Search and DocFinder
 
Search help/advanced search
  

Vendor Product Showcase



News NetFlash: Daily News Internat'l News This Week in NW The Edge Features Research Buyer's Guides Reviews Technology Primers Vendor Profiles Forums Columnists Knowledgebase Help Desk Dr. Intranet Gearhead Careers Free Newsletters Subscription Center Seminars/Events Reprints/Links White Papers Partner with Us Site Map Contact Us Home








The perils of privacy

Send to colleague
A marketing manager forwards an e-mail joke containing a racial slur to a group of co-workers. But before the message can reach anyone, monitoring software scoops it up and ships it to the manager's supervisor, garnering the sender a reprimand and potentially saving the company from a costly and embarrassing lawsuit.

Down the hall in the billing department, a clerk uses her lunch break to scan the Web for information on abuse victims. The information she calls up also flashes onto a screen in her boss's office, and now he knows a secret she never told anyone.

Think your boss isn't reading your e-mail, counting the seconds you're away from your computer, patrolling the sites you're visiting on the Web, or even counting the number of keystrokes you make per day? Maybe not today, but he might be tomorrow. Personal use issues are coming to a head as companies struggle to find effective ways of balancing employee freedoms and corporate protection.

Industry watchers say the government, through the arm of the courts, is delivering a stern warning to American businesses: A company is liable for most wrongs that its employees commit using computers, e-mail or browsers on the job. If a company wants to ward off that kind of liability, it had better set up a business-only policy, and make sure its employees understand it and adhere to it.

"An employee should have no expectation of privacy rights in the workplace," says Kerry Stackpole, president and CEO of the Electronic Messaging Association (EMA), a nonprofit group in Arlington, Va., that represents business-oriented e-mail users. "That's not what the workplace is all about. Employers own the system and the PCs or the laptops. They are liable for what the employee does on them, for harassing messages they might send. There's very little that protects employees from the eyes of employers."

Workers generally spend their days working. But in the span of an eight- to 12-hour workday, they might get an e-mail from a college buddy across the country or a sweetheart down the block. They might scan the Web for a quick read of their horoscope or the score of last night's hockey game. It's the lure of instant information at our fingertips.

"I think it's very hard in the modern world to segregate people's personal lives outside of the workday, particularly when workdays have gotten to be so long," says Joe Grabarz, executive director of the Connecticut Civil Liberties Union in Hartford. "People have life crises during the day. The human condition prevents us from so neatly excluding our private lives from 8:00 in the morning to 8:00 at night. People simply function as full human beings."

And a good percentage of companies have been running on the honor system.

"We basically treat people as adults and expect them to act like adults, and so far, so good," says Bob Frase, director of IS at PACE International Union, a union for 320,000 paper and oil workers located in Nashville. "We have enough work around here without messing with that stuff. There are some jokes that float around, but we figure it's good for morale. I could have somebody chatting with his mother all day, but we do a lot of walking around, and I don't think that would go unnoticed for very long. If people feel they're trusted, then attitude, morale and performance are better."

But some companies have been trying to make work a place for online business only since employees were first given e-mail and browsing software. Chatting online or cyber shopping wastes time that could be spent answering a customer's question or balancing the bottom line.

And all that e-mail from mom sucks up a lot of bandwidth. Last year's animated holiday e-card craze shut down corporate systems all over the country.

Those problems generally earned warnings to cut down on personal use or not open holiday greetings. But the majority of companies didn't put a stop to everything personal. The majority of companies didn't set up monitoring software that scoops up any e-mail containing the words "sex," "Saturday," "vacation" or "date." They didn't start thumbing through cache histories to see where adventuresome cyber-explorers had been surfing.

But a fear of costly lawsuits and big punitive awards might be changing those hands-off decisions. A growing number of companies are putting an end to mixing business with pleasure when it comes to online communications.

