Jack M. Germain, newsfactor.com
As the number of workers using the Internet for pleasure as well as
business grows, so does anxiety among corporate higher-ups worried
about productivity and exposure to security risks.
Many executives and managers have turned to computer surveillance.
Low-cost technology is making it easier than ever for businesses of
all sizes to monitor computer misuse among employees.
The market for this so-called secure content-management software --
which includes applications that monitor Web surfing, e-mail, instant
messaging, and even keystrokes -- is expected to grow to $6.4 billion
by 2007, more than double what it was just three years ago, according
to the research firm IDC.
"The use of corporate management of employee use of the Internet is
widespread today," said Mike Newman, vice president and general
counsel at Websense, a company that makes Internet and desktop
security software. "More than half of the Fortune 500 firms alone use
our Web-filtering products."
The Internet can be tempting to workers who would rather check out
eBay than check in with their clients. But by giving employees
unmonitored reign over instant messaging, personal e-mail, file
downloading, and virtual window shopping, I.T. managers and CIOs risk
getting more than they bargained for.
In addition to lost productivity and wasted bandwidth resources,
companies can be held liable for a broad range of misconduct that
includes sexual harassment and the use of unlicensed software.
The proliferation of spam is also a huge concern, as it not only
consumes valuable I.T. resources, but can also expose a company to
legal liability if people find the unwanted messages offensive.
Workers also risk introducing viruses into the corporate network by
downloading unauthorized files.
The possibility of sensitive corporate data being lost or stolen
outright is also feeding the upswing in workplace surveillance.
Technology such as USB drives and digital-camera storage media make it
easier than ever for workers to find, store, and swap information.
Corporate America is paying attention. A 2005 report by Proofpoint, an
e-mail security company, found that 63 percent of companies with 1,000
or more employees either use or plan to employ staff to look at
outbound e-mail. A similar study by the American Management
Association found those numbers to be 52 percent in 2003 compared to
24 percent in 2001.
While the percentage of employees with Internet access at work has
remained largely unchanged, more employees are using the Net on the
job even if their activities are not work-related.
Websense, which interviewed 350 I.T. managers and 500 employees for a
May 2005 survey, found a blurry line between work and play. Half of
the respondents said their Web surfing on the job was a mix of work
and personal use, and of those employees who admitted to personal use,
52 percent stated that they would rather give up their morning coffee
than go without Internet access.
In fact, 93 percent of employees surveyed said they spent at least
some time accessing the Internet at work, up from 86 percent in
2004. The most popular Web-site categories unrelated to work were news
(81 percent), personal e-mail (61 percent), online banking (58
percent), travel (55 percent), and shopping (52 percent).
The rationale behind monitoring employees, according to Newman, is
that a computer at work is a corporate tool for enhancing the
employee's productivity. Because some people abuse that privilege by
sending personal e-mail and viewing movies during working hours,
employers feel they have little choice but to monitor what their
workers are doing.
"Most companies are very clear with the Internet-use policies. The
company owns the computer system and the network. Clearly, there is no
expectation of privacy on the part of the workers," Newman said.
Precedent-setting litigation would seem to back up that claim.
It's All Nice and Legal
Traditionally, courts have sided with employers in privacy suits filed by
In 1993's Bourke v. Nissan, plaintiffs Bonita Bourke and Rhonda Hall
alleged that Nissan wrongfully fired them after their bosses accessed,
printed, and read their e-mails at work. A trial court upheld the auto
maker's contention that the plaintiffs had no reasonable expectation
of privacy in their e-mails.
In 1996, Michael A. Smyth sued Pillsbury after he was fired for
transmitting "inappropriate and unprofessional" comments to his
supervisor over the company's e-mail system. Smyth said the company's
actions invaded his privacy, but the U.S. District Court for the
Eastern District of Pennsylvania ruled in favor of Pillsbury.
According to Richard Corenthal, a partner in the New York law firm of
Meyer, Suozzi, English & Klein, P.C., federal law clearly establishes
employers' rights to monitor e-mail.
"Once that is in place and the policy is provided to the employees,
they effectively have no recourse," Corenthal explained. "Nor is there
any expectation of privacy in the workplace."
The advocacy group Privacy Rights Clearinghouse counsels visitors to
its Web site that if an e-mail system is used at a company, the
employer owns it and can review its contents: "Messages sent within
the company as well as those that are sent from your terminal to
another company or from another company to you can be subject to
monitoring by your employer." According to the privacy rights
organization, the employer can also monitor Web-based e-mail accounts
such as Yahoo and Hotmail, as well as instant messages.
But employers would do well to exercise some restraint, lest they
create problems by improperly monitoring workers' e-mail accounts.
"There are some interesting twists to the question," Corenthal
said. "For example, policies must be evenly enforced or otherwise the
employer might be the subject of a discrimination claim.
One approach gaining favor in some corporate circles is to set aside
time for workers to surf the Web or take care of other business
online, reducing the likelihood that they will shirk their
responsibilities on the job.
"A company can give its employees quota time to look at various Web
sites," Websense's Newman said. "Then there is no need to monitor
their activities since the amount of time is regulated. A company can
also grant unlimited access to workers during certain times of the
shift when bandwidth issues are less of a concern."
Christine Liebert, a senior analyst at the consulting firm Yankee
Group, agreed that such shared-use strategies could become a viable
solution to any unpleasantness generated by spying. Even if workers
did not agree to such self-imposed limitations, I.T. departments could
routinely put bandwidth-shaping and application-shaping software in
place to manage these limits, she said.
And software could continue to maintain controls that protect the
company from security risks. Websense, for example, has a pop-up
feature notifying a worker that the requested Web site is not
work-related. It then asks the employee if he or she wishes to use
some of the allotted quota time.
"Employees are aware of the limitations placed on them," Newman
said. "We use this same software internally at Websense. I don't mind
Copyright 2006 NewsFactor Network, Inc.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. And, discuss this and other topics in our forum at