Developing an Effective Email Monitoring Policy

While email and the internet affectively revolutionized business, employees use them for some very unproductive purposes. Employers monitor employees’ email and internet usage for any number of legitimate reasons. However, beyond personal productivity issues, you risk significant loss should an employee download a virus or other damaging software or engage in illegal activity conducted on company computers.

Creating an Effective Email/Internet Policy

Many employees consider emails confidential, but you should dispel that myth by clearly communicating your organization’s policy on email/internet use. Your policy should:

  1. State the purpose of electronic mail. Explain clearly whether it is solely for business-related communication or if personal use is authorized.
  2. Forbid the use of any derogatory language in email transmissions, even as a joke.
  3. Prohibit the use of email for non-job-related solicitations or proselytizing.
  4. Make it clear that employees can’t have a private password. Although passwords don’t have to be known by other workers, an exhaustive list of passwords must be available to management.
  5. Inform employees that you reserve the right to inspect all email records and correspondence without advance notice.

Caution: Employees must follow all state and federal laws directly or indirectly relating to email and internet use. For example, employees may not violate copyright laws or download pirated software. Furthermore, if you allowed pornography to exist in the workplace, you’d be a prime target for a sexual harassment lawsuit. Likewise, allowing employees to send abusive or harassing email could land you in court.

Employee email creates the electronic equivalent of DNA evidence, yet only 34% of organizations have email retention policies in place. And if your employees work on their phones, you risk a million-dollar FLSA lawsuit.

Deleting Emails: The Legal Impact

Courts increasingly regard email as just another business document. Like many employers today, do you distribute important policy notices via email? Can employees ask about leave or update their benefits information by emailing the human resources department?

If so, you must have a policy in place for retaining a copy of those email communications. The EEOC requires you to keep such records for at least one year. It’s a good idea to print out your emails to and from employees and place a copy in their personnel files.

Before purging email or other electronic information, read it to determine whether or not it has any legal significance. Although you may wish that some emails had never been sent, deleting them may not be much help. Deletion may be seen by a court as intentional concealment or even destruction of evidence. It may be better to have a copy than to be presented with a copy during litigation.

From a practical point of view, an email you think you deleted from the system may be stored somewhere else. One of the senders or recipients may forward it to others or to herself at another email address.

Perhaps no case illustrates the potential trouble email causes better than the Enron debacle. Once the story of Enron’s collapse hit the media, it wasn’t long before emails between the company’s upper management and its accounting firm, Arthur Andersen, were made public. Conversations that, before the era of email, company officials would have conducted via phone (and thus not recorded for posterity) were memorialized in a series of damning emails.

Recommendation: Although email is convenient, some things are best left to the phone. What you haven’t written down doesn’t have to be deleted.