The use of computers and electronic communications to conduct business has grown increasingly over the last several years. Employees at all levels are using computers and other electronic devices such as PDA’s to access the Internet and to communicate with each other and the outside world through electronic mail (e-mail).
While business owners are generally aware that time wasted by employees’ use of the Internet during work hours costs the company money, they may not be aware that when employees use company computers to send or receive e-mails, the company’s assets and reputation could be at risk. For example, employers can be held liable for employees’ misuse of company e-mail to engage in sexual, racial, and other forms of harassment and threats of violence. Other concerns raised by the use of company computers and e-mail are the potential for theft or unauthorized disclosure of company information and the possible corruption of the company’s computer system through the introduction of computer viruses.
One way in which businesses can protect themselves is through the installation of various software programs, which can be used to filter computers connected through the company’s network, block access to specified Internet sites, and analyze the hard drives of computers on the network to identify employees who have unauthorized software or files on their computers or other electronic devices.
Laws in almost every state allow the monitoring of employees in the course of their work day. There are a number of different forms of employee monitoring. For example, employers are permitted to videotape common areas within the workplace such as workstations, hallways, parking garages, and break rooms, because employees have no legitimate expectation of privacy in such areas. For the same reason, employers may also monitor e-mail communications and Internet access on company computers or other electronic devices.
Companies that engage in any type of workplace monitoring should have a written policy that clearly specifies what is expected of their employees and what activities may be monitored. The policy should be broad enough to cover company-owned computers and other electronic devices, whether they are used on company premises or by employees at home or when traveling for business.
A computer-use policy should make it clear that information or communication on company computers and other electronic devices is not considered confidential, regardless of where the computer is used, and that the employer has the right to access company computers or other electronic devices at any time and for any reason to review and monitor their contents.
The policy should also provide that no company computers or other electronic devices may be used in any manner to communicate sexually explicit content, racial or ethic slurs, or any type of harassing, disparaging, or offensive comments based on race, gender, sexual orientation, religious or political beliefs, or associations.
A computer or other electronic device use policy should be reasonable in scope. While it can provide that the company’s e-mail system is to be used for company purposes, employers may also want to allow employees to make limited personal use of the company’s computers for non-business related purposes as long as such use does not interfere with employees’ job responsibilities. The policy should also inform employees that any illegal, harassing, or other unwelcome use of e-mail will result in disciplinary action, up to and including termination.
Employees should be required to acknowledge in writing that they have received and read the policy to prevent any misunderstanding about whether it was communicated to and received. The acknowledgement should reiterate the fact that the employee understands that he/she has no right or expectation of privacy in any information contained on any company computer.
Once a computer or other electronic device use policy has been implemented, it should be enforced consistently, including through disciplinary action. Consistent application of the policy will make it clear to employees that management is serious about compliance at all levels within the company. Failure to discipline employees for e-mail and Internet misconduct may encourage other employees to misuse the company’s electronic communication system and could create liability concerns for the company.
Electronic technology can be beneficial to business owners. However, there are certain risks inherent in the use of company computers or other electronic devices, e-mail, and the Internet by employees. Companies should take precautions to ensure that their electronic resources are being used properly and not abused by their employees. Implementing a clear and concise computer and other electronic device use policy and enforcing it consistently will help safeguard your company, its assets, and business reputation.
Tom Stachler is a member of Strauss & Troy’s Litigation Department and primarily concentrates his practice in the areas of complex commercial litigation and personal injury law. For more information on how you can protect your business from employees’ use of company computers and other electronic devices, please feel free to contact Tom at (513) 629-9417.