Conversations must stay private, yet remain auditable to meet compliance requirements. Wire offers a built-in solution to address this challenge: Legalhold. Here's how it works.
Compliance management through Legalhold
Legalhold is Wire’s approach to secure and compliant communication. It enables legal teams to access specific users’ communications for auditing, while preserving Wire’s end-to-end encryption.
The Legalhold system has two main components:
- A Vault service that you run on your own secure infrastructure
- UI integrations within the Wire clients
Unlike methods that force user devices to upload data, posing risks to trust and device security, the Vault acts as a virtual Wire client within your infrastructure. It joins conversations like any other device, appears in the device menu, and logs all messages into a secure database, without compromising encryption.
When a user is placed under Legalhold, they receive a notification. Additionally, other participants in the conversation are visibly notified through the Wire interface, ensuring everyone is aware that messages are being recorded.
Once a Legalhold device is attached to a user’s account, communications are automatically logged, no additional action is required from the user. Legalhold then provides auditors with a standardized database interface to review the collected data.
Finding the balance between transparency and privacy
Understanding how Legalhold handles auditing is only part of the equation. Equally important is knowing who remains protected, and how Wire safeguards their rights.
Opt-in for all users
Legalhold is based on informed consent. Before a Legalhold device is added to a user account, the user must explicitly agree to it. The app provides a clear prompt, offering users the choice: consent to being recorded or be blocked from using the service.
This guarantees that no one is recorded without their explicit knowledge. It also ensures that all conversations flagged for recording meet legal and regulatory standards for consent. Recorded conversations are marked with a red dot in the UI, indicating to all users that the conversation is under Legalhold.
Integrity and confidentiality of records
Legalhold records originate directly from encrypted conversations, not from manual user uploads or special clients. This reduces errors, simplifies endpoint software, and strengthens device security.
Because the Legalhold Vault is operated by your organization, not Wire, you retain full control over how it's protected and accessed.
Security guarantees
No solution can completely eliminate risks like screenshots or unlocked devices. However, Wire’s Legalhold design minimizes exposure while maintaining strong encryption and auditability.
By keeping compliance features separate from user-facing components, Wire reduces complexity on end-user devices and preserves system security.
Conclusion
Organizations need communication that is both private and accountable, a difficult balance. Wire’s Legalhold helps you meet audit and compliance needs without compromising security. It's a thoughtful solution to a tough challenge.
