Developments in electronic communications over the past fifteen years, and the attendant changes they have brought to the work environment, are staggering. In the United States alone, industry analysts estimate that more than 122 million people have access to the Internet at work. This number is predicted to rise as high as 272 million by 2004. Like many advances, however, the Internet can be both a tremendous asset and a destructive force.
"Cruising the net" has become a 9-to-5 hobby for many employees. Surveys show that as many as 35% of employees with Internet access regularly surf recreational sites during office hours, often for up to five hours per day. Top Internet distractions include news sites, shopping, and, perhaps most disconcerting for employers, job hunting. True net-surfers can even find custom-designed, self-proclaimed cyberslacking Web sites where visitors will find distractions ranging from games to chat rooms to advice from "expert" cyberslackers on how best to surf the Internet at work without being caught. The Internet also offers disgruntled employees the perfect forum to air complaints and/or anonymously post false statements about their companies over the Internet. And perhaps most harmful, employees can use the Internet to disseminate truthful information about an employer that is nonetheless very harmful such as public disclosures of company trade secrets or other proprietary information.
An employer's most effective tool against inappropriate computer use and abuse is a comprehensive and uniformly distributed electronic communications policy. Such policies, if properly drafted, clearly define the employer's property interest in both computer equipment and all of the uses to which that equipment is put, educate employees about appropriate guidelines for computer use, and diminish any expectation of privacy that an employee might otherwise have regarding electronic communications. The policy should also be broad enough to encompass more than simply Internet abuse.
Like any employment policy, an electronic communications policy should be drafted with an eye toward each individual employer's unique needs, resources, and corporate culture. At a minimum, however, an Internet policy should contain provisions to address the following:
Ownership of Equipment and Messages. A policy should clearly state that all equipment is owned by the company and is to be used primarily for company business. This is particularly important for employers who provide laptop computers to employees.
Use of System. Employees should be told whether company computers are to be used for business purposes only, or whether they may engage in incidental personal use. If the latter, the policy should also set forth any clear limitations the employer wishes to make upon personal use (e.g., restricted to nonwork hours, restricted to a certain number of hours per month). Employees should also be informed of any restrictions on use the employer wishes to impose (e.g., prohibitions on uploading or downloading of confidential or proprietary materials, prohibiting use of company computers to obtain pornographic or offensive materials, prohibition on access to gambling sites).
Restrictions on Content. The policy should also set forth any express limitations on message content that the employer wishes to impose (e.g., no creation or distribution of chain letters, no solicitations or advertisements for non-company purposes, no searching for other employment). It is particularly important that the policy expressly prohibit use of company computers to create or transmit harassing or defamatory materials or materials that are sexually explicit.
Security. Employees should be told that they may not engage in activities that could jeopardize the security of the employer's computer systems. In particular, employees should be prohibited from disclosing their passwords to others, using or disclosing anyone else's system password, or enabling unauthorized persons to access the company's computer systems.
Employer's Right to Monitor. The policy should expressly reserve to the employer the right to monitor any and all employee use of the company's computer systems. The policy should also remind employees that they have no expectation of privacy in any personal or work messages that they may create or receive using company computer systems.
Consequences of Violating Policy. Employees should be informed that violation of the policy could result in disciplinary action, up to and including discharge. They should also be made aware that they may be held personally responsible for their actions on the Internet.
Acceptance and Consent to Monitoring. Each employee should be required to sign the policy, acknowledging that he or she has read the policy, agrees to abide by its terms, and consents to any and all company monitoring consistent with the policy.
Like any employment policy, an Electronic Communications Policy is useless if employees are not aware that it exists. At implementation, your policy must be uniformly distributed to all employees to whom it applies and, when new employees join, made a part of their initial package of employment records and policies. It is also a good idea to remind employees of the existence and terms of the policy on a regular basis.
If you need more information on Internet policies, please call your Warner Norcross & Judd attorney or Andrea Bernard at 616.752.2199.