The right to privacy that citizens of the United States enjoy is not absolute. Depending on the environment, the right to privacy may be abridged or lost completely. We accept some of the inconveniences associated with loss of privacy. It is understood that in this age of terrorism there are going to be restrictions on what can be brought on board an aircraft or taken into a courtroom.
The citizens accept the minimally invasive metal scans and x-ray machines as necessary to help ensure the safety and well being of society as a whole. In the work environment, however, the right to privacy can be lost almost completely. The changing landscape of business is forcing managers to rethink the amount of privacy employees should be entitled, especially within the areas of internet usage and email.
Public sector employees do have some privacy protection in the work place. In addition, some labor union negotiated contracts provide for privacy protection of the unionized work force. In addition, contract workers also have a degree of protection. With only twenty percent of the work force unionized, the majority of private sector American workers do not have an expectation of privacy when at work (ACLU 2).
The majority of companies monitor their employees in some fashion. They can search through any files on office computers, record internet usage, read incoming and outgoing email, monitor your keystrokes, and monitor network activity. Indeed, of those who do practice work place surveillance, 75% monitor website visits, 55 percent monitor email usage, and 50% monitor computer files (Nizik 1).
Employees have the right to monitor the usage of electronic resource partly because they own those resources, but also because the laws enacted to protect employee’s privacy are few and those that do exist are weak. Most of these laws only require that that the employers notify their workers that they are subject to electronic monitoring (Nizik 1). In fact, these laws in general legalize the surveillance of employees since they do not prohibit it (Employee Issues 1).
Most employers do notify their employees that they are subject to monitoring. This is done through employee policy and procedures, company memos, and notification when an employee logs on to their computer. In genera, this notification is not to protect the employee, it is to protect the employer. Courts have looked favorably on companies that have notified employees of monitoring when these employees have attempted to bring civil lawsuits against the companies for privacy violations (Employee Issues 2).
Employers are very concerned about employee use of computers. This would include using email, chat room and instant messaging, surfing the web, and storing files. In fact, a survey showed that of those who monitor employees, twenty-six percent have fired workers for internet policy violations and twenty-five percent have terminated employees for email policy violations. Employers are concerned about internet usage not only for the possibility of accessing pornographic or other inappropriate material, but also because of a fear that employees will give away trade secrets, either intentionally or unintentionally (Crane 1).
Employers have been held liable in sexual harassment cases for not monitoring employees that have used company provided computer equipment to harass co-workers. Twenty-seven percent of fortune 500 companies have defended themselves in court against claims of sexual harassment because employees used company owned equipment to circulate inappropriate email or to access inappropriate websites. These companies had either no policy in place forbidding such behavior or did not enforce the policies that were in force. By enforcing these policies employers have been successful in shifting the responsibility for the inappropriate action back onto the employee (Chickowski 2).
Employers cannot, in the majority of cases, simply shut off internet access. Most companies have a business need for the legitimate use of the internet. These needs may include research, ordering, and communication. Internet usage is problematic, though, because the non work related internet usage by employees can cost the company as much as a forty percent loss of productivity (Forsite Technologies 1). It is estimated that thirty-seven percent of employees surf the web constantly during working hours.
Another twenty-four percent admit to shopping online using work computers, and thirty percent watch sports events on the company owned computers (Foresite Technologies 1). Coupled with the security and litigation concerns mentioned above, it should come as no surprise those companies are either already monitoring internet usage or are investigating the possibilities.
It is fairly typical for companies to block access to websites that filtering companies have termed the “Sinful Six”. These are adult content, race and hate, violent, tasteless, gambling, and inappropriate content (Chickowski 2). The vast majority of employees understand the business needs that require that access to these sites be restricted. The larger issue, though, is the restriction to non-business sites like msnbc.com or CNN.com.
Blocking these sites runs the risk of alienating productive employees who might surf these sites during lunch or on authorized breaks. This is a place where managers have to weigh the cost and benefit factors associated with blocking internet access. These factors will vary from company to company, and no “one size fits all” approach will be effective (Chickowski 2).
Employee buy in is a must if an internet policy is going to be supported and embraced. In one survey, sixty-six percent of employees believed that their employer had the right to monitor internet usage by employees. But ninety-two percent of these also stated that they believed the company has a moral and ethical responsibility to notify the employee that they are subject to monitoring. Developing a clear policy will assist in the cooperation of the employees (Chickowski 2).
