I am one of the Twitterati. I use it every day to interact with my professional colleagues, longtime acquaintances, analysts, and many others. If I were made to choose between email and Twitter, I'd drop the former like a hot potato. And I talk a lot about the value of Twitter for individuals and organizations. Almost every time I do, questions come up about managing Twitter in the context of the records program. So here's my take on it - and the first of a series of posts in this vein.
On the one hand, Twitter has been likened to a cocktail party. You don't try to follow every conversation at the party; rather, you catch a snippet of interesting converation and drift closer to catch the rest. If it remains interesting, you remain; if it doesn't, you drift off to the next conversation. Or it's like a water cooler or break room where people gather to exchange gossip, talk about the day or the weekend, and gripe about a particular problem. And of course sometimes that leads to creative solutions, but that's beyond the scope of this post.
On the other hand, Twitter does produce a record of what is posted. While this may not be a record in the ERM sense, it is nevertheless recorded information that could have business value to the organization. And the courts have long held that the "recordness" of a piece of information is not as important as a) its existence and b) its responsiveness to a particular matter. This leads then to the question I noted earlier - or, rather, two questions: what to capture, and how to capture it. I will address the second part in another post.
There are a number of considerations as to whether something should be retained as a record. As always, individual organizations' mileage will vary considerably depending on your regulatory and legal environment.
1. Does it contain evidence of your organization's policies, decisions, or activities? For example, many municipalities have begun using Twitter as another channel for reverse 911.
2. Does it offer or provide evidence of a transaction or contract? A number of vendors including Dell Computers, many airlines, and lots of restaurants and fast food joints have published deals, discounts, and links to coupons using Twitter. In at least one instance, a UK court issued an injunction via Twitter
2. Is it original information that is not documented elsewhere? On the other hand, the reverse 911 system also uses text, telephone, and other communications channels as well. Maybe it's not the content of a given Tweet that is the record, but rather the fact that that content was transmitted through reverse 911 at such a time through all these given channels. Similarly, a significant number of Tweets are used to share links to other resources. Most of those Tweets would not be records - rather, the resource linked to would be.
3. Is there an expectation that the account is monitored? In the reverse 911 example, what if someone responds to the Tweet, via Twitter, indicating some type of an emergency? Many of those same municipalities have put a policy in place to address this. The short version is something along the lines of "This account is not actively monitored. If you have an actual emergency please dial 911". It may then link to a longer policy that also addresses usage, archiving, and the like. In the absence of such a policy, users may be more likely to be confused and the organization is more likely to be at risk. Here's an example
from the Seattle Police Department (see bio in top right corner)
4. Is the account public or private? If the account is public, I tend to think it reduces the need to actively archive, declare Tweets as records, and so forth because in the event of an audit, public records request, or discovery, providing the content is as easy as posting the public URL. But if the account is private, it is not part of the public Twitter stream, it is not archived by the Library of Congress, and is not accessible through Twitter Search. In that case there is a much better argument to be made for a more formal process that involves capturing the Tweets outside of Twitter and managing them appropriately.
This is probably a bit more controversial because it's not directly related to the type of content being posted or transmitted. But it has defensible roots in discovery. One of the key considerations for producing information is whether it is privileged for any of a number of reasons including attorney-client communications. That privilege can be breached - for example by the client forwarding the message thread to someone else or posting it to a public website or forum. But privilege goes to the expectation of privacy - and in 2010 it is inconceivable that there would be any expectation of privacy for a public Twitter account or any other public social media site.
Did I mention I'm not a lawyer and this is not legal advice?
Note also that even public accounts can send private communications using direct messages, or DMs. These are directly analogous to email messages or private streams and should probably be treated in similar fashion - that is, they should be captured outside of Twitter and managed appropriately.
The bottom line is that just like any other type of format or media, whether a Tweet is a record or not will depend on what it is and its context. Organizations should put a policy in place that outlines how Twitter and other social media will be used and then follow that policy.
In my next post I'll delve into the ways organizations can save Tweets as records.