COMPUTER USE IN THE WORKPLACE

COMPUTER USE IN THE WORKPLACE

COMPUTER USE IN THE WORK PLACE:
HOW TO AVOID BECOMING TANGLED IN THE "WEB"
I.
Introduction.
The computer is a tremendous tool in the work place, increasing productivity and
efficiency. Computers also provide a gateway to widespread communication through
electronic mail ("e-mail") and the Internet. The resources of a computer, and the
networks to which it provides access, also provide employers with new challenges in the
work place. Consider these examples:
•
What if an employee uses the computer for personal reasons during work time?
•
What if an employee defames another employee or customer through electronic
mail?
•
Can a supervisor access and monitor the e-mail of an employee?
•
What if an employee downloads information that is copyright protected?
•
What if an employee transmits confidential and sensitive information concerning
the company?
•
How should you respond, as a public employer, if the local news media requests a
copy of all your e-mail transmissions under the public documents law?
•
What if an employee accesses pornography and uses it to harass others?
These are but a few examples of the types of issues raised by computers in the work place.
This outline will examine the legal principles underlying these issues and, then, will
provide practical suggestions for addressing these issues through a computer use policy.
II.
E-mail in the Work Place.
An e-mail system allows employees to communicate with each other through the use of
written messages generated by and stored on the computer system. Generally, e-mail
messages are stored in a database on a network file server. All unread message titles are
indexed in the user's "in-box." The user has the option of leaving read messages indexed
in their in-box or organizing them into "folders." A user also can archive a message to
their hard disk or diskette, or delete the message from the system. Only deleted and
archived messages are removed from the e-mail database.Page 3

3
The important point for employers to keep in mind is that, once transmitted, e-mail
messages do not "disappear." Rather, they remain stored in the database until specific
steps are taken to remove them. Some of the issues raised by this technology are
addressed below.
A.
Monitoring Of E-mail.
1.
Reasons Why An Employer May Want To Monitor Employees' E-mail.
An employer may have many legitimate reasons for monitoring its
employees' e-mail. For example, if an employee is absent for an extended
period of time, the employer may need to monitor or access that
employee's e-mail to ensure that no important messages remain
unanswered. Because retaining a large number of e-mail messages can
slow down the operation of the system significantly, an employer may want
to monitor messages to determine which can be deleted from the system.
Of course, an employer also may want to monitor messages to ensure that
the system is being used by employees in an appropriate manner (i.e., that
no inappropriate or illegal conduct is occurring.)
2.
Legal Issues Raised By An Employer's Monitoring Of Employees' E-mail.
a)
Invasion of Privacy.
The courts have recognized the existence of a right to privacy that
is broad enough to cover certain conduct occurring in the work
place. This concept is not new to the employment context. For
example, the issue of invasion of privacy has arisen regarding
employer searches of employee desks, lockers, and personal
belongings. The issue in all of these cases, invariability, boils down
to whether the employee had a reasonable expectation of privacy.
For example, an employee who is given a key to his desk and
allowed to lock his desk every night may, reasonably, conclude that
personal items locked in the desk would remain private. If an
employer, unbeknownst to the employee, used a master key to
unlock the desk and search the contents thereof, the employee may,
conceivably, be able to bring an action for invasion of privacy.Page 4

4
The same principles would apply to an employer's
accessing/monitoring of an employee's e-mail. That is, the issue is
whether the employee had a reasonable right to expect that his e-
mail is confidential.
The trend has been to find that an employee does not have a
reasonable expectation of privacy in his e-mail communications.
For example, in a case arising in Pennsylvania, an employee of the
Pillsbury Company was fired for transmitting what the company
deemed to be inappropriate and unprofessional messages over the
company's e-mail system. The employee filed a lawsuit against
Pillsbury claiming that it violated his right to privacy when it
monitored his e-mail messages. The court disagreed. The court
found that the employee could not have had a reasonable
expectation of privacy in the e-mail communications that he made
to others. The court reasoned that, once an employee disseminates
an e-mail communication to others, the employee cannot expect
that the communication will remain private. Smyth v. The Pillsbury
Company, 914 F.Supp. 97 (E.D. Penn. 1996).
While the trend is find that an employee does not have an
expectation of privacy in his or her e-mail communications, it is
easy to see how employees could develop such expectations. For
example, it is not uncommon for employees to have personal
passwords that are used to access their software programs and e-
mail. Going back to the example of the employee with the locked
desk, giving an employee a password may create an expectation of
privacy similar to one that may be created by giving an employee a
key to lock his desk.
The most simple and most effective way in which to ensure that
employees do not have an expectation of privacy in their e-mail is
to, simply, tell them just that. Issuing a policy that informs
employees that the company maintains the right to access and
monitor stored e-mail messages should defeat any expectation of
privacy that employees may have. The elements of such a policy
will be discussed at the end of this outline.
Caveat: it should be noted, however, that regardless of whether an
employer has the right to monitor e-mail messages, the employer
still may have an obligation not to disseminate the content of thesePage 5