"Every company is going to be sued sometime," says Jim Bruce, a cyber-lawyer and partner at Wiley, Rein and Fielding, a Washington, D.C., law firm. "The courts are telling companies that they can make it hard on themselves or they can make it easy on themselves. If they're smart, they'll have rules of the road and make sure employees know what those rules are. The courts made it pretty plain this summer where they stand on this."

Bruce explains that two recent court cases - Kolstad vs. The American Dental Association and EEOC vs. Wal-Mart Stores - set precedents. Each case found that companies are liable for their employees' actions on the job because the company was managing them at the time.

While those two findings didn't necessarily talk about e-mail or Web surfing, corporate lawyers know that both computer functions can be hotbeds of trouble, Bruce says. "People don't realize what's out there - pornography and racist jokes, all sent among friends," he adds. "Once it's come through, it's sitting on their systems. Where you get into trouble is when there's an allegation of race or sex discrimination. Suddenly there's a subpoena for what's on peoples' computers."

And how better to keep employees from sending harassing e-mails, using company computers to hack into another site or even creating a hostile work environment by calling up pornographic Web sites at their desk? Don't let them do anything that's not directly work-related.

"It's a matter of wasting bandwidth, wasting time and of liability," says Allen Butler, director of standards and architecture for Downers Grove, Ill.-based RR Donnelly & Sons, which has about 16,500 e-mail users. "This is a business system for business use only, and we do monitor. We have to protect our assets, and I don't think that's unreasonable."

Butler, who also is working to develop a policy for Web browsing, says people respond better when they know where they stand and what's expected of them. And industry watchers say that's not only important for the workers, but it's also an important liability point for business.

The courts say if a company wants to avoid punitive damages, it must set up policies to keep employees within the law - whether it be for harassment or sexual discrimination - and it needs to make sure employees understand the letter of the law, Bruce says.

"It's clear that the courts are holding companies up to a standard by which it's no longer sufficient to tell employees that there is a policy. You have to be able to demonstrate that employees understand what you told them," the EMA's Stackpole says.

Toward that end, the EMA is working on customizable software that companies could use to test employees' understanding of computer-usage policies, Stackpole says. The software, meant for running on intranets, not only should also be able to quiz workers on policy but also have them make decisions about various scenarios. If the employee chooses the wrong answer, a tutorial pops up on that aspect of the policy and then another scenario is given to test the worker again.

"Companies can use that as a defense when they go to court," Stackpole says, adding that the software should be available early in 2000. "Charlie could say, 'I read the policy but I didn't understand it.' We can now say, 'You scored 99 on the test. How is it possible you didn't understand?'"

Related links

Contact Features Writer Sharon Gaudin

Other recent articles by Gaudin

No secrets in Connecticut
The Power Issue, 12/27/99.

Privacy pointers
The Power Issue, 12/27/99.

Details emerge on e-government directive
Federal Computer Week, 12/21/99.

EU and U.S. extend data privacy negotiations
IDG News Service, 12/21/99.

New FTC panel will be Web privacy watchdog
The Industry Standard, 12/17/99.

Privacy groups ask FTC to close e-mail loophole
IDG News Service, 12/03/99.

Citing privacy concerns, European advisory group to consider Pentium III ban
IDG News Service, 11/29/99.

A perfect example
Scott Bradner looks at privacy.
Network World, 11/15/99.

IBM survey says privacy key to e-commerce
Network World Fusion, 11/10/99.

Privacy group sues FTC over records request
IDG News Service, 10/13/99.

IETF meeting: Wiretap debate full of static
Network World Fusion, 11/11/99.

When in Washington...
Scott Bradner on wiretapping protocols.
Network World, 11/22/99.


 Related links
Interactive power-o-meter
Interactive powerful people
Profiles in Power
Profiles in Power
Power Struggles
Power Sign-off
The Signature Series




  Copyright, 1995-2001 Network World, Inc. All rights reserved.