Legal
3 Steps For Keeping Your Employees'
E-Mail From Landing YOUR Business IN Court

by Patricia S. Eyres

   With an estimated 1.3 trillion e-mail messages being sent annually, electronic mail is quickly becoming the communications medium of choice in many business settings. While e-mail transmissions do offer many benefits, such as speed, ease-of-use, and relatively low cost, business owners are learning the hard way that e-mail is a visible and potentially perilous communications tool.
   For example, one company faced six claims of sexual harassment because an employee downloaded an "adult bulletin board" to the company's computer system and programmed it to display the offensive material on employees' screens when they accessed their mail. Another company paid $2.2 million for racially charged e-mail messages exchanged on its system by employees. But these incidences don't only occur in large organizations. Companies as small as ten employees have had to discipline employees for misuse of company computer systems, with violations ranging from inflammatory messages to software piracy.
   E-mail abuse and Internet misuse can cripple communications, disrupt operations, or embarrass a business. It also increasingly leads to real legal liabilities. Inflammatory or abusive content, off-the-cuff jargon, ambiguous instructions, imprecise memos, embarrassing gossip, unprofessional language, or breaches of confidentiality are all a fertile source of concern for e-mail writers and their employers.
   Many of these e-mail related challenges can be eliminated or controlled through proactive techniques for generating and maintaining online communications. Below are the three most critical steps every company should take to reduce their chances of an e-mail disaster. Implement these measures today so your employees' e-mail transmissions don't hinder your company's operations.

Enact an E-mail Usage Policy

   To improve your company's control over employee e-mail, adopt policies that clearly define what rights the company reserves and explain that e-mail communications are not private. The specific language of the policy will vary depending upon the company, the industry, and the specific needs of the work environment. The policy should be written and incorporated into employee manuals or policy books. Employees, indicating that they have read it and agree to be bound by its terms, should then sign the policy.
   Some common e-mail usage policy highlights include:

Defining the Permissible Uses of the E-mail System

   Make it clear that the business owns the e-mail system. All messages that are created, sent, or received using the system remain the property of the company. Indicate that workplace e-mail systems are to be used for business communications only. Personal business is unauthorized and should not be conducted at any time. Additionally, it is wise to state that offensive, discriminatory, or disruptive e-mail messages are strictly prohibited. All non-discrimination policies should also refer to e-mail as a prohibited medium for inappropriate content.
   All employees should be made aware that access to messages received by or transmitted through the e-mail system are limited to persons who need to know the information. Employees should disclose information or messages only to authorized employees. Equally important is to put employees on notice that any communications created, sent, or retrieved using e-mail may be read by individuals other than the intended recipient.

Defining Appropriate and Impermissible Content

   Employees must know specifically what is allowed and what is prohibited in the e-mail system. Explain that messages containing insensitive language, racial, sexual, ethnic, or religious material is not acceptable. Prohibit all offensive or disruptive messages, as well as abusive, obscene, or vulgar language, gossip, ridicule, or retaliatory messages. Further explain that downloading sexual, racial, religious, or otherwise discriminatory or offensive material from the Internet is not allowed. Finally, inform employees that violations will result in appropriate discipline.

Reserving the Right to Monitor E-mail

   To keep your employees in compliance, specifically reserve the right to review, audit, intercept, access, and disclose any business or personal messages created, sent, or received on the e-mail system. To assure legally sufficient employee consent, the policy should contain a clear description that the employer will monitor the e-mail, which goes well beyond simply reserving the right to do so.

Enforce Your E-mail Usage Policy Regularly

   Establishing a policy is only the first step to limiting liability when monitoring e-mail. Equally important is enforcing the policy in a manner that makes it fully effective in eliminating employees' alleged reasonable expectations of privacy. To make your employees continually aware that the policy is in effect, consider using an electronic disclaimer that is triggered each time the individual logs onto the e-mail system or accesses a personal e-mail mailbox. This also helps establish that the employee has no reasonable expectation of privacy.
   Enforce your e-mail policy systematically and regularly, even for what may seem like a minor offense. Failure to do so could result in waiver of the employer's rights. For example, employees may allege that they expected privacy because the employer was known never to enforce its monitoring policy and was also known to be aware that employees were exchanging personal or private e-mail messages. Be advised, though, that employers must exercise caution and monitor only in situations where monitoring is necessary to protect legitimate business purposes. Train management on the use of the e-mail technology to assure that accidental leaks of information obtained do not occur.

Educate Employees and Managers About the E-mail Usage Policy

   Despite the prevalence of e-mail abuse and consequences played out in the media, many employees still believe their e-mail is private and transitory, and that personal access to the web at work is untraceable. Employers must educate their employees that this is not so. A good employee education system will alert employees that the use of passwords does not indicate a message is confidential or that the company will not be able to intercept it. Additionally, it will point out that the deletion of a message does not give an assurance that it will not be retrieved or read. Employees should understand that until the message is written over on the hard disk drive, it is retrievable and that the company has the technical tools to do so and so reserves the right.

   As e-mail communication continues to dominate the business world, it's more important than ever for employers to keep tabs on employee e-mail messages. Not doing so could leave the organization in the midst of legal troubles. In today's electronic age, smart companies will enact and enforce an e-mail usage policy and will educate employees and managers as to its purpose and use. It's one measure that could keep your employees safe from inappropriate communications and could save your company millions of dollars in potential lawsuits.