5
messages to others in the work force. Such dissemination could
give rise to a separate cause of action for invasion of privacy or
defamation.
b)
Issues Arising Out of the Electronic Communications Privacy Act
(the Wiretapping Law).
The Act, generally, makes it a violation of the law to intercept
electronic communications and to access certain stored electronic
communications. Because e-mail generally is accessed while it
resides in storage, and not during transmission, the Act's prohibition
against accessing stored communications would be most applicable.
A violation of the Act occurs when one, "intentionally accesses
without authorization a facility through which an electronic
communication service is provided . . . and thereby obtains . . .
access to . . . electronic communication while it is in electronic
storage in such system. . ." 18 U.S.C. § 2701.
(1)
Exceptions to the stored communications provision.
Employers who own the e-mail system used by its
employees would appear to be exempt from liability for
accessing their employees stored e-mail under what is
commonly referred to as "the employer owned system
exception." This exception states, generally, that the
prohibition against accessing stored communications does
not apply with respect to conduct authorized "by the person
or entity providing a wire or electronic communications
service." This defense recently was upheld by the United
States District Court in Nevada. Bohach v. City of Reno, et
al, 1996 U.S. Dis. LEXIS 10715 (1996).
(2)
Consent as a defense to the Act.
The Act specifically makes it a violation to access electronic
communication "without authorization." Thus, it would not
be a violation of the Act to access e-mail with the
employee's consent.Page 6

6
c)
4th Amendment Search and Seizure Issues.
Employees in the public sector could, arguably, assert that
accessing their e-mail would constitute an impermissible search
under the 4th Amendment of the United States Constitution. The
underlying issue in a case involving an asserted violation of the 4th
Amendment, however, is whether the person making the claim has
a legitimate expectation of privacy in the invaded place. Thus, as
set forth above in the section on privacy, one defense to a 4th
Amendment claim may be that no such expectation of privacy exists
in the e-mail context.
In addition, no 4th Amendment claim exists where the individual
consents to the search. Thus, a written policy informing employees
that their e-mail is not private and including a provision where the
employees' consent to the access and monitoring of their e-mail
would provide a defense to both elements of the 4th Amendment
claim: it would eliminate any expectation of privacy and would
constitute consent to the search.
d)
The Importance of a Written Policy.
As the foregoing underscores, a written policy regarding the
employer's access to e-mail is important. At a minimum, the policy
should inform employees that their e-mail is subject to monitoring
by the employer, thus eliminating any expectation of privacy. In
addition, the policy should incorporate a form, to be signed and
returned to by the employee, consenting to such monitoring by the
employer. A policy containing these two elements should provide a
defense to actions brought under the theories of invasion of privacy,
the Wiretap Act and 4th Amendment searches and seizures.
B.
E-mail As Evidence.
1.
E-mail As Evidence In Discrimination And Harassment Cases.
E-mail communications, just like written interoffice memoranda, can be
used as evidence in employment lawsuits. For example, in a case that arose
in New York involving the Microsoft Corporation, a supervisor's
inappropriate, off-color comments made through e-mail were found to be
admissible in a sex discrimination case. See, Strauss v. Microsoft Corp.,
1995 U.S. Dis. LEXIS 7433 (1995).
The supervisor had sent e-mail messages to various employees in the office
which included referring to another woman in the office as the "spandex
queen"; an offer of $500 to a temporary receptionist if she would permitPage 7

7
him to call her "sweet Georgia Brown"; and a reference to himself as
president of the "amateur gynecology club." In all likelihood, these are not
the kind of comments that the supervisor would have made in a written
interoffice memo. He, apparently, thought that e-mail was somehow
different. It is not. Thus, the lesson to be learned from the Microsoft case
is that: if it is not appropriate for a written memo, it is not appropriate for
e-mail.
2.
Public Records Requests.
In the public sector, e-mail messages would fall within the broad definition
of "records" subject to inspection by the public § 19.32(2), Wis. Stats.
Accordingly, public sector employers should address the procedures to be
followed should a public records request seek e-mail information.
C.
E-mail As A Method of Harassment.
E-mail, of course, is nothing more than a high tech way in which to communicate
in the work place. Like other forms of communication, written or oral, harassing
comments made through the e-mail could expose an employer to liability as sexual
harassment. Thus, it may be advisable for employers to review their sexual
harassment policies to clarify that inappropriate "communication" includes e-mail.
It also should be noted that Wisconsin Act 353, which became effective June 7,
1996, prohibits the use of e-mail to frighten, intimidate, threaten, abuse or harass
another person. An effective e-mail policy, therefore, also should clarify that such
conduct is prohibited in the work place.
III.
The Internet in the Work Place.
Many employers are providing their employees with access to the powerful research tools
of the Internet. Through the use of the Internet, employees may be able to transmit
information to others via "bulletin boards" or "chat rooms." In addition, employees are
able to obtain and download information and images from the Internet. The following will
address some of the legal issues this technology may raise in the work place.Page 8

