EP Award Promo

E-mail snooping becoming the norm


Government regulations, high-profile lawsuits and increasingly technology-driven offices have forced companies to take another look at their e-mail and Internet policies, and in many cases resort to software to help keep an eye on employees and their online habits.

“More than anything, it’s just a strong component of our ethical practices that we have as an organization, and it just promotes strong business practices and a safe environment for our employees,” said Desiree Fletcher-Hayes, a spokeswoman for Des Moines-based Pioneer Hi-Bred International Inc., adding that the company tries to create a balance between respecting employees and handling the business.

Helen Adams, a shareholder at Dickinson, Mackaman, Tyler & Hagan P.C., said companies look to monitoring software to address a variety of issues, from protecting proprietary information to curtailing sexual harassment and discrimination. But few are taking a “Big Brother” approach, and most are very candid with employees about the possibility that their computer could be monitored.

“Most companies don’t want to hide this from their employees,” Adams said. “They want employees to know upfront that this is what is acceptable. They would prefer employees abide by it than have to discipline them.”

Principal Financial Group Inc.’s employee handbook states that the company’s e-mail system and Internet access “are business property and should be used for authorized purposes only. The company reserves the right to monitor all electronic messages and Internet use.” Principal spokeswoman Rhonda Clark-Leyda said there needs to be cause for an employee’s e-mail or Internet to be monitored.

Though no Iowa statute requires companies to inform employees that they are being monitored, Adams said most businesses are upfront about the practice in their statements of company policies to prevent claims from employees that they had a reasonable expectation of privacy.

Steve Brown, product marketing manager for Palisade Systems Inc., an Ames-based provider of network management and security software, said the demand for monitoring systems has been particularly prevalent in industries such as health care, banking and insurance, where government-imposed regulations have emphasized issues regarding private client and patient information.

“Congress has enacted laws, whether it’s Sarbanes-Oxley or HIPAA or Gramm-Leach-Bliley, and that places regulatory burdens on companies to ensure the privacy and safety of records,” Brown said. “Because of that, there’s a need to make sure that things such as Social Security numbers aren’t being sent out willy-nilly over e-mail just because that’s the easiest thing to do, which it is, but it isn’t appropriate.

“You can’t guarantee a person’s privacy when those measures aren’t in place.”

Palisade Systems recently installed a monitoring system in an insurance company in the South, and within hours the system found that two Social Security numbers had been sent out electronically, in one instance through an instant message.

“Most of the time, people are not doing these things maliciously,” Brown said “It’s more a matter of education. It’s not that you filter the e-mails, but you also have to have education of employees so they know what’s acceptable and what’s not. You couple our appliances with teaching people and then you’ll have an effective solution.”

Education is a key component to Pioneer’s acceptable-use policy. The company has taken a pro-active approach through a Web-based training program that includes modules on e-mail and careful communication.

“This is an area that we take very seriously for the benefit of our business, our customers and our employees, and the pro-active tools speak to our commitment that these resources are used appropriately,” Fletcher-Hayes said.

Adams said that in addition to providing training and education, it is important for employers to consistently review their policies and update them to ensure that their rules cover new types of technology.

She said in the past five years, companies have increased their use of monitoring systems, as employees become more familiar with technology. There have also been several high-profile cases in which e-mails have served as key evidence against companies such as Enron Corp.

“There’s a lot of demand for these solutions, and it’s a race that a lot of companies are willing to enter,” Brown said.

Somebody’s watching

The Boeing Co. fired CEO Harry Stonecipher last month after learning that he was having an affair with a female employee, which was discovered through a tip from an employee and a bit of e-mail snooping. What appeared to be just another entry to the growing list of corporate scandals served as evidence to companies that even those highest up the company ladder are not immune to e-mail snooping.

According to a 2004 survey by the American Management Association, 60 percent of the 840 companies surveyed said they used some type of software to monitor employees’ incoming and outgoing e-mail, up from 47 percent in 2001. Twenty-seven percent also monitor internal e-mail.

“I think employees need to err on the side of caution if there’s any question that the risk to your career is too great,” said Helen Adams, an attorney with Dickinson, Mackaman, Tyler & Hagan P.C.

mercyone web 070123 300x250