Employees don't just use the Internet to get sports scores and play games anymore. Their medical records and financial information are readily available online, and while employees may use the Internet at work to confirm their cholesterol test results or verify that their direct deposits went through, others might use it for more nefarious purposes.
But even if workers' online use is completely innocent, employers need to guard themselves against claims of invasion of privacy and discrimination, according to experts.
Every company needs an acceptable use policy that clearly alerts employees that their electronic communications and activity are not private, legal experts agree. As Phillip Matlin, a partner at Los Angeles-based law firm Gordon & Rees, emailed me: "The business may monitor everything the worker does on the business's computer as long as the employer publishes and circulates a clear policy alerting employees that computer and Internet use are not private."
This policy protects the employer if an employee's Internet use is not so innocent, such as if an employee is accessing someone else's personal financial information, he added. In fact, employees should consider everything owned by corporate, says Elliot Lasson, adjunct professor of Employment Law at the University of Baltimore. "Generally speaking, anything that an employee does while on-the-clock on a company work station is property of the company."
However, not all employees know this or expect it, which is why companies must have an acceptable use policy and get employees to sign it.
Employers need to be as explicit as possible regarding the use of company equipment, Charles Krugel, a management-side labor and employment attorney based in Chicago, told me. They also need to specify that if employees still use the company's resources for personal use, there is no guarantee of privacy, and they do so at their own risk, he notes.
Resources also include company-owned WiFi networks, which Krugel says create their own issues when employees connect their personal devices: "You end up with the issue of whether or not it's a secured network." Within their policies, employers need to state that the network may not be secure for personal purposes.
Then employers need to enforce these policies consistently to avoid problems, says Krugel. "If you're an employer who is worried about protecting yourself from legal liability or exposure, consistency will be key, especially when it comes to electronic communication."
That consistency will help companies in the courtroom if an employee ever brings a privacy invasion or discrimination lawsuit.
Still, even if companies have ironclad policies in place, there are always employees who will disregard them. In addition to disciplining employees, Alix Rubin, an employment lawyer based in West Caldwell, N.J., advises companies to stop tracking data immediately once they notice an employee is accessing sensitive personal or financial information from a company-owned computer.
“In addition, the person conducting the monitoring should not be the employee's supervisor or anyone in the employee's chain of command who has the authority to alter the employee's terms and conditions of employment,” Rubin cautions. This helps companies avoid discrimination lawsuits.
In the end, a comprehensive written policy will help protect companies -- but make sure your attorneys have vetted the document before you turn it over to employees.
How comprehensive is your Internet use policy? Have you had problems with employees accessing sensitive data on company time?
— Christine Parizo is a freelance writer specializing in business and technology.
Look at the flip side. With BYOD you could do a lot work on the go and you might not necessarily be confined to the office space for your work.
Using web based applications will solve the issue of wiping the phone if it is lost. If the corporate data is being kept on the web wiping the phone might not be required.
I'm with you on that. I too keep a lot of things on my phone that I would not want to lose. But, as a precaution, I also use the Cloud backup that Apple provides with the iPhone and keep all pictures backed up on my computer. The one beauty of the iPhone is how easy it is to restore it if something happens.
Jason, that's a good policy. I'm rather anti-BYOD for that reason - what if my phone (full of quirky kid and pet pics and craft snapshots) were wiped, then I found it under my bed or something with a dead battery? Or I decided to download a banking app to check my balance or pay bills? Too many risks to my personal device, I say...
@cparizo, good question and although it wasn't directed towards me, I'd like to share my experience :). Anytime a device is used for work purposes, even if it's BYOD, we have a form that needs to be filled out and signed basically stating that they agree that we have the right to that data and if something were to happen, we also have the right to wipe the device clean. If they don't like it then we'll issue a phone to them. This also applies to laptops, of course.
That's a good point, @Mitch. What do you do with BYOD, or with telecommuters? Or even people who work from home on occasion, using their personal devices that are set up to access the company network?
