Because employers can be held legally liable for the content of e-mails sent from their premises and for the content of downloads from the internet onto their computers, it is vitally important for companies to ensure that they establish and enforce a policy on the use of electronic communications at work. The policy should set out clearly to employees the circumstances in which they may or may not use the e-mail system and internet access for private communications. Any failure to enforce such a policy, however, could result in two adverse consequences for employers:

1. any policy which is not generally enforced cannot then later be relied upon when instigating disciplinary proceedings for an offence under the policy as it will be the practice rather than the policy which determines whether the monitoring is appropriate; and
2. failure to enforce a policy which involves the monitoring of e-mails and internet access can lead to an expectation of privacy on the part of employees.

It is only if employees do not have a reasonable expectation of privacy that e-mails (and other communications) can be monitored. Further, any monitoring must be proportionate to the risks an employer is trying to avoid. Normally, monitoring e-mail traffic rather than content would be as far as an employer could reasonably go without being in breach of their employees’ right to privacy under the Human Rights Act 1998.

The decision by Ford to give a two week ‘amnesty’ to all its twenty thousand employees in which to delete any offensive e-mails and downloads from their computers, suggests that there have been numerous complaints and perhaps a number of allegations of discrimination against the company. All employees were sent an e-mail which warned against “transmitting or possessing ‘jokes’ of an offensive nature, for example, content of which is sexually explicit, racially offensive or otherwise demeans people on the basis of their religion, disability, sexual orientation”. They were further warned not to return to any banned internet sites as internet access would be monitored.

Ford have made it clear that any failure by the employees to adhere to these instructions will lead to summary dismissal. However, they will need to be very careful to ensure that they stick to their stated policy. Any failure by them to do so could lead to an expectation amongst employees that it is not being enforced and could then lead to a finding of unfair dismissal if any employee is later dismissed for breach of the policy.

© This article is copyright Simon Halberstam 2008 and should not be construed as legal advice or opinion in any specific facts or circumstances. the contents are intended for generic information purposes only. You are urged to contact a suitably qualified lawyer for specific advice.

A 32 year old black secretary who until recently worked for City law firm Charles Russell is bringing a claim against the firm for sex and race discrimination on account of an email she unwittingly saw after she handed in her notice. The e-mail, sent by one of the partners to another, suggested that perhaps now they could get “a busty blond” who might still not be any good at the job but at least would be nice to look at. She was naturally very upset by this and according to her doctor is now too ill to work.

Because her claim is for sex and race discrimination there is no cap on the level of compensation she could be awarded. This case should therefore serve as a sharp warning to all employers as to the dangers of e-mail in the workplace, which is a permanent written record and so potentially more dangerous than a verbal communication, which might later be qualified, denied or withdrawn. Even though the offending missive was sent by an employee of the firm, it will be the firm itself which has to pick up the tab because it is vicariously liable for the acts of its employees.

What many employers will want to know is how they can best protect themselves against such proceedings being brought against them. After all, these days e-mail is such a common form of communication that many people use it in the same way as they would the telephone or even instead of face to face conversation. Companies need clear and unequivocal e-mail policies which are properly enforced. These policies need to cover a wide range of areas and to be carefully drafted to protect the employer against commercial, legal and technical exposure. The commercial risks include embarrassment amongst clients or customers if compromising emails are publicised. Legal consequences include damages due for defamation of third parties or damages for discrimination as in this case. Finally, technical exposure may result in various ways, perhaps the most common of which is employees unwittingly opening virus-infected emails. The email policy must not only cover all of these areas but also be properly implemented by the company so as to be enforceable.

Simon Halberstam has formulated email and internet use polices and has created a standard one for client use. The policy can also be tailored to the needs of individual employers. So long as the policies are rigorously enforced, then employers should be able to rest assured that they have done all that they can to avoid expensive and embarrassingly public claims of this sort being brought against them.

© This article is copyright Simon Halberstam 2008 and should not be construed as legal advice or opinion in any specific facts or circumstances. the contents are intended for generic information purposes only. You are urged to contact a suitably qualified lawyer for specific advice.

On 12th October 2001, the US Senate passed a law, which gives US law enforcement authorities broader powers to monitor Internet use and emails and to conduct wiretaps.

The FBI’s “Carnivore” computer system already searches ISPs records to find specific e-mails and track all visitors to a particular websites, but these new measures are more far reaching and will allow surveillance without the authorities having to prove to a judge any link with the “probable cause” of a crime such where activities could be construed as “federal terrorism offences.”

In the UK, the Terrorism Act 2000 already makes it a terrorist offence to use or threaten action designed, amongst other things, to seriously interfere with or seriously disrupt an electronic system. Simon Halberstam, a partner in City solicitors Sprecher Grier Halberstam said “Because the UK already has considerable anti-terrorist measures in place it seems unlikely that we will be changing the law imminently. The fact that other governments are already taking steps to ensure national laws address cyber-terrorism means that they recognise the seriousness of the threat.” She added “we all need to be aware that viruses and hacking pose serious threats to our everyday lives given the reliance we place on computers. These activities are not just the province of geeks looking for a quick thrill.”

Since the attack on America, ISPs in Britain have been asked to preserve data records from 11September and the days leading up to the attacks and the English authorities are seeking logs of emails sent and received. They have not requested the actual text yet, The Data Protection Act would ordinarily prevent ISPs from retaining this sort of data but the national security exceptions have been invoked to permit retention. Ordinarily such apparent violations of privacy would lead to vociferous outbursts by civil liberties organisations, but this is not something that many such organisations seem to have picked up on yet. The problem with these records is they may identify the computer the email was sent from but won’t necessarily enable the location of the computer or the sender to be established.

Simon Halberstam added that “a further problem with any such legislation which relates to information gathering is that it is only as good as the humans who interpret the information. This could mean that activities which appear to relate to a terrorist attack, such as hacking into a military intranet or large telecommunications system could turn out to be a low-tech juvenile hack or conversely apparent pranks could be connected with a terrorist attack.” Only time will tell whether the legislation the US proposes and national governments have enacted turns out to be effective in the war on cyber-terrorism.

© This article is copyright Simon Halberstam 2008 and should not be construed as legal advice or opinion in any specific facts or circumstances. the contents are intended for generic information purposes only. You are urged to contact a suitably qualified lawyer for specific advice.