Burn After Reading? — DOJ Loosens Previous Ban on Secretive Messaging Apps
DOJ has again modified its guidance regarding enforcement of the FCPA. Among the recent modifications is a loosening of the ban it had announced in 2017 on the use of disappearing messaging applications or software by companies hoping to receive cooperation credit under the Corporate Enforcement Policy. In 2017, DOJ had announced a policy that required companies wishing to receive full cooperation credit to “prohibit[ ] employees from using software that generates but does not appropriately retain business records or communications,” as part of prohibiting the destruction or deletion of business records. This policy effectively prohibited companies from allowing employees to use popular apps like WhatsApp, Signal, Snapchat, and WeChat for work-related communications if companies could not effectively safeguard the preservation of communications made with those apps.
The new guidance is less definitive, providing that a company need only “implement[ ] appropriate guidance and controls on the use of personal communications and ephemeral messaging platforms that undermine the company’s ability to appropriately retain business records or communications or otherwise comply with the company’s document retention policies or legal obligations[.]”
While the new language leaves room for interpretation, the change has been welcomed by the U.S. Chamber of Commerce for providing greater flexibility to businesses that seek to manage global compliance-based risks. As Harold Kim, COO of the Institute for Legal Reform at the Chamber of Commerce, responded, the change “will give companies more ability to craft their compliance programs, pursue policies that are risk-based and balance the need to retain business records with the realities of how things are done in a business setting[.]”
The changes came shortly after Assistant Attorney General Brian Benczkowski’s speech at the 2019 ABA White Collar Conference in New Orleans on Friday, March 8, in which he stated that DOJ was “in the process of updating the FCPA corporate enforcement policy to bring it in line with current practice.” This change is consistent with other recent modifications by DOJ that provide greater flexibility to corporations seeking relief under the Corporate Enforcement Policy. For example, DOJ changed its policy regarding individuals when it announced that corporations would no longer be required to identify “all individuals” involved in corporate misconduct to be eligible for “any cooperation credit,” as required in the 2015 Yates Memorandum, but now would only be required to identify those individuals “substantially involved in corporate misconduct.”
While these modifications by DOJ provide greater flexibility to companies arguing that they should be eligible for cooperation credit under DOJ’s Corporate Enforcement Policy, companies should still be wary of apps that fail to reliably store communications that could be considered business records, or whose retention could be relevant to comply with other legal obligations. Though DOJ’s updated guidance means a corporation may now still be eligible to receive full cooperation credit, even if employees used disappearing messaging apps, companies should think very carefully about whether to bless widespread use of such apps and what sort of controls and guidance should be implemented in connection with their use. And, of course, once an investigation has been triggered and a document retention or litigation hold notice is issued to relevant employees, companies should work with the IT department to determine whether there is a way to preserve such communications until the litigation hold is lifted and, if not, companies should consider suspending the use of such communication apps in order to ensure the appropriate retention of all business records and communications.
This information is provided by Vinson & Elkins LLP for educational and informational purposes only and is not intended, nor should it be construed, as legal advice.