Entry No. 43f

IT Writers Awards

For most employees, the convenience and immediacy of e-mail meant it was only a matter of months before the technology’s introduction saw it almost totally supplant the written methods of communication that have dominated business for centuries. But with the good comes the bad: e-mail has also become widely used for a host of decidedly non-business activities that mainly used to occur around the water cooler or in the tea room – things such as distributing dirty jokes and pornography, complaining about the boss, and making advances towards workmates.

By all accounts, such usage of e-mail has already reached epidemic proportions. A survey of 805 US workers, conducted last year by market research company NFO Worldwide on behalf of content monitoring software company Elron Software, found that 70.4% of employees admitted to adult-oriented e-mails at work and 64.4% admitted to politically correct or offensive e-mails.

Although many employers may be unaware of specific employees carrying out such activities, a growing body of legal decisions has reinforced the idea employers’ obligation to foster a harassment-free workplace extends to e-mail and beyond. Unless companies are seen to be taking proactive measures against such abuse, they and their directors can be held personally liable for resulting damages claims.

In one widely-cited case, petroleum interest Chevron was forced to pay $US2.2 million in damages to four women who argued that they felt sexually harassed by a widely distributed e-mail entitled "25 reasons why beer is better than women." And US brokerage firm Morgan Stanley & Co was recently sued by two African-American employees who had felt threatened by racist jokes circulating amongst the company’s white employees.

Not surprisingly, the litigation-hungry US has been the stage for the majority of such complaints. But the threat of such judgments here is now a lingering and very real concern: while Australian state courts can award damages of up to $40,000 for this type of claim, there are no limits on the awards that can be handed down by Federal judges. The commercial imperative to prevent such actions has been further augmented by findings that many employees are sending confidential company information – inadvertently or intentionally -- outside the company using e-mail (see chart).

Analysts such as www.consult predict Australians will send more than 2 billion e-mail messages this year, a majority of which will originate from corporate workplaces. To protect both their coffers and their business integrity, many companies are now implementing systems that filter and intercept e-mails for a range of objectionable, proprietary and otherwise potentially damaging content.

Such systems – which include titles such as Elron’s CommandView Message Inspector, Content Technologies’ MIMEsweeper, and Emu Technologies’ EmU – are installed on server close to e-mail servers or firewalls, and constantly scan incoming and outgoing e-mails for offensive or inappropriate content. Flagged messages can be quarantined, forwarded to directors for review, or processed using a variety of rules such as adding a legal disclaimer to the end of every outgoing message.

Although many workers have raised concerns about employers monitoring their private communications, it’s something they’ll just have to get used to. "One of the things about being at work is that you’re not on your private time," says Judy Siddons, a partner in the National Employee Relations Group of law firm Freehill Hollingdale & Page. "There is a whole body of law that says your employer is entitled to monitor your performance – as long as it’s clear what the boundaries are. Obligations on employers are such that they’re really required to [monitor e-mails] if they’re going to meet their [responsibilities]."

Policy decisions
Despite its broad range of capabilities, e-mail monitoring software is a beginning for efforts to stem inappropriate e-mails – not an end in itself. After using such software for a few weeks or months, companies can use the applications’ reporting capabilities to better characterise the e-mail usage patterns of their employees. This information can, in turn, be applied to the creation or updating of a companywide e-mail usage policy – which is the most important tool in the development of an e-mail defence.

The makeup of individual e-mail policies may vary, but "they don’t have to be terribly complicated," says Alan Schaverien, managing director of Content Technologies Asia-Pacific. "Most policies are common sense: don’t communicate to competitors, don’t send around material that others would find offensive, don’t breach copyright – and take care to use e-mail as a formal, not informal, method of communications. In our experience, around 80 percent of e-mail traffic, by volume, is electronic litter."

Developing a strong policy now will be a lifesaver later, should any employee’s actions come into question and the company be called upon to prove its zeal in protecting the integrity of its workplace. Logs of intercepted e-mails can be used to identify patterns of abuse that will allow management to zero in on repeat offenders. Those same logs will also support management decisions to sack staff for policy violations, should an unfair dismissal claim arise in the future.

Because they could become essential to a company’s defence in such a case, companies wanting to ensure their policies are watertight are well-advised to run them by a legal advisor that specialises in information technology and/or workplace relations.

