Self-destructing e-mail: pragmatic or paranoid?

Who among us hasn't, on one occasion or another, wanted to take back something we said? It's a universal desire, this urge for selective retraction of unfortunate comments, for the ability to expunge some verbal embarrassment from the public record and the memories of our contemporaries.

Now imagine what the world would be like if everyone could do this all the time, if everyone could shoot their mouths off without regard for bad consequences and then conceal all evidence of their irresponsibility. The e-mail industry is on the verge of granting this desire, in the form of "self-destructing" or "self-retracting" e-mail.

The pioneering company in this area is the cutely named Disappearing, Inc. and lets users of leading e-mail products selectively retract messages they have sent, even after those messages have been received, read and archived. The company manages this trick by enabling users to encrypt message body parts and then require recipients to retrieve centrally stored, message-specific decryption keys every time they wish to open a message. With the company's product, destroying or retracting a message (or at least locking it away from prying eyes forever) is as simple as blocking recipients from accessing that message's decryption key.

Contrast this technology with the proprietary message-retraction feature in Novell's GroupWise. Novell's retraction functionality operates only up to the moment the recipient opens the message, works only across a network of GroupWise message servers and requires the message sender to actively delete the message on downstream GroupWise message servers. Disappearing's product lets senders retain indefinite control over their messages, operates potentially across any number of messaging systems that support digital certificates and requires recipients to actively request the public keys to open messages, even those received years ago.

I'm not sure whether I should be more amused or appalled by the new frontier of public-key-enabled message-retraction services.

What amuses me is how faddish and "late '90s" it all is. We're still trying to absorb the full impact of the Microsoft trial, in which damaging internal e-mails helped to convince a federal judge that the company has abused its de facto monopoly status in computer operating systems. Now every CEO in the world has begun to lose sleep worrying about legal liabilities lurking somewhere in the verbal foliage of their enterprises' voluminous message stores. Or in the millions of messages their employees have sent outside the company over the years.

With the millennium on our doorstep, we're turning a cultural corner into an era of enterprise paranoia centered on threats from Internet-facing e-mail systems. If we're not worrying about inbound beasties such as mail-borne viruses and spam-scams, we're agonizing over outbound disasters such as staff disclosure of trade secrets and other sensitive information.

What's appalling is the prospect of universal corporate deployment of message-retraction technologies. One casualty could be the concept of personal integrity and responsibility in business communications. It would be more difficult to hold someone to his word because each of us could withdraw our past words from the public record anytime we got the notion.

But I'm more amused than anything else by the upsurge in interest for message-retraction technologies. Enterprises have not rushed to embrace secure-mail products, and message retraction is not the killer app that will buoy this niche market. Even if message retraction were supported broadly by messaging vendors, users would probably ignore it much the same way they ignore the "priority" and "sensitivity" attributes supported in their current e-mail environments. Also, e-mail recipients would balk at the requirement that they download a noncacheable decryption key every time they want to open a message, considering this requirement would render offline message stores useless.

Besides, the growing interest in message-retraction technologies just points to the fact that many enterprises have not developed clear policies for aging, archiving and retaining e-mail messages. Companies may not want to let end users determine the appropriate time to live for e-mail messages that, after all, constitute a precious corporate record.

Clearly, message-retraction technologies open up a Pandora's inbox of troublesome issues for modern enterprises. This is not a technology that you should implement without thinking through the many cultural and legal ramifications.

Kobielus is an Alexandria, Va.-based analyst with The Burton Group, an IT advisory service that provides in-depth technology analysis for network planners. He can be reached at (703) 924-6224 or jkobielus@tbg.com.