As Internet stretches the office, employees may lose privacy
Monday, November 26, 2001
Borrow a pen from work to write a love letter, and all you might get is a frigid rejection. Borrow the company's e-mail system to compose that same letter, and you could get fired.
Getting in trouble is becoming much easier as the workplace stretches beyond the walls of the office building.
"Everywhere is a workplace today," said Lewis Maltby, president of the National Workrights Institute in Princeton, N.J. "We've always allowed employers to do virtually anything they want, and the harm was limited to the office from 9 to 5. Today, employers could monitor you 24 hours a day."
Courts will be asked to draw boundaries over the next year or two as telecommuting continues to grow, predicts Washington employment lawyer Frank Morris.
About 28 million Americans, or one in five employees, work outside the office for all or part of the workweek, according to the International Telework Association and Council. Countless others check work-related e-mail or Web sites after dinner or on vacation.
If past court cases on office conduct offer any guidance, what employees do or say outside the office could come back to haunt them.
A third of workers monitored
The Privacy Foundation at the University of Denver estimates that more than a third of the U.S. workforce with access to the Internet have their e-mail messages and Web surfing regularly monitored by their employers.
Software can record Web sites visited or keystrokes typed, and companies often keep copies of messages that course their e-mail servers, whether they are sent from home or from work.
"I think employees, anytime they are interfacing with the office or office equipment, should have the operating assumption they do not have privacy rights," said Michael R. Littenberg, a New York attorney.
Employees may be interacting without realizing it.
They may mistakenly believe that personal e-mail accounts, like Hotmail, stay private when checked from work. But software sniffers can pick up messages as they travel unencrypted through company networks.
Outside the office, employees may use a company-issued laptop or access the company network from a home computer. Or perhaps the employer reimburses the worker for online access at home or subsidizes the purchase of the home PC.
In suburban Atlanta, a police officer lost his job after sending an e-mail advocating the killing of millions of Arabs. Though he used an e-mail account and a mailing list that was unaffiliated with any law enforcement agency, the message in question identified his employer.
In a case involving Texas' open-records law, Arlington Councilwoman Julia Burgen was forced to disclose city-related messages on her personal e-mail account because she had listed it on a business card. The city is appealing the ruling by the Texas attorney general's office.
"I paid for it myself ... so I just felt it was pretty egregious," Burgen said. "Citizens who had e-mailed to me were not really aware that what they sent to me were subject to the public reading it."
The city has since given council members official e-mail addresses and laptops. Assistant City Attorney Don King Jr. said Arlington is now discouraging its municipal workers from doing business on home computers.
"They treat e-mail as if it were the telephone," King said. "But when it was a telephone you didn't have to worry about this. There was no retrievable record."
Scores of employees at The New York Times, The Dow Chemical Co., Xerox Corp. and other companies have been fired for Internet use deemed inappropriate.
Courts have generally sided with employers who monitor or discipline employees over Internet use in the office, finding that companies' interest in managing their equipment outweighs any employee expectation of privacy.
Employment lawyers say courts may apply similar standards for Internet use outside the office -- as long as there is some work connection, such as dialing into a company network.
Companies have legitimate concerns, said Mark Dichter, a Philadelphia lawyer. He said businesses could be liable for providing resources to send racist jokes, download pornography or make sexual advances on a co-worker.
Others note that message board postings can affect stock prices or disclose trade secrets. Even the innocent love letter could be deemed a drain on resources and productivity.
Like using company cars
Andrew Meyer of Websense Inc., which makes software for companies to manage Internet use, compares worker restrictions on company networks to rules for using company cars.
Companies are getting wiser about spelling out the Internet do's and don'ts ahead of time, Meyer said. Often, policies will restrict personal use and disclose that workers are subject to monitoring.
But not all have gotten around to issuing policies, said David Sobel, legal counsel with the Electronic Privacy Information Center. He is concerned because many Internet users know little about the technology.
"There are still many people who believe that when they delete an e-mail message, it is gone from the system. But that frequently isn't true," Sobel said. "Most users ... believe they have a much higher degree of control over their communications than they actually have."
That is particularly so at home.
"The assumption is your home is your castle," said David Greenfield, director of the Center for Internet Studies. "But when it comes to electronic communications, your castle has now been penetrated."