Under Surveillance
- Article 4 of 77
- Information Age, January 2001
How can organisations monitor employees' Internet and email activities for abuse, without infringing their right to privacy?
Page 1 | Page 2 | Page 3 | Page 4 | All 4 Pages
Mention email monitoring to many employees, and talk of Big Brother and police states often follows. When the UK Parliament passed the Regulation of Investigatory Powers Act (RIP) in October 2000, giving employers limited rights of surveillance of their workforce, protesters claimed it was “a bleak day for privacy in Britain.”
Yet many organisations have legitimate reasons for monitoring employees. These can range from simply wanting to be sure of the facts before accusing an employee of misconduct, to preventing corporate secrets from leaking out.
According to London-based security software company Peapod, 38% of large British companies already review email messages. A survey published by employment research specialist Industrial Relations Services puts the figure even higher. It suggests 77% of employers now routinely check to see what web sites employees are visiting, with emails being monitored by 55% of employers. Much of the time, their motives for monitoring employee activity are clear and valid.
Market analyst IDC reports that companies can lose up to B#3 million a year in wasted time and bandwidth from employees surfing the web. And a study conducted by Professor Helen Petric of the University of Hertfordshire found that just 1.8% of employee respondents claimed to use email solely for legitimate company business.
Steve Donovan, a director of UK-based voice and data systems integration specialists, Armstrong Communications, freely admits to monitoring what his workforce is doing on the Internet. He says he has to know what is happening online to protect his business.
“Do I spend 90% of my time looking at my PC, checking up on my staff? No, I'm too busy,” he maintains. “But if I want to know if I've got a problem with a member of my staff, it means I can go back and check what they were doing online. If I need to discipline someone, I need to know all the facts if I'm going to do it competently.”
More serious than simple time-wasting, though, are security threats. With two-thirds of organisations in the UK having suffered virus, worm, or 'Trojan'-related problems over the past year, security is about protecting both employer and employee, says Jonathan Tait, European marketing manager at security software vendor, Content Technologies, which was recently acquired by rival Baltimore Technologies. “[Security software] protects the company's name and its brand, and protects it from ending up in court,” he says. “We're not monitoring what people are doing. We're scanning for specific threats within emails and Internet access.”
For one thing, employers are legally liable for what is published by their employees. This is why many businesses put a disclaimer at the bottom of emails. Email is a written communication, and is subject to the laws of libel. “It is also worth bearing in mind that emails often contain copyright information,” says David Shepherd, editor of the Industrial Relations Services' Employment Trends bulletin, “and also that email is as secure as a postcard: stored on a server, and constantly misrouted.”
When investment management company Gartmore was bought by the NatWest, its new parent company merged it with NatWest Investment and the merging of the two companies' IT systems gave all of Gartmore's employees Internet access.
Initially, groupware infrastructure manager Trevor Palmer believed the biggest threat would come from viruses. But the first problem came from another company about a joke it had received by email from a member of staff at Gartmore. After an investigation, Palmer discovered that the email was a personal message that had been sent to the right company - but the wrong person.
Page 1 | Page 2 | Page 3 | Page 4 | All 4 Pages