Companies should regulate e-mail usage

With the general upsurge in e-mail and Internet usage, it is important that employers are aware of the potential legal risks …

With the general upsurge in e-mail and Internet usage, it is important that employers are aware of the potential legal risks arising from the misuse of e-mail by their employees and take steps to minimise their liability. It could involve charges of libel, breaches of Employment Equality and Copyright law, and could also give rise to messy disputes with staff. And, of course, there is also a financial cost involved if staff are devoting time frivolously to the Internet and e-mail.

The legal dangers of internal email were highlighted in 1997 in Britain's first case involving libel by e-mail. Norwich Union employees circulated an internal email which indicated that the Department of Trade & Industry was investigating the Western Provident Association and that the group was close to insolvency.

Legal proceedings were taken by Western Provident on the basis that Norwich Union was liable for the defamatory statements of its employees.

On issuing proceedings, Western Provident obtained a court order for the preservation and delivery of hard copies of the alleged defamatory e-mails and subsequently obtained a further court order allowing them to conduct a search of Norwich Union's e-mail records. The case was ultimately settled and Norwich Union agreed to apologise and pay Western Provident £450,000 in damages and costs.

READ MORE

The dangers of defamatory material being circulated on the Internet is illustrated by another recent case, Laurence Godfrey versus Demon Internet Limited, in which an Internet Service Provider (Demon Internet) was held liable for the contents of a defamatory posting.

In brief, the Demon Internet offered subscribers access to various newsgroups to which individuals could send their comments. One of the newsgroups received a posting from an unknown source which was defamatory of the plaintiff Mr Godfrey. He had became aware of the posting and asked Demon Internet to remove it. Demon Internet delayed in doing so and was held liable for the unnecessary publication of the defamatory material to third parties.

The lesson to be learnt from these cases is that employers should instruct employees not to make any derogatory remarks about another person or company via e-mail. Although many people regard e-mail as an informal means of communication which can be deleted at the touch of a button, the reality is that e-mails can be retained in the "trash bin" of an e-mail system and are stored on a back-up tape or disk. These documents can ultimately become discoverable as part of litigation proceedings.

The safety-first rule therefore should be that nothing is committed to an e-mail which would be embarrassing if disclosed at a later date in open court.

Given that it is unlawful for an employer or an employee in the course of their employment to sexually harass or bully another employee, it is easy enough to envisage how the sending of explicit, suggestive or abusive emails to an employee might constitute sexual harassment or bullying.

Hard copies of e-mails could be used as evidence to support an employee's claim that she/he had been sexually harassed. Employers will also be aware that bullying at work is a major contributor to stress-related illnesses. An employee could claim to have incurred a stress-related condition as result of a barrage of e-mails from colleagues at work and claim a breach of duty of care by the employer to provide a safe place of work.

Employers should also be aware of the Employment Equality Act 1998, which is due to come into force in September. For the first time in Irish employment law there are new grounds of discrimination which are not based on gender (race, age, sexual orientation, family status, religious beliefs, disability and membership of the travelling community). It will be unlawful to harass a person on gender or on these non-gender grounds.

Another first is the introduction of definitions of harassment and sexual harassment which may include the "circulation of written words, pictures, or other material" which a person may reasonably regard as offensive. This definition could cover the circulation by e-mail of sexually offensive or racist materials. The Act provides that an employer will be liable for an employee's discriminatory actions, unless the employer can show he took reasonable steps to prevent or reverse the harassment.

The misuse of e-mail may also expose the employer to claims from third parties. For example, if copyright materials are included in, or attached to, an e-mail message, a breach of copyright may occur unless the copyright owner consents to its disclosure.

The misuse may also result in a breach of confidentiality or the inadvertent formation of a legal contract. One of the main prerequisites for a private contract is that there must be an offer and acceptance. The sending of an email may constitute acceptance and give rise to a binding and valid contract on the employer's behalf. Employees should be instructed that e-mails to third parties should always be treated in the same way as a written or typed document on headed company notepaper and, if necessary, be headed "subject to contract".

Employers should also be aware that the misuse through the e-mail system of personal employee information by the employer or another employee may breach the provisions of the Data Protection Act 1988. The Act specifically regulates the use and disclosure of personal information relating to identifiable individuals and the transfer of personal data on an employee by e-mail may come within the provisions of the Act.

Therefore it makes commercial sense to regulate the use of e-mail. A recent survey conducted in Britain found employers in large companies (1,000-plus staff category) can expect to lose £3.9 million a year through time wasted on personal use of the Internet and email.

To minimise exposure to these risks, employers should consider establishing a clear e-mail policy for employees. The survey referred to above found that one third of the companies surveyed had a written policy for use of email and the Internet, while 36 per cent relied on a general understanding with their employees. Only 9 per cent of those surveyed had an enforced e-mail/ Internet policy in the workplace.

An e-mail policy should spell out clearly to the employee the potential risks involved in the use of e-mail and should contain express prohibitions against misuse. The policy should address one of the core problems, that the e-mail system is to be used either mainly or solely for business purposes. The policy should also indicate that email will be monitored to ensure an employee operates within the policy, and that breaches may result in disciplinary action up to and including dismissal.

While it is arguable that employers have always been entitled to monitor e-mail, it would be best practice to let an employee know that e-mails will be monitored, either through a policy or as a term of the employee's contract of employment. An open approach will enable an employer to redress the problem at an early stage.

A policy, or a term in the contract, may also prevent allegations that the employee was unfairly dismissed, on the basis that he was not aware his personal e-mails were being monitored. It should also overcome any argument that an employee's privacy had been unlawfully breached.

Mr Paul Glenfield & Ms Colleen Cleary are with the Employment Law Group of Matheson Ormsby Prentice, Solicitors.