After the Salt Typhoon breaches in telecom, both the FBI and CISA urged Americans—especially businesses—to use consumer end-to-end encrypted messaging apps for greater data security. However, other federal regulators (e.g., DOJ, SEC, FTC) have made it clear that ephemeral messaging can land corporations in hot water if key data is lost or destroyed. In other words, enterprises could unknowingly violate recordkeeping, discovery, and compliance obligations if they adopt ephemeral messengers (Signal, WhatsApp, iMessage, etc.) without implementing robust retention or governance. We’ll explore these conflicting signals and ask how companies can protect themselves.
April 30, 2025
Why Enterprises Simply Can’t Take CISA and the FBI’s Guidance at Face Value | Marisa T. Darden
The Lock & Key Lounge Podcast
Speaking Engagement