NELSON & COMPANY ::Employee Article

Employer’s Netiquette – A Guide to Avoiding the Pitfalls of IT in the Office

It is hard to remember a time before e-mail, even though it has only been in widespread use for less than 15 years. These days, any office-based workplace which doesn’t have e-mail and internet access might be seen as a little behind the times. After all, how else do you communicate with clients, contacts and suppliers? E-mail is a swift, cost-effective and efficient method of communication, particularly in Cayman where many businesses regularly deal with overseas clients and customers.

For employers, allowing employees e-mail and internet access can raise a variety of issues. These include age-old concerns about losing time and productivity due to excessive personal use and newer issues, such as those raised by the recent phenomenon of blogging.

Surf’s Up

Losing productivity is an obvious concern. A recent UK survey of 1,000 employees of Hewlett Packard revealed that 43% of them admitted to spending more time chatting on e-mail than doing actual work.  For all the time   e-mail and the internet saves employers, employers can never be quite certain of the effect it is having on productivity as employees chat, book their holidays and instant message on company time. Although many employers accept that a certain amount of productivity will be lost, the risk that the time lost will be significant is not one which will ever be fully eradicated.

Perhaps more concerning for an employer is the potential for the company name to be brought into disrepute as a result of misuse of IT by employees. E-mails can spread like wildfire and employers may find themselves receiving adverse publicity as a result. Bankers J P Morgan learnt the hard way when one of their employees sent an e-mail boasting about his sexual conquests to his friends at work which quickly made its way around the world. Two leading international law firms were highly embarrassed when e-mails from their employees were circulated throughout the global business community – one concerning a lawyer and his girlfriend discussing their sexual preferences and another concerning a petty row between a senior lawyer and his secretary over a dry-cleaning bill.  All three stories hit the headlines and the companies in question were faced with PR issues they would have preferred to avoid.

Blogging Off

The possibilities for damage to a company’s hard-earned reputation have also increased with the rise in popularity of blogging. There is growing concern in the business community that employees are criticizing and commenting on their employers in their personal blogs.  Recent cases in the UK and France have shown that employers may have little recourse against an employee who airs their non-defamatory but nonetheless unfavourable personal opinions about their employer in their blog, highlighting the often delicate balance between protecting freedom of speech and protecting a reputation. Employers are also concerned that the rise of blogging means that employees are choosing not to raise legitimate workplace issues in the first instance with them but instead are venting their spleen online.  

Another point to consider is that on many e-mails, the company logo appears automatically at the bottom of the message and consequently, personal e-mails may appear to be sent with the blessing of an employer. This is fine if the e-mail is innocuous but worrying when it concerns views or statements that the company does not endorse, particularly if those views are in any way inflammatory.

At the most serious end of the spectrum is the potential for use of internet access provided by an employer to surf the internet for pornographic images or to send abusive or harassing e-mails. The technical issue of the introduction of computer viruses to an employer’s IT system, whether inadvertent or deliberate, is also not to be dismissed lightly. An employee of a large offshore law firm managed to bring one of their biggest clients, ironically a household name in the IT sector, to a standstill after they inadvertently downloaded and sent the client the notorious “I love you” virus when accessing their personal web-mail account at work.

Employees Beware

On the other side of the coin, employees may not realise the potential for adverse consequences for their own careers if they misuse their employer’s IT facilities. Quite apart from the obvious disciplinary sanctions they might face for forwarding an ill-considered e-mail to the outside world, there could be other more serious repercussions. A lawyer at a well-known law firm on the Island had his plans to jump ship to a rival law firm scuppered when his employers discovered e-mails between him and his potential new employer on his work computer and as a result, took steps that effectively prevented the move. Another lawyer on the Island found his partnership application held back when his employer discovered that he had been viewing pornographic images on his work computer. Many employees don’t stop to think about the consequences and forget that once something is on their computer’s hard drive, it is virtually impossible to erase it.

What Can Employers Do?

Denying employees e-mail and internet access is an obvious, if draconian, solution although some employers have found that this to be the simplest way to address their concerns. However, most employers will want to be able to utilise the business benefits of e-mail and internet access and therefore, need to find a middle ground.

The first step to take is to ensure that sensible policies are put in place to lay out what the employer regards as acceptable use of the company e-mail system & internet access.  
Any policy should set out clearly what the company will permit and what the consequences of breach of the policy will be – such as disciplinary action or even dismissal. When it comes to the sanctions, employment contracts should be reviewed to ensure that they are consistent with the policies and that any sanctions for breach of the policy are permitted within the bounds of the employment contracts. Dove-tailing the contracts and the policies are vital if they are to be effective.

Employers will want the policies to cover the basics of personal use and what they consider to be misuse and may also use the policies to cover issues of IT security, monitoring, access of personal web mail accounts on company equipment, passwords and basic “netiquette”. These policies should be regularly reviewed to ensure they are kept as up to date as possible as technology, legislation and the workplace changes. Employers with older, existing policies may want to update their policies to ensure that they cover blogging on company equipment or on company time.

 The next step is to take the time to make sure that employees are aware of both the existence and contents of the policies, so that everyone understands the parameters and no one can plead ignorance. Employers then need to ensure that the policies are enforced and enforced consistently, as there is no point in spending the time in developing a policy and then not using it.

Employers should also consider updating e-mail templates to ensure that an appropriate disclaimer statement automatically appears at the bottom of outgoing e-mails to deal with confidentiality and what to do if an e-mail is received in error. This could include a separate message for personal e-mails that clearly identifies the message as a personal e-mail and states that any views contained in it do not represent the views of the company.

On the technical side, employers have a vast armoury at their disposal, should they wish to protect their IT systems or suspect an employee of misuse. A proxy server can be installed to track web-sites accessed by employees and are capable of tracking the full history of internet usage including the number of times a web-site was accessed and for how long. A good firewall and local e-mail servers can also assist, particularly in tracking e-mails sent and received by individuals. Auditing software can be used to obtain screen-shots of monitors to track the use of instant messaging services and recreate the messages sent.  With the wealth of technology on offer for employers to monitor their employees IT and internet usage, employees should take note that there is really no such thing as privacy when it comes to their work computer systems.

With a simple policy in place, robust employment contracts and a consistent approach, employers can easily avoid many of the issues associated with e-mail and internet access and still have the all the benefits of the 21st Century workplace.

Denise Tomlinson
Nelson & Company.
 
About the author

Denise Tomlinson is an attorney with Nelson & Company. Prior to joining Nelson & Company, she was a partner at Lewis Silkin, a leading London law firm, specialising in employment & labour law. Denise has over 10 years’ legal experience and writes & advises on a variety of employment and HR issues.

<- Back To Recent Local Articles