We expect big shots in Hollywood to be nasty to each other. The confidential emails released as part of the great Sony Pictures Hack of 2014 merely confirm our suspicions that not everyone likes Angelina Jolie. But think for a moment about all the people who report to these directors and producers and marketing execs who now have to deal with the fallout.
From Wikileaks to Edward Snowden, the verified existence of weapons of mass disclosure should make any company examine its email policies. Back chatter can become front page news at scale, but the Sony leak makes clear that not all big companies are taking this threat seriously. In the absence of some super-duper encryption mixed with artificially intelligent redaction on a system level, we all need to rethink the confidentiality of our email exchanges.
Thinking this way is not easy to do. We have a compromised ability as a species to think in terms of probabilities. As Daniel Levitin explains in The Organized Mind, Amos Tversky and his partner Daniel Kahneman "uncovered a host of systematic errors in the way the human brain evaluates evidence and processes information." Kahneman went on to win the Nobel Prize after Tversky's death. He then elaborated on these findings in his landmark book, Thinking, Fast and Slow (available for $3 as an e-book.) Misjudgments of statistical reasoning lead us to think, "it will never happen to me."
But to evaluate the risk of your emails being publically disclosed you need to think systematically. The appendix to Levitin's book explains how to construct "fourfold tables" to help with this kind of reasoning. The gist of the approach is to consider whatever probabilities you can estimate in comparison to the sample size. If you think of yourself as a random individual, then the sample size is in the billions, and your chances are likely not high for being hacked. The practice of Bayesian statistics, made famous by Nate Silver of FiveThirtyEight.com, helps to narrow the scope of your estimations and increase their accuracy.
So let's say you work for Sony. That company ranks at 233 on the Forbes Global 2000. Instead of being one among billions, you are a member of a much smaller class. Within this context, you should look at examples like the Epsilon Email Hack of 2011 or even the attack on Sony's own PlayStation Network later that year. When you do the Bayesian math on that scenario, you would probably at least get into the single digits in terms of probability.
In the ballpark between 1 and 10% doesn't sound bad, but what about the risks? You should consider the probability of a hack against the possible fallout from such a mass disclosure. If you are producer Scott Rudin or Sony Pictures co-chairman Amy Pascal, your career will likely not be destroyed by the revelation of the skullduggery behind Sony's withdrawal from the ever-upcoming Steve Jobs biopic. But the same behavior from an underling could certainly be grounds for termination.
The takeaway here is that you should write your emails as if someone might at any time broadcast them publically. Communicating confidential information may well be part of your job, so you need not worry any more than your director of corporate IT—or your CEO—about that exposure. The exposure we should all be worried about is how we reveal our character through our emails. A version of the golden rule is to act at all times as if someone is watching. They may well be...
