Renfrewshire Council is the latest employer to hit the headlines over computer misuse, with the dismissal of nine employees for inappropriate e-mail use.
There is no doubt that using the internet and e-mail for personal use is common practice for many office staff. But when should employers draw the line?
Time wasted surfing the web looking for holidays is one issue. But viewing or e-mailing inappropriate material has huge legal ramifications for both employers and employees. Staff are not only putting their jobs at risk, but if the material they are viewing is illegal, they may also be reported to the police by their employers.
Where employees are viewing online pornographic or racist material at work, other employees exposed to this may bring claims for sex or race discrimination against their employer. “Many an explicit or offensive email has been used as evidence in employment tribunal proceedings,” says Tom Potbury, associate at Pinsent Masons Employment Group.
If employees feel they have suffered loss or harm as a result of being exposed to this material, they can also push for further compensation from their employer.
To prevent abuse, common sense says that employers should monitor employees’ use of e-mail and the internet. But there are strict rules regarding how employers do this. “Unlawful monitoring or interception of communications is a criminal offence.
“There is a limited right to monitor business communications [under the Lawful Business Practices Regulations] but the Information Commissioner, who implements the Data Protection Act, has set out guidance for employers on how to carry this out,” explains Potbury.
Employers can also be at risk of breaching the Data Protection Act if personal data about customers or employees is disclosed externally. “The biggest risk of unlawful disclosure doesn’t come from hackers, or system failure, but from employees negligently, or wilfully, passing data outside the organisation. It is the employer’s responsibility to stop that happening,” says Potbury.
The first step is to get a policy in place, says Ben Willmott, employee relations adviser at the CIPD. “Make clear what the organisation’s approach is to internet use and if you are monitoring, ensure it complies with the Data Protection Act,” he says.
“Policies need to be very well communicated so employees understand the disciplinary actions that will be taken against them if the rules are breached,” Willmott adds.
Staff also need to understand the business reasons for implementing these rules or they may resent them. “They should be assured that you are not taking a ‘big brother’ approach or employees will presume you don’t trust them. Our research has found that monitoring staff can give them a negative perception of their employer,” he warns.
Installing specialist software can help by denying access to inappropriate sites. Frank Coggrave, UK regional director of internet security provider Websense, says: “HR needs to offer solutions that allow reasonable access without causing offence or distress.
“Implementing and enforcing an employee internet management software product enables employers to ‘block’ times when personal surfing is permitted, while eliminating internet abuse.”
Unfair dismissal claims have been won by employees claiming they were unaware of an internet policy, so Potbury advises giving the policy to all employees at the start of their employment and obtaining their signatures to acknowledge they have received it.
“A policy is unlikely to provide employers with a defence in legal proceedings if it gathered dust in a cupboard or was seen only be employees who actively sought it out,” he adds.