Recent pieces of legislation have confused employees and employers alike because of their conflicting issues. How can employers negotiate their way around this legal minefield and maintain a healthy working environment? Where do they stand in the eyes of the law?
UK companies have been the victims of the current confusion surrounding the plethora of e-legislation and Acts relating to email and internet usage at work. Recent legislation has confused employees and employers alike because of their conflicting issues.
With some laws designed to protect companies and others to defend employees, it is the ambiguity of legislation that baffles most companies. As the issues behind email legislation become more complex, employers are finding it an increasing battle to install effective guidelines for their employees.
Employees are questioning organisations' rights to monitor their use of email and the internet, while companies are required to do so in order to meet the requirements of the Regulation of Investigatory Powers Act.
This fear has arisen, in part, due to a lack of direct communication and uneasiness about individual rights.
Many organisations can appreciate both the threats that email and internet usage pose, while also seeing the benefits they can bring; but where do companies draw the line?
Profanities, illegal messaging and security threats are an issue for the employer. The RIP Act obliges companies to monitor for any criminal activity for which they can be named accountable. This is in stark contrast to the Human Rights Act that empowers the individuals against loss of privacy.
Organisations need to put in place an email and internet usage policy, educate their staff about the policy and enforce it across the company.
The Data Protection Act deems that organisations can be found liable if network security is breached and personal information stolen. Although the legislation came into effect in March last year, the initial period for implementation ends on 23 October 2001.
In some circumstances, where paper records have been held since before 24 October 1998, a further transitional period of six years may apply.
The Information Commissioner issued draft guidelines on this subject, which said such monitoring should only take place if there is suspicion of activity that is criminal or contravenes conditions of employment.
Again, in direct conflict with this is the Human Rights Act, which protects the right of the individual to privacy. The outcome of this is that organisations fear being sued.
The Norton Rose media fiasco, where an employee was disciplined for circulating accounts of his sexual prowess, is still simmering in the back of most of our minds. Well-known institutions, including Citibank and Morgan Stanley, have also faced legal action from disgruntled employees who have been racially or sexually harassed by content contained in emails.
These occurrences highlight the need for action, and responsibility by organisations to educate their staff.
The answer to this complex situation is policy and education. Organisations need to install a policy that employees understand. It is imperative to remember the three E's when it comes to email and web policy - establish, educate and enforce.
Once a clear internet and email policy has been established, organisations must then educate their staff. Much email and internet misuse can be prevented, by explaining the risks and liability involved to individuals and the organisation.
This policy then needs to be enforced consistently, using content security software to detect and quarantine potentially "banned" content. Consistency is important to ensure that employers do not run the risk of individuals being unfairly singled out, giving rise to a new set of problems.
Education is the key. All organisations need to 'establish' a clear internet and email policy detailing, for example, which users can surf the net, and when, and what is considered inappropriate content.
For those who like to continually surf through 'cyberspace', organisations need to inform employees that this is definitely not accepted. They should then 'educate' their employees about the policy: ensure they understand the it and obtain their consent. The risks involved should be made quite clear, with an emphasis on the need to protect individuals and the organisation.
With a sound and robust policy in place, thoughts of litigation are erased, and the board can get back to worrying about making profit and increasing revenues.
Astronomers studying first-ever reported merger of two neutron stars claim to have detect light and gravitational waves
Allen died from complications of non-Hodgkin's lymphoma
Stanford researchers made the discovery via data from Greenland
Created via a thin, flexible, and transparent hierarchical nanocomposite film