We use cookies to collect anonymous data to help us improve your site browsing experience.

Click 'Accept all cookies' to agree to all cookies that collect anonymous data. To only allow the cookies that make the site work, click 'Use essential cookies only.' Visit 'Set cookie preferences' to control specific cookies.

Set cookie preferences

Your cookie preferences have been saved. You can change your cookie settings at any time.

Publication - Advice and guidance

Mobile messaging apps - usage and policy: guidance

Last updated
20 June 2025 - see all updates
Directorate
Digital Directorate
Topic
Public sector

This is a copy of information published on the Scottish Government staff intranet.

Use of mobile messaging apps and non-corporate communication channels policy

This policy relates to the use of Mobile Messaging Applications (MMAs) and other Non-Corporate Communication Channels (NCCCs) within the Scottish Government (SG). The use of MMAs for everyday government work is not permitted.

The Scottish Government provides SCOTS users and contractors with corporate devices and services which are to be used for the conduct of everyday government work.

The use of corporate devices and systems ensures that we can maintain the security and integrity of government information and comply with our duties in relation to Records Management, Freedom of Information and Public Inquiries. All communications undertaken must be considered in light of our organisational values. These values align to the Civil Service Code and exist to guide the decisions we take, our actions and how we work together across the SG and with our partners to improve the lives of the people of Scotland.

If the SCOTS network and/or all major corporate devices and services become unavailable (for example, in the event of a cyber-attack), SCOTS users and contractors should use the necessary means of communication for a limited time until the network, devices or services become available.  In these circumstances, all communications should be captured, retained, time and date stamped, along with details about the communication method used.

Some agencies and teams in Scottish Government have been permitted a time-bound transition period in light of urgent and existing or emergent situations where multi-agency or cross-sector communication is required.  During this transition period, the requirements of the Policy outlined above in relation to situations where SCOTS cannot be used should be followed.

It will not be possible to download or retain mobile messaging applications on an SG issued corporate device.

Who does this policy impact?

This policy applies to all SCOTS users and users of other IT systems or devices supplied by the Scottish Government or its agencies. This includes but is not limited to all SG Main and Marine staff (including senior civil servants and special advisers), contractors, Ministers and others appointed to work for Scottish Government, its agencies and non-ministerial offices or other public bodies using the SCOTS platform.

Any actions taken in contravention of this policy by Scottish Government staff or contracted employees may be considered to be a breach of the IT Code of Conduct and may be regarded as a disciplinary matter.

Policy goals

This policy must be followed to promote good practice with regards to the following goals:

  • to be open, capable and responsive when handling public service data
  • to comply with the principles of a good government – accountable, responsible, transparent, ethical, governance and integrity
  • to protect information that supports the day-to-day work of the Scottish Government and retain evidence around our decision making, activities, actions and the rationale behind them
  • to be compliant with key legislation and appropriate codes of conduct e.g. Civil Service Code and the updated Ministerial Code

Definitions

Definitions:

  1. Corporate devices – provide corporate access to government systems which are on SCOTS platform.  These are corporately owned, managed, configured and controlled by iTECS. Devices include desktop PCs, laptops, tablets, and mobile phones.  (Please note this list is not exhaustive).
  2. Examples of MMAs include WhatsApp, Viber, Signal, Telegram, WeChat, Wickr and Snapchat. This list is not exhaustive and may be subject to change as new technology evolves. (N.B. All social media messaging applications are covered by the social media policy).
  3. Personal devices – devices which have been purchased and are owned by individuals themselves. These devices will not have been provided, owned or managed in any way by iTECS.
  4. Everyday government work – day to day work activities.
  5. Corporate record – this is information which is deemed to be of value as it provides reliable evidence of a decision, action or activity and the rationale behind it i.e. the story. This information must be saved in our electronic records and documents management system (eRDM). Organisations whose staff do not use eRDM are required to follow their organisation’s information management governance plans and policies.

Information saved for the corporate record is deemed to be an important public asset and a key resource in the effective operations, policy making and accountability of the Scottish Government. Like any assets, records must be carefully managed. Information and records shall be retained only as long as required to support the Scottish Government in its business requirements and legal obligations. At the end of that time, records will either be destroyed or transferred to the National Records of Scotland for permanent preservation.


Background

 

 

 

 

First published
31 October 2023
Last updated
20 June 2025 - show all updates

  1. Copy of guidance from staff intranet added for public transparency.

  2. Updated policy published for transparency.

Back to top