Also worth reviewing are the company’s practices for communicating the policy to employees. While many companies are forcing employees to sign their consent to abide by e-mail policies when they’re hired, it’s also beneficial for companies to take a more ongoing role in user education. This could include, for example, posting updates on the company intranet or e-mailing changes in policy directly to every employee with a return receipt to indicate that the message has been read.

As with all matters of regulating large numbers of people, paranoia can also be a valuable tool. In the Elron Software survey, for example, a surprising 60.9% of employees were unaware that an e-mail tracking system was in use within their workplace. By taking every opportunity to reinforce the point that monitoring is in use – and saying that it is even if it hasn’t been implemented yet – companies are likely to find employees becoming much more careful about the e-mails they send.

This effect has already been observed in another Elron-NFO survey, which found that the percentage of employees accessing pornographic Web sites declined from 72 percent in June 1997 to 62 percent in June 1998. Much of this decline can likely be attributed to widespread implementation of monitoring technology – and, more importantly, improved communications between employers and employees about workers’ online responsibilities.

Problem solving
Of course, there will always be those employees that – whether out of disregard for the rules or simply through general callousness -- continue to engage in antisocial conduct via e-mail. Although most currently available content monitoring technology can be circumvented by employees using encryption (for e-mail) or proxy hosts (for Web surfing), the safeguards the applications provide will help employers easily separate repeat offenders from compliant workers who make an honest mistake – for example, sending financial results to the wrong person or inadvertently forwarding an offensive e-mail that is sent to them.

More cunning workers might well begin using Web-based e-mail services such as HotMail and AngelFire, but access to such services can be readily restricted using any of a variety of Web monitoring applications. In any case, e-mails coming into the company from such accounts would still pass through the e-mail scanner where they would be isolated and dealt with individually.

To show that they’re serious about e-mail abuse, many companies will choose aggressive options to deal with continued behaviour problems. These will most likely include a number of warnings and could eventually escalate to suspension, payroll deductions, and even dismissal – which last month became the fate of 23 employees within a company invoice, pay cheque and benefits processing centre within the parent company of the New York Times newspaper.

Although details of their offences haven’t been disclosed, the company would confirm that they were laid off – and many others were given warnings – due to their involvement in internal e-mails that breached the company’s e-mail policy.

The problem has become just as rife within Australia. Just last month, three employees of the federal Department of Veterans’ Affairs were sacked after they were found to have sent a sexually explicit e-mail to nine Department employees, most of whom were women. A year ago, the Australian Customs Service had similar problems after a number of its employees were caught exchanging pornography on their work computers.

"Most organisations are concerned about their relationship with the external world, [and particularly] how that relationship flows to and from the Internet," says David Jones, technical director with e-mail filtering developer Emu Technologies. "IT people are pushing the issue upwards due to the waste of corporate resources such as disk space and bandwidth, and directors consider this to be a key issue of liability. As [Australian] culture shifts to be more opportunistic in its litigation through being exposed to American TV shows that glorify the legal process, we’ll have a subset of our population that earn a living by taking advantage of these incidents."

"But instead of getting into a situation where you have to fire someone, if you lead with education, follow up with technology and use a monitoring tool [to check compliance] you’re being a proactive and responsible employer. If employees are choosing to get around the system, you’ve simply got to question the value of that particular employee."

SIDEBAR: E-mail nasties
Of 805 surveyed workers:
85.6% have sent or received personal e-mails
70.4% have sent or received adult-oriented personal e-mails
64.4% have sent or received racist, sexist or otherwise offensive e-mails
10% have received e-mails with information that is known to be company confidential, from an outside company
21.5% have put financial information in personal e-mails at work
20.6% have put business information in personal e-mails at work
31.6% have put new product launch information in personal e-mails at work
50% of companies have an Acceptable Usage Policy in place
43% of companies plan to implement an Acceptable Usage Policy
Reasons named by companies for putting in Internet management software:
77% to increase user productivity
74% to increase network bandwidth
70% to reduce corporate legal liability
Source: 1999 Email Abuse Study and 1998 Surf Abuse Study (Elron Software and NFO Worldwide), www.elronsoftware.com/pdf/1999Email.pdf

Back to Best Feature 
Top of page

Content Copyright © the author/publisher listed above

Design Copyright © Consensus Pty Ltd

This web-site uses frames, click here for the full picture