SEC Targets Its Own Staff's Texting, Nixes WhatsApp On Work Phones

The SEC has blocked third-party messaging apps and texts from employees' work phones, "bringing its own practices closer to the standards it's enforcing for the industry," reports Bloomberg. From the report: The SEC's decision to block disappearing-messaging apps will help improve record-keeping and address potential security vulnerabilities at the agency, which saw one of its social-media accounts compromised earlier this year. It follows about $3 billion in fines imposed on financial firms to settle allegations that they failed to keep adequate records of work-related communications on mobile devices and apps such as Signal and Meta's WhatsApp.

The scrutiny prompted Wall Street to overhaul how employees communicate on business matters using mobile phones. Meanwhile, the SEC took a hard look at policies covering its own staff's communications on agency-issued phones. The agency has restricted access to third-party messaging applications, as well as SMS (short message service) and iMessage texts "to lower risk that our systems could be compromised and to enhance recordkeeping," an SEC spokeswoman said in an emailed statement. The process of blocking the apps began in September and has continued over the past several months, she added.

Bullshit Window Dressing

[geekmux]

When Congress members are allowed to bypass any and all laws prohibiting insider trading, banning WhatsApp to curb corruption doesn’t seem like bullshit window dressing.

It IS bullshit window dressing.

2008 and 2020

[will4]

Both crisis had members of congress, sec staff, treasury staff, executive branch staff, and many more at the top of the economic pyramid people selling out just before the general public was informed of a major government intervention in the economy.

All done without anyone breaking any law since there was not law covering insiders in those positions.

Reread headlines, quotes and news injecting "opposition party", "multi-millionare", "owns 3 mansions worth 4 million", "traveled 400,000 miles in private jets l

Auto delete messaging services are concerning

[buck-yar]

This is a good step by the SEC. If govt workers have nothing to hide, why auto-delete? If there's anything the FISA surveillance machine that's about to be signed into law should vacuum up, its govt agencies communications. How do we know they're not working for the enemy or up to no good? How can oversight happen if messages erased? Hard to see auto messaging apps as anything but them trying to make themselves unaccountable to voters, oversight or anybody really.

Re:

[Luckyo]

>How do we know they're not working for the enemy

That's purview of NSA, for whom "disappearing messages" do not disappear.

Re:

[unrtst]

WTF are they supposed to use to instead? IMO, it sounds like they want to force everyone to use a specific tool from a specific vendor, but they'd get into trouble if they did that without RFP's and such. Instead, they'll just state some features that would get various apps/tech banned from the phones while leaving their preferred vendor (I'm guessing MS Teams, which has no end to end encryption support and is 100% in the cloud, for better and/or worse).

IMO, they're more likely to catch users leaking info a

Easy to ignore

[kqc7011]

It is like the SEC has never heard of "burner phones". And when I first saw SEC, I wondered why the South Eastern Conference was banning phones.

Re:

[chill]

Burner phones? Why bother? Read the article again. This is a ban from "work" phones, which are the ones issued to a limited number of personnel who don't like using something like Good on their personal phone. At best, work partition on their managed personal phone.

They can't touch employee's personal phones beyond an agreed-upon managed work partition. Everyone has a personal phone.

Re:

[chill]

Criminals? That might have something to do with the fact the SEC isn't a law enforcement agency and has no arrest powers, they're a regulatory agency. Anything the SEC discovers that looks criminal is passed to the FBI.

Re:

[KiltedKnight]

It is like the SEC has never heard of "burner phones".

Not quite true. Recently after contacting my financial planner on his personal cell phone he answered back from a new number, and explained to me that he was now required that any mobile phone communications related to business must originate from that phone, even if I send a message or attempt to contact him via his personal cell phone because all SMS messages are now logged. Using a burner phone for business would violate whatever regulations were put in place and could get your stock broker license or

It's a work phone -- do what you like!

[Tomahawk]

Just don't enforce anything on my personal phone!

compliance and message audit trail is an issue

[kiviQr]

Only a few communicators provide audit trail capability. Most companies limit employees to only to Teams.

What's the point?

[Petersko]

So, whatever else you may intend with this move, all you're really doing is ensuring that all questionable communications are relocated to another device. This will prevent exactly no malfeasance. It won't stop insider training. In fact, you're closing off the only real possible enforcement available to you - catching people misusing the devices in front of them.

What is the end game?

SEC Incompetence

[torkus]

I've been knee-deep (more like up to "here") with this nonsense the last 1-2 years and dealing with various related "must log everything" SEC stuff for 2 decades.

I'll just put it out there: the SEC is utterly incompetent when it comes to technology, reality, or the reality of technology.

It took them a decade (or more) from when SMS was a popular communication method to realize that registered broker/dealers need their SMS logged. It took them ANOTHER decade to discover "other" means of communication like

Separate. Your. Communications.

[eepok]

I am a public employee and have a work cell phone. Every communication on that cell phone is retrievable by public records request. Knowing that I ensure that ONLY work communication happens on that phone.

I also have a private phone. The few people at work who know this phone number know that they are to use that number ONLY if I'm needed and am not responding to my work phone. The only appropriate communication is, "Hey. Are you there? Check your work phone."

The problem is that SOME people think that havin