· 6 min read · News

How to survive email

Published:

All employees love to send emails but, as Norwich Union discovered, email junkies can be extremely dangerous. Joy Persaud reports

Oh, go on, how many did you have waiting for you when you got to work this morning? Five? Ten? Fifty? Are you greeted by a bulging in-box after your holidays, or even the weekend?


Do you stop work every time a little whizzy envelope flashes on to your computer screen, just in case its the info youve been waiting for, the lunch date you want confirmed, or the latest on the MDs (allegedly) torrid sex-life?


If youre anything like the average employee, you probably spend a fair amount of time reading, replying to, forwarding, printing and deleting emails. Conversation, even from those you sit inches from, seems to have been banished. Even the most vital information, which may have once merited a meeting, can be relegated to a few lines on an email.


Its worth bearing in mind that you can be offended as well as offend others effectively and unwittingly by email. But, unlike having a bit of jokey banter, its essential to remember that email is a permanent record of your thoughts, salacious gossip, and your business-related communications.


On the whole, because of the mixture of chat and serious communication that occurs over the e-waves, its easy to treat email abuse as a bit of a joke. But what happens if you open an attachment which is hiding a virus that goes on to infect the whole company and then sends itself to everyone on your address book as an added bonus?


And what if you forward something seemingly innocuous to a colleague, who then sends it to another employee and then, in turn, the message gets whizzed off again? You may be blissfully unaware that your email, which has possibly travelled across all five continents in a matter of minutes, has left a trail of offence, and potentially, libel, in its wake. Oh, and your name will be there for all to see exactly from whom the message originally came, and it will probably be apparent who your employer is, too.


So, what do you need to be aware of to survive being dragged through legal action?


If you think that a disclaimer, purporting to absolve you or your employer from responsibility for the contents of an email, is enough to protect you from libel, youre mistaken.


Joanne Ashley, a lawyer specialising in IT and e-commerce at Weblaw, a division of the London-based solicitors, Sprecher Grier Halberstam, cites the Norwich Union Life Insurance case, where the firm ended up paying out 450,000 in damages when it was found to have libelled competitor, Western Provident Association. Norwich Union employees had falsely claimed that WPA was performing badly and was being investigated by the Department of Trade and Industry. WPA complained that the message could be used to damage its standing in the market.


They had to pay out compensation to a company for an email that was sent on the intranet it wasnt even on the web which turned out to be untrue and so was defamatory, she says. Employers have to be aware of potential liability if employees commit defamation.


Ashley says the loss to firms in terms of human resources and time can be huge. Also, any embarrassing fallout could lead to claims for constructive dismissal as well as cause red faces for those allied to the company concerned. The media loves such tales of sordid shenanigans and will often happily help to spread news of a dented reputation.


Ashley says with the holiday season approaching, employee use of the internet is likely to increase. Employers worried about the costs in terms of phone calls and time need to make sure that they have set parameters.


Circulating a memo to staff, warning them not to misuse the technology on their desks, is not sufficient, comments Ashley. Any email regulations need to be made part of the terms and conditions of employment.


Guidance isnt sufficient, its just good practice. Only 30% of firms have guidance, maybe just 20% have an actual email policy, says Ashley.


Employees searching the net for pornography is the most common problem. Also on the hit-list of no-nos are having inappropriate email conversations ones which are sexually explicit or that reveal company secrets. Some firms have systems in place that will detect a word or phrase, such as cv and flag them up for the employers attention.


Ashley adds: Its vital to make employees aware that the informality of email is not necessarily the best way of doing business. Its all too easy to press the send button.


At Royal & Sun Alliance in Liverpool, 10 employees were booted out of their jobs after they used email to forward obscene doctored cartoons of Bart Simpson and Kermit the Frog. A further 77 were suspended. The furore was sparked when a company director received one of the emails and an internal investigation was launched, culminating in the companys action.


The insurance firm, which has a written code on what is acceptable internet practice, claimed that some material was pornographic and obscene and goes well beyond anything that any reasonable person would describe as permissible.


Company sources were quoted in the national press at the time, saying the sackings were unfair and that those fired were not layabouts who spent the day surfing for dirty jokes.


