1-877-CMPTRHELP
Forensics: Text messaging privacy
FindLaw has posted a list of DOs and DON’Ts for
employers who want to protect themselves from potential liability from
employee abuse of information assets while providing reasonable and
appropriate privacy for their employees. I summarized the list, adding cell
phone use.
·
Provide all employees with training about the best and most
efficient use of company-owned electronic services.
·
Make rules about electronic services use
·
Prohibit access to pornography
·
Prohibit access to Internet sites or the use of messaging services
in a way that might create a hostile work environment
·
Prohibit or limit personal use of company-owned electronic
services
·
Create a clear policy and make all employees aware of its content
and the possible sanctions if the policy is violated-include clear
statements about the organization’s position on privacy and it’s right to
search employee work areas when abuse or illegal activity is suspected
·
Don’t spy on your employees-monitor for abuse only
·
Make sure your employees know why they have Internet access–it’s a
business tool
Dos and Don'ts: Workplace Internet and E-Mail
So, everyone at your company now has access to the
Internet and e-mail. Great! Now make sure it stays that way, by following a
few simple "DOs and DON'Ts."
THE DOs
DO provide all employees with training about the best
and most efficient use of e-mail and Internet searching-you want to get the
most out of your investment.
DO make rules about Internet and e-mail use-prohibit or
limit personal Internet use and e-mail correspondence, for example. A clear,
written policy will go a long way toward preventing abuses.
DO educate employees about sharing financial or credit
information only at secure sites.
DO make sure your employees know why they have Internet
access-it should become a tool to do their jobs better, not a hindrance or a
distraction.
DO create good policies and procedures both for
retaining important documents and for destroying outdated or sensitive data.
DO designate an employee or a department to be in
charge of technical problems with the Internet-your employees shouldn't
waste their time trying to fix problems they aren't trained to fix.
DO protect confidential and sensitive e-mail content by
managing your in- and out-boxes or by installing encryption software.
THE DON'Ts
DON'T allow electronic mail to replace written
memoranda about important issues or face-to-face meetings with your staff.
DON'T spy on your employees-give them passwords and
respect their privacy. But make sure they know that their computers,
including the contents, belong to the company.
DON'T let an e-mail virus destroy your data. Make sure
there is a system for monitoring such viruses, and keep critical data backed
up or duplicated.
DON'T allow employees to access pornography or other
offensive material at work-you are responsible if a hostile work environment
results.
Article:
A recent U.S. Federal court ruling seems to prohibit
employer access to employee text message content. But that’s not entirely
true.
——————————————————————————————————————-
The courts have consistently upheld the rights of
business owners to access information stored on company-owned information
assets, including email and other messaging media. Although there were
limits, like restricting data retrieval to items actually related to
business transactions or relevant to an ongoing investigation, managers had
a pretty free hand during internal investigations. Now, however, a U.S.
Federal court seems to have placed messages sent via contracted services
within the scope of employee expectation of privacy.
A ruling by a three-judge panel in the U.S. Ninth
Circuit Court of Appeals has established new privacy rights for employees
who use employer-issued cell phones, pagers and computers to send personal
text messages.
The judges upheld the verdict in Quon v. Arch Wireless,
which determined that if an employer contracts with an outside provider for
messaging — as most do — it does not have the right to ask the service
provider for transcripts of the text messages employees send out. The same
concept can be applied to e-mail communications if the employer outsources
that service instead of maintaining it on an internal server.
Source:
Workplace Text-Messaging Ruling Wows Privacy Advocates, Erika Morphy,
TechNewsWorld, 20 June 2008
So what does this ruling mean to managers in other
jurisdictions? The answer: not much… yet. And just what impact will it
actually have when an employer needs access to message content when an
employee is suspected of illegal activity or of violating one or more
company policies? The answer: it depends.
The court decision covered the disclosure of content by
the service provider. If the employer simply explores content on the phone
itself, and if the company has a documented policy stating that all content
on company-owned devices is subject to review, there doesn’t appear to be a
problem. This would be the same as forensics analysis of desktop and laptop
systems, regularly upheld by the U.S. judiciary.
If an employer believes text messages stored by a
service provider should be available for review, he or she should take steps
to ensure access BEFORE issuing a phone to an employee. According to Littler
Mendelson P.C.,
…employers who think they may want to review their
employees’ text messages need only condition payment for the cell phone, or
for the service, on the employee’s giving written consent to the provider to
disclose text messages to the employer; employees who don’t give consent and
wish to keep their text messages private would have to pay for the service
out of their own pocket. How many employees will be willing to pay $100 or
more monthly to be able to send dirty text messages (especially with gas at
$4 per gallon)?
Source:
Quon Ruling Not a Significant Obstacle to Employers’ Accessing Text Messages,
Philip Gordon, Workplace Privacy Blog, 20 June 2008.