|
Sometimes your employees send jokes and personal commentaries using
the office e-mail system. What’s the harm? They get their work done,
so no problem, right? Wrong. If you don’t have rules governing the
proper use of e-mail, you may be liable for your employees’ abuses.
The use
of e-mail is so entrenched in the average office it is hard to
imagine a time without it. Most employees view e-mail as a necessary
workplace tool since it allows them to communicate quickly and
efficiently with coworkers, customers, and vendors. But there are
problems associated with how employees are using e-mail, and some of
the problems are beginning to reach the courts. Employers can
minimize liability from e-mail abuse by setting and enforcing ground
rules that give employees a clear understanding of what use is
acceptable.
The Problem with E-mail
On the
positive side, e-mail is a relatively simple, user-friendly, and
inexpensive tool that allows employees to communicate
instantaneously with each other and outsiders. However, because
messages can travel into cyberspace at the click of a button,
employees often do not take sufficient time to review what they are
saying before sending the e-mail. Instead, many treat e-mail like a
telephone conversation that no one will remember, rather than a
business letter that may be printed or forwarded to others.
Based on volume alone, it is easy to understand how
employees without guidance in the proper use of e-mail can cause
problems. Examples of how employees can misuse organizations’ e-mail
systems include:
-
Harassment of employees. E-mail provides employees with
another medium to offend each other and even violate harassment
laws. Messages consisting of off-color jokes, racial slurs, or
gender-related remarks could be the basis for a discrimination
claim.
-
Copyright infringement. Computer technology makes it easy to
cut, paste, and scan copyrighted material into an organization’s
database, and e-mail makes it easy for employees to send and
receive this material. However, e-mailing information from the
Internet or printed material without authorization from the author
or publisher could be a violation of the Federal Copyright Act for
the employee and the employer.
-
Confidential information. Since the employer’s proprietary
information (such as customer lists, product information,
databases, and computer programs) is often stored on computer, it
also is possible for an employee to e-mail this information to the
wrong parties. The ease by which the information can be
transmitted makes it susceptible to both accidental and
intentional misappropriation.
-
E-mail
mistakes. Information
meant to be confidential that is inadvertently sent to the wrong
person can be a source of embarrassment and liability. Such an
accident actually happened to a Federal Communications Commission
worker when a dirty joke, which was meant to be sent to a few
select friends, went out to 6,000 people, including employees and
associates of the agency.
-
Retention of e-mail files. Retention and deletion of e-mail
files also is a concern for employers. E-mail files can be left on
an organization’s net-work, stored in back-up files, or archived
on the employee’s own hard drive. As a result, simply hitting the
“delete” button does not necessarily eliminate the e-mail. In
addition, sophisticated software can retrieve a message even after
it has been deleted. So, if the organization’s records are ever
subpoenaed, that e-mail could be used as evidence against the
employer.
-
Viruses. Many destructive
viruses come into the workplace via e-mails that include attached
files. These viruses have varying degrees of
destructiveness, ranging from jamming servers with volumes of
messages to destroying or scrambling employee files.
Policy Can Limit Expectation of Privacy, Prevent Problems
Employers can prevent these types of problems by establishing a
clear policy dealing with the use of e-mail. The policy can address
only e-mail or be part of a policy covering the use of all of the
employer’s communication systems. The first step is to address the
organization’s position on the monitoring of e-mail and to limit
each employee’s expectation of privacy.
Three
federal laws address e-mail monitoring. Title III of the Omnibus
Crime Control and Safe Streets Act of 1968 (the Wiretap Act),
prohibits intentional interception or accessing of any wire, oral,
or electronic communication and was amended in 1986 by the
Electronic Communications Privacy Act (ECPA) to include e-mail
specifically. However, the law allows employers to monitor and
access e-mail if their employees have been notified of the
monitoring. In addition, under the Stored Wire and Electronic
Communications and Transactional Records Access Act, employers that
provide the electronic communication service may access messages
once they are stored in their computer systems without notifying
employees of the access. Therefore, to ensure compliance with the
Wiretap Act and ECPA, employers should give notice to employees that
the e-mail system is the sole property of the employer, is for
business use only, and that the employer reserves the right to
access, review, and monitor its use, including any data that is
stored or transmitted. Some employers also use pop-up messages as a
reminder to employees about the e-mail policy and have them sign a
form giving express consent to the monitoring.
Additional Ground
Rules for E-mail Use
In
addition to a clearly worded statement limiting privacy, the policy
should include the following restrictions on e-mail:
-
Specifically prohibit the transmission of discriminatory or
harassing e-mail as a violation of the employer’s harassment and
communications policies. All potentially harassing e-mail should
be investigated, and violators should be disciplined under the
organization’s harassment policy.
-
Prohibit the duplication or distribution of copyrighted materials
without the permission of the author or publisher. Require
employees to get a manager’s approval or confer with legal counsel
before copying, scanning, or using any copyrighted information
received via e-mail or before sending this type of information in
an e-mail.
-
Prohibit the transmission of e-mail containing confidential,
proprietary, or trade secret information and restrict access to
this information.
-
Instruct employees to treat the composition of e-mail like any
other business communication and explain that personal
correspondence should not be presented as representing the
organization. Remind them that e-mail is like any paper document
that could be used in a lawsuit. In addition, suggest they
double-check the addresses to which an e-mail is being sent and
review the contents to save embarrassment for both the employee
and employer.
-
Train
employees about retaining and deleting e-mail. Any “junk” or
personal e-mail should be deleted on a regular basis. E-mail of a
business nature should be saved and then purged periodically as it
becomes obsolete. E-mail that contains information subject to
record retention rules (such as an employee’s performance
appraisal), however, should be kept as long as required by law.
-
Require that all information received by e-mail, downloaded from
the Internet, or received on floppy disks be scanned for viruses.
Keep employees up to date on the latest viruses and how to protect
the integrity of the organization’s computer system.
The
popularity of e-mail continues to grow and is becoming one of the
most heavily used forms of communication in the business world.
However, misuse of the e-mail system can open the employer to many
problems and even liability. Just like any document, e-mail can be
around for a long time. Providing your employees with a set of
ground rules lets them know your expectations and is good insurance
against possible abuses. |
Personnel
Policy Service, Inc.
