Last week I was drawn into a conversation between two women who happened to be small-business owners. One woman was telling the other how her husband occasionally looks at their employees' emails. Her mention of this almost sounded like a confession - like her spouse and business partner was guilty of something he shouldn't be doing.
I told both businesswomen that the company owner not only has a right to look at the email but also is wise to do so from time to time. Reviews of messages in a company-provided email system can reveal misuse of company resources, theft of intellectual property or other concerns. What's more, the contents of email messages can be subpoenaed in the event of a lawsuit, so the business owner or executive team should know what's going through company systems. Consequently, many employers - large and small - screen employees' messages today.
Just ask Harry Stonecipher, whose reign as CEO of Boeing ended when his grievous misuse of the corporate email system was revealed to the board of directors. It seems Harry unwisely chose to send sexually explicit notes to a secret paramour who also worked at Boeing. Given that Stonecipher was supposed to be leading the charge to a more "morally proper" company, the board had little choice but to fire him as an example for all other employees.
He isn't the only person to assume email content is private. Many employees make that assumption, but experts on labour issues say employees have no right to privacy when it comes to communications using company systems such as email, instant messaging, telephones and fax machines. However, it's important to fully inform employees of the company's policy regarding the use of such resources.
Does your organisation have a published policy on the use of your email system, and do you adequately train employees on that policy and what is acceptable use of email? According to a 2004 survey conducted by the American Management Association and The ePolicy Institute, 79 percent of the 840 responding companies say they have a written policy governing the use of email. However, only 54 percent of the surveyed companies conduct email policy training.
The survey also revealed that most companies monitor the content of incoming and outgoing email. However, only 27 percent of the companies monitor the content of email flowing within the company, where familiarity might lead to passing around inappropriate content.
Companies that don't conduct policy training or monitor internal messages can be putting themselves at risk. In 2003, oil company Chevron USA paid US$2.2 million to settle a sexual harassment lawsuit over its email content. The allegations were made by a group of women employees who alleged a Chevron subsidiary allowed its internal email system to be used to transmit sexually offensive messages.
A workforce that is educated about and routinely reminded of your email policy is the first line of defence for your company. People who see the policy flashed on the screen during log-on are more likely to comply with your rules. What's more, in the event of a lawsuit or criminal activity, a company that can demonstrate its allegiance to policy and training could be treated favourably by the courts.
An employee of American Family Insurance was found to be receiving child pornography on his company computer. The company was not held liable for the employee's action because it could prove that it has an active policy against such use of the computer. In order for the employee to gain access to his company network, he had to acknowledge the policy as part of the log-on process. Unfortunately for him, he ignored the policy and got caught.
So employers, whether your company is large, small or in between, don't feel guilty about taking a peek at what's flowing through your network; it is your right and responsibility. If you shut your eyes to potential problems, even larger problems could arise.
Linda Musthaler is vice president of Currid & Company, a Houston technology assessment firm.