Obviously, anyone working for you can have their own, separate, private email account. But the one they use at work is not privately theirs, and it’s right that it shouldn’t be.
So suggests a recent ICAEW Legal Alert – and the case it reports on.
The piece is emphatic.
‘Employers should ensure their IT policies, employment contracts, and processes and procedures on the use of work computers, software and the internet, make it clear that employees can have no expectation of privacy for documents and other information they create, store, send or receive on the company’s systems or premises.’
That’s pretty all-encompassing. But at least clear.
And it’s, arguably, clarity that’s needed around this.
As long as the team who works for your business understands that this is the deal, there’s no need for it to cause dispute or upset.
The case highlighted by this piece concerned an employee who was asked to resign.
Here’s how the Legal Alert describes his actions:
‘He created a document on his work computer setting out his expectations under his employer’s Long Term Incentive Plan and bonus scheme, and emailed it as an attachment to his personal email account. He forwarded this to his lawyer who used it as the basis to advise him in his divorce proceedings.’
Things didn’t go his way. ‘The employer decided he was not a ‘good leaver’ under the Plan and a dispute arose.’
The employer also asked to see the email and document, but the employee refused, arguing, says the Legal Alert, ‘that it was privileged under legal advice privilege and litigation privilege’.
Not so, ruled the High Court – ‘the employee could have had no reasonable expectation of privacy’.
Its reasons were plenty, and they invoked company IT policies. For instance, that he ‘had created the document at work’, and ‘used his work email to send it to himself’, and saved the document ‘on one of the company’s central servers’ in a way that was ‘neither password-protected nor stored apart from his other work-related documents’.
There’s more. ‘His personal assistant had access to his emails and emails were duplicated in the PA’s email account’.
And the company policy ‘clearly stated’ that any emails ‘sent and received on work computers were the employer’s property’, and that the ‘IT department could access all company computers and email accounts without specific authorisation’.
They were covered left, right and centre.
Even his contract of employment reiterated ‘his emails could be monitored without his specific permission’.
Obviously, on the whole, one wants to be able to trust and respect people’s integrity. But at least, in a case like this, the rules seem clear and transparent. No one should have been operating in the dark.
As it happened, in this case, there was more murkiness. The ‘content of the document was also relevant. It included analysis of the company’s financial situation, based on information owned by the company.’
This is the kind of thing you might be protecting yourself against.
And the plot thickened further. In this instance.
Here’s the Legal Alert account.
‘It did not help the employee that there were stark inconsistencies between his witness statements and what was in the document in question: those bringing confidentiality claims must come to the court with ‘clean hands’, ie their behaviour must have been proper. The Court said that even if the document had been confidential on legal grounds, it would have ordered disclosure on grounds that the employee did not have ‘clean hands’.’
Best just be clear and upfront about all this from that start? As an employer.
The Legal Alert closes with its ‘Recommendation’.
‘Employers should ensure that IT policies, contracts of employment, and processes and procedures relating to use of work computers, software and the Internet make it clear that employees can have no expectation of privacy for documents and other information they create, store, send or receive on the company’s systems or premises’. Can’t say fairer – or clearer – than that.