The whole issue of (E-mail Archiving and Management) EAM has come under the spotlight recently - triggered by a ruling by the Ninth US Circuit Court of Appeals in San Francisco - a ruling that touches on the Fourth Amendment "Protection from unreasonable search and seizure." In this particular case, plaintiffs argued that when employers read the content of text messages sent by their employees, text messages that were held by a hosted vendor (Arch Wireless), that the employees' fourth amendment privileges were breached. In other words that even though the employees were using company-paid messaging systems, that the employer should still respect their privacy and the confidential nature of personal message exchanges.

It's a ruling that could have a huge impact on the EAM market and in particular on vendors like Fortiva, Dell MessageOne and Google Postini, that all offer hosted SaaS EAM solutions. Why SaaS options in particular? Well the ruling states that employers (when using "outside" third-party text or e-mail services) cannot get access to employees' content without their permission first. The ruling is a bit hazy -- and may or may not apply if the mail and text servers are located on-premise. But regardless of whether this just applies to SaaS or both on and off premise solutions, just think the implications through for a moment -- the impact is potentially huge.

Since the ruling, the story has been picked up widely in the press - and as a result the popular verdict is clear - workplace mail is (for the time being at least) confidential. So how does this impact firms that are using EAM software to check up (snoop and breach confidentiality) on what employees are saying to one another? Where does it leave any employer when it comes to accessing employee messages in potentially legitimate business situations? Currently it leaves them between a rock and a hard place. There will likely be some exceptions to this for example those subject to FISA (Foreign Intelligence Surveillance Act), i.e., potential terrorists. But for the average employee without murderous intent for now at least the law seems to be quite clear: in the United States your employer cannot assume access to your messages without your permission. And for EAM vendors they are in an even more invidious position -- rather like those shops at the mall that sell drug paraphernalia -- perfectly legal to possess, but use them as designed and you are in big trouble

It's clearly an area that will be debated ad-nauseum over the coming months. But regardless of the ultimate outcome, this ruling is a reminder to us all that technology and vendors do not set law, and are not exempt from it. EAM vendors cannot sell you a compliant system; there is no such thing. It's you the employer and buyer who either is or is not compliant with laws and regulations. And just because technology appears to have run ahead of itself here does not mean that the law will have to run to catch up. Rather it will be you the user and buyer who will have to control and adjust your usage of the technologies.