Email monitoring code finally arrives

After three years in the making, the Information Commission has finally produced its guidelines on how firms can legally monitor staff emails.

As anticipated, employers will have the right to monitor staff emails, provided that employees have been warned that monitoring is taking place, and that the reasons for monitoring have been explained.

The advice is issued in the third part of the Employment Practices Data Protection Code - Monitoring at Work, released today.

The code of practice covers a range of surveillance activities including opening emails or voicemail, checking internet usage, and recording with CCTV cameras.

But it also warns businesses that the covert monitoring of employees is unlikely to be permissible, unless it is done in response to a request from a law enforcement agency.

Sandra Kilbourne, commercial technology solicitor at law firm Tarlo Lyons, explained that the code sets out benchmarks allowing employers to check whether monitoring is necessary.

"Employers will welcome the guide," she said. "It can be used to ensure that existing policies are revised, or new ones drawn up, in line with best practice."

Complex legal considerations have delayed the publication of the code, which were necessary to make sure that any advice was easy to understand, according to Information Commissioner Richard Thomas (pictured).

"Monitoring at work is a complex area, but we have now managed to provide simple and straightforward guidance to all types of employers," he said in a statement.

The code was first mooted in late 2000 after concerns about staff monitoring.

The Regulation of Investigatory Powers Act paved the way for widespread monitoring of staff communications, but the Data Protection Commission warned that this had to be done in a "fair and proportionate manner".

Guidelines were subsequently promised, and have undergone many changes and revisions since then.

Responses to a public consultation persuaded the Information Commission to deliver its verdict in four parts. The third part, dealing with workplace monitoring, was expected by the end of last year.

Following the appointment of Thomas last November, publication was delayed again, giving him time to conduct a review.

One point on which Thomas insisted was that a separate guide should be issued for small businesses.