On the other hand, there are cases where emails can cause excruciating embarrassment for the sender. You may have come across the story of Claire Swire, who sent an explicit message to solicitor Bradley Chait telling him how much she had enjoyed their time together. He sent the message to his friends and they in turn forwarded it to their mates.


Within a matter of minutes, Swires exploits had travelled the world and various reputations were shattered as the culprits names were written in the annals of email history.


Five lawyers at Chaits workplace, law firm Norton Rose, were disciplined over the incident, as were a number of employees of the Financial Services Authority who were discovered trying to pass the message on.


A major part of the problem was that the name of Chaits employer was on the emails. The connection between Chaits exploits and his employer was all too blatant and thus difficult to distinguish between email and letters written on a firms stationery.


Manpower recruitment manager John Crook should have known better than to send a jokey email to a colleague about the reasons he recommended a pay rise for someone, she was a grrrrrrrrrrreat shag, he wrote. He was sacked for gross misconduct and lost his appeal this June.


The IT security service provider, Activis, estimates that employers with 120 staff or more are suffering annual costs in excess of 500,000 in lost time and in network resources for handling non-business related email and internet access. They base this sum on an estimated 30 minutes per day spent by the average employee handling unwanted, irrelevant or non-business related email.


Managing director John Cheney says: Events, such as Valentines Day, impose a significant additional cost on employers... This imposes a short-term additional strain on network resources, exposes the business to additional risk of virus infection and ties up additional time when already most employees spend around one hour per day handling emails.


He adds that 70% of employees in Europe would open up an email attachment without knowing who it was from, leaving their system vulnerable to malicious viruses. The US-based Office of Computer Virus Countermeasures states that out of 2,440 viruses reported worldwide in January 2001, 95% arrived via email. He advises firms to invest in email security measures which can filter messages and protect against viruses.


Karen Seward, a partner at law firm Allen & Overy, says that location tracking, telephone monitoring and other surveillance methods are becoming more widely used.


A survey carried out by the firm revealed an increasing trend in the workplace for employers to maintain regular surveillance on their employees activities through monitoring email, internet or telephone use.


Of those companies questioned, 70% said they have data protection policies in place. The firm suggests that the UK will follow the US where many companies regularly examine employees internet and email use.


We would tell employees that we are doing it and why we are doing it. The Regulation of Investigatory Powers Act (RIP) came into effect last year. In a workplace, these are relevant regulations and they allow employers to monitor pretty much what they want.


RIP says we can monitor with-out consent. Detection of crime, prevention of viruses, detecting an unauthorised use of the system... when the regulations came out, they called it a spies charter.


Confusion does exist though, says Seward, because the information commissioner, who regulates privacy, wanted to have her final version of a code on workforce privacy in place by Easter but this hasnt happened due to the amount of evidence that needs to be ploughed through.


There are now three laws covering employee monitoring the Regulation of Investigatory Powers Act, the Human Rights Act and the Data Protection Act. The code is supposed to cut through the muddiness surrounding these acts as they are largely untested.


It would have warned employers against blanket monitoring and barred them from opening employees private emails. After a hostile reception from industry, the commission is now taking advice before it publishes the final version of the code, hopefully later this year.


The CBI said it hoped the delay meant there would be a fundamental rethink of the code, which it declared was too complicated, too long and difficult to implement.


The code conflicts with current law, says Seward. You should monitor email traffic data [volume]; you should not be reading them. We are hoping that when the final version comes out it will iron out the confusion. At the moment you can be acting lawfully but not in the spirit of the code.


The information commissioner is responsible for overseeing all freedom of information and data protection issues. She has the thorny task of balancing the competing demands of privacy and public interest. She regards securing public confidence as the crux of the issue and believes that without it, the police will face a hostile reception from people whose data has somehow been accessed by a third party.


Once the code and laws regarding email and internet use have been clarified, it will be easier for employers to know exactly where they and their staff stand.


But in the meantime, the salutary tales that can be learned by reading about what happened at Norwich Union and Norton Rose should serve as a warning to employers to implement a pre-emptive strike rather than risk writs and red faces.


Further reading


E-mail @ work by Jonathan Whelan, Financial Times Prentice Hall Publishing


Better, Faster Email: Getting The Most Out Of Email by Joan Tunstall, Allen & Unwin