By Staff Writer E-Commerce Times
10/10/03 4:07 AM PT
Reich noted that in the United States, there is officially no expectation of privacy once employees have been put on notice and have signed a document indicating they know about their employer's monitoring policy.
Last month at the International Business Law Services (IBLS) Strategic Global Summit for E-Commerce, Pauline Reich, an associate professor at Waseda University School of Law in Tokyo, Japan, gave a speech entitled "Legal Issues: Internet and E-mail in the Workplace." Reich is also a well-known expert in the areas of cyberlaw and Internet-based legal, business and government research.
During her talk, Reich explored the worldwide evolution of procedures governing Internet use in the workplace and discussed the factors managers need to consider when instituting an Internet and e-mail policy.
She emphasized that establishing such a policy is essential and that setting forth guidelines for everyone -- including on-site employees, telecommuters, temps, consultants and independent contractors -- can avert a host of disasters, from basic liability to leaks of company secrets.
Reich spoke with the E-Commerce Times recently about some of the topics she discussed during her lecture.
Balancing Act
"We do know employers are firing people for the misuse of the Internet and e-mail, and we do know that employees think that they're not being noticed and they're doing all kinds of things during working time," Reich said. "At the same time, employers need productivity" from their employees.
"That's one balancing act: privacy vs. the employer's interest," she noted.
Reich reiterated that employers should publish their Internet use policy in handbooks, make sure new employees sign a document acknowledging they have received the policy, and periodically remind employees of the policy. She even suggested posting the policy on screensavers and other novel means of notification to refresh their memories.
In addition to employer concerns, such as liability, government interest in national security has come to the forefront as a catalyst for employee monitoring, Reich said.
"The government may come to an employer and say, 'We need to monitor,'" she explained. "So, when do you allow the government [for example] to do it, or can the government do it without your knowledge? Do you only monitor where you have probable cause?"
Purpose in Monitoring
In other words, the question evolves into, do you have a purpose in your monitoring? Is it reasonable to monitor an employee's Internet use if doing so is only a little intrusive -- no more than the amount necessary for the employer or government to determine whether employees are hacking, stealing trade secrets or engaging in mailbombing (a tactic that involves sending thousands of e-mails to clog a network) or other cybersmear tactics?
"I think a reasonable approach is better than just 'Big Brother' in the workplace," she said. "I personally would not want to work in a place where I know there are cameras everywhere."
However, Reich noted that in the United States, there is officially no expectation of privacy once employees have been put on notice and have signed a document indicating they know about their employer's monitoring policy.
Whose Hard Drive Is This?
In discussing standards of privacy in the workplace, Reich brought up the example of a CIA employee who in 2000 was indicted on charges of receiving and possessing child pornography after the agency searched and copied his office hard drive and other files.
The CIA had established a policy two years earlier stating that employees could access the Internet only for government-related business and that the CIA would ensure compliance through electronic audits. The employee appealed the charges, arguing that the search of his computer violated his Fourth Amendment rights. Although his appeal was denied, Reich told the E-Commerce Times that the employee's reaction was understandable, particularly since no warrant was issued during the initial search.
"I remember working in the government [when] an employee left for the day, and they broke into her office, broke into her desk drawer, and how we felt about that invasion of privacy," she said.
Multinational Response
Meanwhile, standards of privacy differ among countries. For example, the EU has instituted strong privacy safeguards for employees, while in India privacy is neither protected nor, for that matter, defined by law.
"The problem for a multinational is, 'What standards should we adopt as a corporation that [are] uniform throughout our corporation?' If you're everywhere in the world, what standards should you adopt?" Reich said, adding that this challenge extends beyond the issue of Internet use.
She went on to say that one problem in U.S. cyberlaw is that those involved in crafting it too often look only at the United States.
"We really need to coordinate on an international level [and] know what is going on in the rest of the world," Reich said. "That's why I thought [the IBLS] Global Summit we had was very important. We need more [conferences like] this."
What Is Eddie Bauer Doing Right? October 10, 2003
Eddie Bauer's headquarters includes a customer experience lab, where users surf the site and suggest changes. Any potential change is tested extensively. If it fails the lab test, it is discarded, according to Troy Brown, divisional vice president of e-commerce at the company.
Related Stories
FTC Commissioner on the Future of E-Commerce October 02, 2003
In addition to taking action against companies suspected of engaging in unfair business practices, the FTC has worked to shape Internet policy in a range of areas, including online disputes and resolutions, Internet-based fraud and privacy concerns.
Study Reveals Widespread P2P Use in Corporations July 16, 2003
Experts point to security and bandwidth issues as the biggest potential risks associated with P2P use at the office. Although business leaders are aware of the dangers and detriments of employee P2P use, they are unsure what to do about it.
The Fine Art of Password Protection July 07, 2003
During a recent European trade show, organizers convinced 90 percent of office workers traveling through a London tube station to reveal their computer passwords. They merely included the question at the end of a long list of seemingly harmless queries.
Why E-Commerce Law Enforcement Is an Oxymoron July 03, 2002
The Internet is simply too vast, stretching across too many borders and encompassing
too many cultures, for the current scattershot approach to be effective.
More by Staff Writer
A Midsummer's Mac Death Match, Round Two: Enderle vs. Chaffin July 13, 2004
MacNewsWorld presents round two of our three-round Midsummer Mac Death Match, in which Mac Observer editor-in-chief Bryan Chaffin and the always-controversial industry analyst Rob Enderle square off on one of today's key Mac issues. Today Enderle and Chaffin eachs kicks metaphorical mounds of sand on the arguments the other made in round one on the question of where Apple will be five years from now.
A Midsummer's Mac Death Match, Round One: Enderle vs. Chaffin July 12, 2004
MacNewsWorld presents round one of our three-round Midsummer Mac Death Match. Today, Mac Observer editor-in-chief Bryan Chaffin and the always-controversial industry analyst Rob Enderle each offer their predictions of what sort of company Apple will be in five years. Will Apple rule the "Digital Life" -- or be the Atari of 2009?
PeopleSoft Blames Oracle for Share Price Free Fall July 07, 2004
Forrester vice president and CRM analyst Erin Kinikin described PeopleSoft as being on a very narrow tightrope since Oracle first made its takeover offer. "To prove [it] can survive as an independent company, PeopleSoft has to make its numbers," Kinikin told CRM Buyer. "Any time PeopleSoft pre-announces lower earnings, people are going to wonder if [it is] falling off the tightrope."
Headline Feeds
Talkback: 
