SHOULD YOUR COMPANY HAVE AN E-MAIL LIABILITY PREVENTION PLAN?

While e-mail has greatly increased the potential for better business communication and information access, it has its downside. Few employers have yet to fully appreciate the extent to which company e-mail increases their potential liability and few have taken steps to reduce the risk.

E-mail’s “oral-like” feel is deceptively dangerous, since employers and employees may be lulled into saying things in e-mail messages which they would never say in writing–not realizing that e-mail leaves a written record, even after it is deleted. In fact, e-mail has far greater potential for distribution and permanency than other forms of written communication, since it gives employees near instantaneous communication with co-workers, competitors and customers who may be local or halfway around the world, and it leaves a permanent record everywhere it is sent. In addition, messages can easily and cheaply be forwarded by one recipient to a much broader audience than the original sender intended.

Some Areas of Potential Liability For The Employer:

* Invasion of Employees’ Workplace Privacy
* Copyright Infringement
* Defamation
* Sexual Harassment, Discrimination and Cyberporn
* Trademark Infringement
* Employees Using E-mail for Criminal Activities
* Trade Secrets Disclosure

What Can The Employer Do To Reduce These Risks?

An effective liability prevention plan will start with a comprehensive company e-mail policy, but also include continuous employee education and implementation of technological security measures.

Creating The E-Mail Policy:

The cornerstone of any effective e-mail liability prevention plan is a written e-mail policy. If it is to be effective, the drafters of the policy will need to consider not just the liabilities but also the corporate culture where it will be implemented. Otherwise even the most comprehensive policy runs the risk of becoming a document everyone ignores.

Ideally an email policy will start out with a general policy statement explaining about the potential dangers from e-mail and why these risks not only impact the employer, but also impact employee job security and the quality of the workplace environment. Then it should clearly inform employees that company e-mail belongs to the company just like the company fax machine, and is to be used only for business purposes (or within acceptable non-business limits). Employees should be informed that they have no reasonable expectation of privacy while using company e-mail, that e-mail may be searched and/or screened, and that e-mail is retained for a designated period of time, even if it appears on an employee’s computer screen that the message has been deleted. Employees should also be informed that every message they send on to the Internet is labeled with the company’s domain name, as if it were sent on company letterhead. The policy should discourage employees from copying and distributing large portions of documents or images to minimize the risk of copyright and/or trademark infringement. In addition, employees should be prohibited from downloading software from the Internet, both to avoid copyright infringement and to avoid infecting the system with viruses or worms. The policy should contain a section covering treating co-workers and customers with dignity and respect when composing e-mail messages and not using profanity, sexual or racial jokes or slurs. Employees should be encouraged to consider e-mail in the same vein as memoranda and letters. This is also important if e-mail is used to communicate with customers who expect good service and polite responses. Employers may also want to create a response time standard for responding to customer e-mail.

Define Your Goals:

Every employer needs to decide what results it wants to achieve from its e-mail policy.  Some goals to consider:

– Eliminate any reasonable expectation of privacy on the company e-mail system.
– Eliminate e-mail used for inappropriate communications, such as racist, sexist or        “sexually explicit” comments or “jokes”.
– Reduce the risks of misuse by limiting which employees have Internet access.
– Create an e-mail use policy that fits the corporate culture.

Some Issues To Consider:

– Should the policy prohibit e-mailing some sensitive business messages, such as                promotions and termination?
– Should the e-mail of some employees, particularly those with access to trade secrets, be     subject to closer scrutiny?
– How long should e-mail be stored before being destroyed?
– Before destroying e-mail, should messages be read?
– How will violations of the e-mail policy be handled?

** Put The Policy In Writing!!! **

Employee Education:

Since it is designed to regulate their behavior, the best-drafted policy in the world is of little use unless it is effectively presented to employees. Employees need to be educated about the e-mail policy early and often.

Conclusion:

Given the pervasive use of e-mail in business and the many faceted risk it creates for employers, no employer can afford to be without an E-mail Liability Prevention Plan.