The lowdown on e-mail, surfing the Internet at work

August 24, 2001

Beware all Internet surfers and e-mail addicts: Hawaii does not have any laws that prohibit private companies from monitoring employee's activities on the Internet.

Employees need to remember that the company owns the company's e-mail, software and hardware and can monitor it.

At Hawaiian Electric Industries Inc., one-third of the workers have access to e-mail. With nearly 1,100 employees able to use company computers, the state's largest employer maintains a company policy on electronic media. The policy covers intent, appropriate content, privacy rights, software policy and consequential disciplinary actions for failure to abide.

"It's a written policy that our employees are aware of," says Fred Kobashikawa, spokesman for HEI.

By letting employees know in advance, the HEI policy protects the company from any possible lawsuits claiming invasion of privacy, which are costly, and helps maintain productivity.

The state Labor Department reported that personal e-mail and recreational Web surfing cost companies about $3 million a year in lost productivity for every 1,000 employees. A total of 90 percent of workers admitted to recreational surfing on company time, accounting for nearly one-third of their online activity, according to the Web site of ePolicy Institute, a Columbus, Ohio-based Web consultant.

"Employees need to remember that the Internet and e-mail are tools intended for business," says Ann Nishida, a spokeswoman for Verizon Hawaii.

Verizon employees sign agreements stating that they understand the company's policy. In addition, when an employees log into the computer or system, they are greeted with a message that says the company does periodic checks and auditing.

"It's a reminder to people that we can do it," Nishida says. Companies are not required by law to inform their employees about monitoring.

Companies like Verizon are not the only ones monitoring their employee's electronic communication. An American Management Association survey reported that 45 percent of American companies monitor e-mail and Internet use. It also states that 29 percent of the firms surveyed prevent access to inappropriate Internet sites, with 55 percent using some type of blocking software to prevent unauthorized use of communications equipment.

"We have to be protective of our network," says Bill Brown, senior vice president of human resource and planning at Outrigger Hotels and Resorts. Fifty percent of employees report receiving racist, sexist, pornographic or otherwise inappropriate e-mail at work, according to the ePolicy Institute. Adding to that, e-mails have been the source of introducing deadly electronic viruses into a network.

Brown says his greater concern is breach of security rather than abuse of e-mail or the Internet.

"E-mail has become a large factor in communication and businesses can speed up through access to the Internet," Brown says. "So we have a policy, but generally we leave it up to each individual."

While admitting monitoring is easier because of the low percentage of employees with access, Brown says there have been situations where an employee has been disciplined.

"When a person gets slapped down, it gets around quickly so most people remember to keep it professional," he says.

Practicing `netiquette' at work

Are you one of 41 million who has access to e-mail or the Internet at work? With 130 million Americans sending 2.8 billion e-mail messages a day, both you and your employer should make sure you know your rights.

Employers

If you haven't already, make a written policy and have it accessible to employees. Don't forget to incorporate into your employee handbook and new-hire orientation materials.
Tell employees if you monitor.
Educate employees about software piracy and ensure compliance with all software licenses.
Communicate clearly that the company's e-mail and Internet systems are to be used strictly as business communication tool with clear guidance on appropriate business communication.
Keep in mind that workers spend many hours away from their homes and family. Savvy employers accommodate occasional e-mail checks and let employees know what they think is acceptable use.
Establish "netiquette" policies and implement a risk management policy that incorporates retention, deletion, password and monitoring policies with filtering software.
Look into purchasing cyber insurance to help mitigate electronic risk.
Develop an e-crisis communication policy for dealing with the media and public should an e-disaster occur.

Employees

Get your company's policy in writing. If the company doesn't have one, go to your supervisor and get guidelines. If the supervisor is unsure, go by the same work standard as on personal phone calls, which should be clean, occasional and brief.
More than one-half of workers get offensive e-mails, so if you get one, delete it. If it continues, get the office systems person to block all e-mail from that sender. If it is from someone within your company, let the person know it was inappropriate and delete it. A persistent problem should be reported to your supervisor.
Remember that remote access e-mail, even at home, can be electronically monitored.
Don't forget the golden rule of e-mail: Write only what you would not mind everyone reading. Even if deleted, it may come back to haunt you.