Instant Messaging (or "IM") is one of the newest forms of electronic communication and it is rapidly gaining ground as a form of mainstream business communication. Your organisation may have embraced IM wholeheartedly, perhaps installing enterprise versions of IM and opening up its gateways to business associates using public IM networks. While many businesses are aware of the possible benefits of IM, such as its ability to promote real-time communication amongst work colleagues and customers, most organisations have been slow to assess the likely impact of IM on their corporate risk profile, and therefore have no agreed policy on its use.

This state of affairs is similar to that experienced by organisations as the adoption of e-mail became widespread. Carefully documented procedures designed to protect the organisation in terms of quality control and legal risk were not adapted fast enough to take into account the new means of communication, and consequently many were horrified to discover that e-mail represented a huge chink in their security and compliance armour.

Whether your organisation is an early adopter of IM as a business tool, is dragging its heels in coming to terms with IM use, or is simply basking in blissful ignorance, it needs to understand the legal implications of IM and to take swift action to mitigate the potential legal risks of IM use.