Any policy that is developed should clearly explain to the employee what and whom the employer intents to monitor. The policy should also include the business reasons that require this monitoring to take place. The company should require the employees to read and sign the policy, provide a copy o the signed policy to the employee, and keep the original in the employee’s personnel file. An annual update of the policy would also help to remind the employees of the policy and its content (Chickowski 3).
While each monitoring policy will vary from company to company, they all should include the common basic tenants. First, the policy does need to state why the monitoring is necessary from a business standpoint. This will assist the employee in understanding why the policy is in place.
Second, the policy should enforce that the equipment in the workplace is the property of the company, and is to be used for work related purposes only. Third, it should outline what forms of communication and web sites the company deems inappropriate, along with the types the employer finds acceptable. The policy needs to set clear boundaries for the use of the company equipment for any personal use, and there needs to be a clear and transparent section on the consequences for violating the policy (Chickowski 3).
Once this policy is in place, a path is cleared fort the ethical and legal monitoring of employees. If an employee decides to sue the company for an invasion of privacy, the employee must show that they had an expectation of that privacy. If the company has a signed copy of the policy in the personnel file, that expectation does not exist. Without this expectation, there can be no legitimate claim to privacy. Courts have typically sided with employers in these cases (Chickowski 3).
Email restrictions and monitoring can be more problematic than internet access in general. Where an employer still has the legal right to monitor email, the use of the information that is discovered may be restricted. Employers has a rule cannot release information that is federally protected, such as medical records (Olzak 2). The other issue is telephone usage versus email. Telephone usage can indeed result in more time lost then sending a simple email. If an employee calls their spouse on the phone to inform them that they are going to be late, that conversation may indeed result in more lost work time then a simple email would.
There are very legitimate reasons to restrict email. The Chevron corporation paid over two million dollars to settle litigation when four women claimed they received pornography from coworkers who were using Chevron computers. Other large settlements have been paid by companies who did not have a policy in force (Olzak 1).
The right to monitor email communication comes as a result of The Electronic Communications Act of 1986 (18 U.S.C. Section 2510). This act provides for the monitoring of electronic communication if the computer or other device is used in the normal course business. This right does not allow unfettered monitoring. Managers are not allowed to read email or browse through electronic media that is unrelated to abuse prevention.
The courts are taking a dim view on employers who violate what they see as a reasonable expectation of privacy (Olzak 2). This would extend to emails regarding health related issues, retirement issues, and anything that does not violate a company policy. Employers who do read through this material are on shaking legal and ethical ground, and may indeed be violating laws prohibiting such perusal, such as the HIPPA statute (Olzak 2).
Privacy rights may be granted unintentionally by employers. If an employer uses an encryption mechanism to scramble emails they may be generating an expectation of privacy (Workplace Privacy 2). An expectation of privacy can also be generated if employers state either explicitly or implicitly that personal use of the email system is allowed. This is not an absolute, however.
If the email content violates another policy, such as sexual harassment, then that policy can still be enforced. In Smyth v. Pillsbury (Case 95-6712, US District Court, Eastern Pennsylvania 1996), the court ruled that an employee’s termination was legal even though the company had a policy allowing for the personal use of email. In the case, the employee sent sexually explicit emails to other employees, violating a sexual harassment policy (Work Place Privacy 3).
Many factors must be taken into consideration by a manager who is contemplating a new policy regarding email and internet usage. The obvious need for policies that prevent access to the “Sinful Six” is taken for granted. The manager needs to rethink the not so obvious privacy issues. For example, there are legitimate reasons to allow personal use of email. Restrictions on this use must certainly be in place, but email may be more efficient then telephone use. Restrictions on internet access to sites like CNN.com on breaks might be allowed. The restrictions and policies will vary from business to business.
American Civil Liberties Union. “Through the Keyhole” American Civil Liberties Union. 1998.
12 Apr. 2007
Chickowski, Erikca. “Monitoring Employee Internet Usage”. Vericept, Inc. 2006. 12 Apr 2007.
Crane, Amy. “Workplace privacy? Forget it!” Bankrate, Inc. 2005. 12 Apr 2007
Forsite Technologies. “Do You now What Your Employees are Doing on Their Computers?”
Forsite Technologies, Inc. 2007. 12 Apr 2007
Nizik, John. “Aren’t I Entitled to Workplace Privacy Rights?”. Workplace Privacy. 2007. About: Tech Careers. 12 Apr. 2007
Workplace Privacy. “Employee Monitoring: Is There Privacy in the Workplace?” Privacy
Rights Clearinghouse. 2007. 12 Apr. 2007