Anthony Drake of Bell Gully stresses the need for employers to set clear policies on how staff can use email and the Internet.

Technology may have revolutionised the office but managers need to be aware of potential pitfalls accompanying the benefits. Many of these pitfalls have employment law implications. There's no doubt going online has huge benefits, but the prudent employer needs to keep on top of all the associated risks too.

A recent British survey estimated that the average employee spends about 30 minutes surfing the net for non-work purposes daily. Another survey estimated that 31 per cent of all email messages endanger corporate information assets, employee productivity or messaging systems. The most revealing aspect of the British survey was that despite the risks to business, relatively few companies restrict their employees' use of the Internet. But, without clear employee Internet and email policies, employers can leave themselves vulnerable.

Pornography is a key issue. Downloading pornographic images and distributing them internally and externally is becoming more common in the modern workplace, and it can lead to a range of complaints from other employees.

Even if employers aren't aware of any such activity taking place in the workplace, they may find themselves liable. Ignorance is expressly excluded as a defence from the Films, Videos and Publications Classification Act. A breach of the provisions can result in fines up to $5,000 for a worker and $15,000 for the company.

The courts are sending a clear message to employers not to tolerate the downloading of pornography - even outside office hours. This was reinforced in Hodgson v The Warehouse Ltd [1998] 3 ERNZ 76. In this case, the Employment Court refused to reinstate an employee sacked by The Warehouse after his conviction for downloading pornography on to his home PC outside work hours was reported in the local press. The Court held that even though the activities occurred outside the workplace, they still constituted misconduct.

Confidentiality
While the Internet is an all-embracing communication tool allowing messages to be sent to millions of users worldwide, unregulated Internet use exposes an organisation to considerable risks in this area.
Employees are under a common law obligation not to disclose confidential information about their employer. But with a powerful and rapid distribution mechanism at each employee's desk, there may be little employers can do to stop such disclosure if, for example, a disgruntled employee decides to take revenge.

In Tui Consulting Holdings Limited v Clements [1998] 3 ERNZ 188, a departing employee sent emails to the employer's customers which contained highly critical statements about the employer. The Employment Court ruled that the employer had an arguable case and that there was a breach by the employee of the express and implied obligations of confidentiality, trust, and confidence. The Court granted an injunction against the employee restraining him from further publication of these emails, but this would have been little comfort to the employer - the damage was already done.
Confidentiality obligations are difficult to enforce. However, if an employer is aware that information is about to be used by an employee (or ex-employee) for illegitimate purpose, injunctive relief can be sought.
If harmful information is disclosed, damages can be sought, but how do you quantify the loss in monetary terms? If the employee is still employed by the company at the time disclosure is discovered, dismissal or other disciplinary processes may be justified.

Harassment
Employers are obliged to take adequate measures to prevent harassment, including sexual and racial harassment. Failing to prevent harassment in the workplace could expose the employer, as well as the offender, to liability. Email is a possible avenue of harassment that employers need to be aware of. Emails don't need to target a specific person to qualify as offensive; they can be generalised but still qualify if they create an offensive work environment.

The case of Clarke v Attorney General [1997] ERNZ 600 demonstrates the point. The Employment Court was unsympathetic towards three sacked employees of the New Zealand Employment Service who exchanged offensive emails. The employees had been advised in training that email was a business tool for the purpose of exchanging information between senders. Staff were also advised that offensive language was not to be used on email. The company dismissed the employees when sexually offensive emails were discovered.

The Court implicitly recognised that information technology was supplied by the employer for legitimate business purposes only, and stated that an employer has an obligation to ensure that all its employees are safe from abuse and have in place a policy that protected its employees.

Monitoring
The offensive emails in Clarke were discovered during the monitoring of employees' emails for confidentiality leaks. This practice raises questions under the Privacy Act. Companies can monitor for jokes or offensive material because the Privacy Act only covers "personal information", and neither falls into this category. However, employers need to be wary that, in the course of legitimate monitoring, they don't uncover personal information that makes them liable for breaching the Act.
Wherever practicable, employers should tell employees that random checks of email are carried out.

To avoid falling foul of the law, employers should develop and implement a specific policy on the use, storage, and access to email messages sent and received on their networks. The policy should state the circumstances in which employees' email may be accessed and which individuals are authorised to access the email.

All employees must be made aware of the policy and the employer should ensure that all employees read it. If the employee uses the company's computer system after being made aware of the policy, it is reasonable to infer that they have agreed to its terms.

If an employer implements policies that its employees are aware of and, where appropriate, have had input into, it will be difficult for employees to argue that they had thought email was a private communication channel.
In addition, employers should specifically set out the consequences of breaching the policy. Employers should also consider including expressly in employment contracts that email-Internet abuse is a ground of serious misconduct justifying termination of employment.

The recent case Howe v The Internet Group Ltd (Ihug) 27/7/99, Travis J, Employment Court Auckland AEC66/99/AC54/99 is an example of the dangers associated with a relaxed company email policy. An employee circulated to an internal mailing list an offensive email entitled "Bitches". The employee was told when he joined that "anything goes" in terms of the mailing list and that there were no rules for email use. The email, which went to other employees and some managers at Ihug, contained abusive and obscene language and a direct threat to commit grievous bodily harm to anyone who signed proposed individual employment contracts.

Ihug dismissed the two employees involved on the grounds that they had destroyed the relationship of trust and confidence by slandering management and other employees in the emails. The Court reinstated the employees, holding that evidence suggested that abusive and obscene language was not unusual at Ihug and that the emails reflected the relaxed view management had toward email content. It held that the offensive language used in the email was the norm rather than the exception. The employer had also failed to publish its policy and protocols on how emails could be used and what it regarded as inappropriate or unprofessional language in the workplace.

The message to employers is that company policies should be very clear on the use of email systems and the consequences of an employee being found in breach of that policy. Such policies should also clearly state that the employer is able to monitor an employee's email use and access email messages to ensure their email policy is adhered to.

This is a general summary only and should not be taken as a substitute for specific advice.

Anthony Drake is a senior solicitor in the Auckland office of Bell Gully. He specialises in employment.

Web site:Bell Gully
Email: anthony.drake@bellgully.com
March 2001