Someone to watch over you

If you don’t have a company policy regarding e-mail and Internet usage, there’s no better time than the present to create one, says Paul Jackson, a partner in the employment group at Roetzel & Andress.

Jackson has been drawing up these policies since the mid ’90s, but over the last three years, he’s seen the need — and the demand — for them, rise. He says, policies can enable an employer to investigate past wrongdoing and help curtail current wrongdoing.

“E-mail and obtaining and forwarding objectionable information from the Internet seem to play an ever-increasing role in harassment cases,” he says. “That’s one of the main reasons employers want to have the ability to monitor or restrict Internet and e-mail use. You need to do that as a company just to attempt to minimize liability to some degree.”

A policy outlining allowable e-mail and Internet usage can also help protect trade secrets, he says.

The Stored Communications Act — the law referred to most frequently regarding e-mail usage — basically puts a limit on what the owner of the equipment (the employer) can do. It was written to prohibit wiretapping, but has been applied to situations in which an employer has monitored e-mails or Internet usage.

“Essentially, what the courts have said is that the act only prohibits an employer from accessing e-mail which is in the process of being transmitted or before it’s been viewed by an employee. Once the employee views it or discards it or puts it into permanent storage, then that Stored Communications Act prohibition no longer applies,” Jackson says.

After that point, an employer has a right to access stored or deleted information on a computer.

Jackson offers the following considerations in creating a clear policy on e-mail and Internet usage.

1. Put the policy in writing and put it on your computer system. “Have it in written form and have the employee acknowledge that they’ve received it,” he says. “That removes that issue of, ‘ I didn’t get it.'”

2. Start with a philosophical statement — because you can’t cover every scenario — that e-mail and Internet access are provided as business tools and should only be used for business-related purposes. Make it clear that since the employer owns the equipment, employees have no reasonable expectation of privacy in their e-mails.

3. Include a statement that the company insists that employees respect copyrights, software licenses, and privacy policies.

4. Make it clear the company has and will monitor e-mail activities.

5. State that employees must refrain from making false or other statements which could expose the company to liability, particularly if their e-mail addresses are the company’s e-mail address.

6. Make it clear employees must only access the Internet for business-related purposes, and before they send something from the Internet through the company’s e-mail system, it needs to be approved. This is for content and for security reasons.

7. Even from business-related Web sites, employees should not download files they believe are untrustworthy.

8. “You want to caution your employees not to open an e-mail unless they know where it comes from. That’s not a guarantee, but you’re supposed to know who your source is before you open any attachments,” he says.

9. State that e-mail is not to be used to transfer proprietary information or trade secrets to a competitor.

For more information, contact Jackson at (330) 849-6657.