DrT - The same question occurred to me -- how does BYOD affect these issues? What if an employee accesses personal information on a personal device used also for work, with employer's software on it?
And what about remote and home-office workers, who will use a mix of corporate and personally owned equipment. (For example, my employer here at Internet Evolution provides the notebook computer, but the keyboard, mouse, display, Wi-Fi router and Internet connection are all mine.)
Acceptable Use Policy is one thing but now that we have to embrace BYOD, we know one thing for sure, this concept will get more complex. Employees would accept privacy in their own devices, it will not be like employers will be able to enforce everything they need. Separation of business app/data and personal app/data will play a key role in finding a right solution.
It would be really nice if everyone did the right thing... but they don't, unfortunately. Sometimes an employee has to verify a doctor's appointment or a bank deposit, but why that can't happen over the phone on a lunch hour is anyone's guess. (Really, it's not that hard to find a quiet space during lunch, coming from someone who worked in what felt like a zoo. Stairwells are nice and quiet. Dirty, but quiet.) It's just how this day and age is...
In our firm, most social networks are blocked. I agree with this decision, because it doesn't really do anyone much good if the employees are posting on Facebook or checking status updates during work hours. I think the periodical agreement policy pop-ups and reminders are a good idea on the side of the company; it's like their insurance in the future if ever an issue ensues and cases have to be settled.
Good suggestion, Christine. Along with the comprehensive written agreement, I'd go for a virtual one as well.
Do you really think employees will consider these policies while bringing any privacy invasion or while using the company's internet for some personal work??
i don't think so, because signing the policies has now become a formality rather than an oath as employees do not have any other option except to accept the terms and conditions of a company.
so if companies want to be more secure they have to take some major steps rather than just presenting a policy infront of an employee at the time of hiring.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Last week's official US release of the BlackBerry Z10, the BlackBerry 10 touchscreen device, on the AT&T network marked the official entry of BlackBerry as a player in the formidable US smartphone market. While most consumers may not be swayed from their shiny, sleek iPhones and Android devices, businesses may still have a compelling reason to deploy BlackBerry 10. However, BlackBerry needs to do a few things before businesses will jump on the bandwagon, including opening up their management API and luring consumers to their device.
Whenever I whip out my BlackBerry Bold in public, someone will undoubtedly say, "Oh, how cute. You still use a BlackBerry." Yes, I do, and I'll use it until the day I die.
As legacy applications outlive their usefulness, companies look toward the cloud for maximum efficiency and minimum expense. But nothing is as simple or easy as just “moving to the cloud.” Legacy applications need to be modernized, and data has to be migrated. It’s the kind of headache that makes any seasoned IT pro reach for the coffee maker -- and a fistful of Advil.
More companies are trolling social networks to find and vet potential job candidates. Beware the pitfalls of blurring the line between personal and professional lives.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The Murdoch/News International scandal has all the elements of the digital age, from phone-hacking through embarrassing emails to agile digital reporting.
The plan for unmanned police drones to patrol traffic and other city conditions in Seattle has sparked a new set of legal concerns about privacy. Law traditionally lags technology, but we can expect now to see a new round of activity in the courts as legal definitions begin to emerge on what "next-gen privacy" will look like.
The quest for Webpage clicks and ad impressions is creating a market for sensational truths and lies in equal measure. How are we going to get to the bottom of any real issue online – like what's really going on with Carrier IQ, for example – if we can't separate hype from reality?
Cheaper, consumer-grade mobile devices are allowing SMBs to capitalize on Internet mobile communications and are replacing more ruggedized devices in industrial applications for companies of all sizes. Cost is one factor. Comfort is another.
Big-data and analytics tools enable marketers to understand customers as individuals, identifying unmet needs and addressing each customer as a "segment of one," says John Kennedy, VP corporate marketing, IBM.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The IBM Smarter Commerce Global Summit in Monaco kicked into high gear today, and we've already begun to see news emerging from that lovely city-state by the sea.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
Email This
