E-mail archiving: landmark ruling by the ECtHR

Following the landmark ruling of the European Court of Human Rights (further sources at the end of the article) on the subject of “private e-mail use”, it should be clear that it is imperative to comprehensively regulate e-mail use in the company (legally, organizationally, technically).

Here are the 10 most important “Anti Patterns” for correct e-mail archiving (or: how I must not behave under any circumstances.):

  1. Let your IT department introduce an email archiving system through the back door because a license can be purchased cheaply from a SW vendor.
  2. Do not issue directives regarding the use of email and the retention of email.
  3. Do not, under any circumstances, inform your employees about email archiving. Keep everyone guessing about the purpose of the archived email.
  4. Allow unrestricted private use of your email infrastructure. Yes encourage MA to send and receive private emails.
  5. Archive all emails from all employees permanently for at least 10 years and don’t think about how to collect (delete) them later.
  6. In the event of a disaster, create backup tapes and store them off-site with your archive provider for an indefinite period of time.
  7. Recycle email addresses and forget about an identity management system.
  8. Implement a “Google Like” search for the email archive.
  9. Allow your MAs to maintain personal email archives (e.g. MS PST containers).
  10. Don’t worry about the integrity and immutability of the email data in the archive.

Download the full presentation by D. Spichty:

    On the KRM website you will find various articles on the topic of e-mail archiving, as well as in our book Information Governance.





    Would you like the most important information in a summarized form? Then download the presentation by Daniel Spichty!

    Other sources on the decision:



    Submit a Comment

    Your email address will not be published. Required fields are marked *

    Related articles

    On 16.3. is Digital Cleanup Day

    On 16.3. is Digital Cleanup Day

    Tidying up is clearly not everyone's cup of tea, but we all know the good feeling that a tidy room, a tidy desk or ... a tidy drive! You can feel proud with a clear conscience, because deleting data also has an important effect on energy consumption. I have calculated...

    read more
    Dealing with data risks: Data breach notification

    Dealing with data risks: Data breach notification

    A data breach notification or "data breach notification" refers to the process by which an organization or company is required to notify the relevant data protection authorities and, if applicable, data subjects of a data breach that is likely to result in a high risk...

    read more