8
A.
Employer Liability For Impermissible Transmission Of Information.
Whether employers can be held liable for defamatory or other impermissible
statements made by employees through the employer's access to the Internet will,
of course, depend on the nature of the comments and the facts of each case. In
theory, however, there may be no reason to analyze the situations any differently
than if the employee's statements had been sent out on a postal letter bearing the
company's letterhead.
Employees need to be forewarned that the same discretion that they are expected
to use in any written communication also should apply to communication via the
Internet.
B.
Sexual Harassment.
Pornographic and sexual images are widely available on the Internet. These
images can be accessed by an employee and displayed upon the employee's
monitor. Conceivably, the display of such images on an employee's monitor could
give rise to a hostile environment sexual harassment claim.
At least one federal court has found that the display of pinups and pinup-type
calendars in the work place can give rise to a cause of action for sexual
harassment. Similarly, it is likely that the display of such images on a computer
monitor in the work place could give rise to a cause of action of this type.
Accordingly, this issue should be addressed in the employer's sexual harassment
policy and/or in the employer's computer use policy.
C.
Copyright Infringement Concerns.
Employers need to be mindful that software and other information that is
downloaded through the Internet may be subject to the copyright laws.
Downloading and using such information via the Internet is, realistically, no
different than using a photocopier to reproduce printed copyrighted material. This
similarity, however, often is not apparent to employees and, thus, should be
addressed in the company's computer use policy.
D.
Productivity Concerns.
Recent surveys suggest that most Web browsing is taking place using company
computer systems at the work place. In fact, America Online recently ran a
commercial where the employee says, "my boss thinks I'm working on my pc, but
actually, I'm goofing off on America Online." Personal use of the Internet during
working time can be tempting. Of course, issues raised by such personal usage are
no different than those that would arise from, for example, the personal use of thePage 9

9
telephone while at work. Nevertheless, an employer may want to address this
issue in its computer use policy.
IV.
Overview of Elements of a Computer use Policy.
As with most employment issues, the key to protecting the employer's interest is to
develop and enforce reasonable policies, in this case, computer use policies. These
policies can, and should, provide direction concerning acceptable use and should counter
expectations of users that differ the actual rules and guidelines under which the system is
operated.
One of the most important things a policy can do is to directly address an employee's
expectation of privacy in electronic communications. Such a policy will inform
employees, up-front, that their communications are not private, thereby eliminating any
expectation in privacy that they may have. This is but one element of a computer use
policy; other suggested elements are set forth below.
A.
E-mail Policy.
1.
Establish that e-mail is not private, and that the employer reserves the right
to monitor and access employees' e-mail.
2.
E-mail should not be used to send jokes or other comments that may be
discriminatory, harassing or offensive to others, or to send material that
defames an individual, company or business, or discloses personal
information without authorization.
3.
Limits should be placed on the personal use of e-mail. In any event,
employees should be reminded that their personal messages will not remain
private.
4.
Messages to and from, in-house and outside legal counsel should be
marked "Confidential Attorney/Client Privileged Communication."
5.
The policy should address the procedures for deletion of messages.
6.
The policy should address the issue of encryption.
7.
For public sector employees, the policy should address procedures to
follow in complying with a public records request.
8.
A consent form should accompany the policy, whereby the employee is,
again, notified that e-mail messages are not private. The form should state
that the employee is consenting to the monitoring and access of their e-
mail. It should contain a line for the employee's signature.Page 10

10
B.
Elements of an Internet Policy.
1.
The policy should address the personal use of the Internet. Depending on
the employer's culture, the policy may provide that excessive, personal use
of the Internet may lead to disciplinary action.
2.
Similar to the e-mail policy, the policy addressing the Internet should
inform employees that their use of the Internet may be monitored and, as
such, is not private.
3.
Employees should be put on notice, just as with the e-mail policy, that the
Internet is not to be used to harass, defame, etc.
4.
Consistent with the employer's policy on sexual harassment, employees
should be notified that they are not to display images of a sexual nature on
their monitors.
5.
The policy should inform employees that confidential and proprietary
information must not be transmitted over the Internet without prior
approval by the employer.
6.
Downloaded software and materials must be used and, if necessary,
purchased in accordance with United States copyright law.
V.
Conclusion.
The expanded use of computers in the workplace has presented employers with additional
legal concerns. These concerns, however, can be addressed effectively through reasonable
computer use policies. Because each employer's specific needs may differ, it is
recommended that you consult with legal counsel in preparing and enforcing such policies.