be said in regard to chat services:
Conventional chat services may only be used for strictly private purposes. As soon as corporate contact data is stored on the phone, it is no longer considered strictly private use.
The use of conventional messengers for business purposes is a plain violation of the new EU General Data Protection Regulation.
Conventional chat services require access to the address book and collect user data. When using such a service, the contact data in the address book is read, processed, and possibly shared. This is not compliant with the new GDPR unless prior consent was given by every person whose contact data is contained in the address book. Affected contacts cannot make use of their “Right to be forgotten” (this right empowers individuals to request the deletion of their personal data). In addition to contact data, conventional chat apps often collect other user data, e.g., the location, information about the mobile network, or other details about the user’s activity within the app.
The situation is quite clear. Conventional messengers are incompatible with the new EU General Data Protection Regulation (GDPR), and companies should refrain from using them. Non-compliance with the GDPR can result in heavy fines.
Take this opportunity, and equip your company with a solid business messenger. A messenger that protects the privacy of your employees and partners as well as your corporate data. A messenger that offers efficient administration and user management and allows to strictly separate personal and professional use. In short: Threema Work