Columns
Big Brother and the Workplace
- By Charles H. Trepper
- January 1, 2001
If the number of news stories and magazine articles is any indication, the
controversy over privacy in the workplace is growing. Many organizations are
now struggling to create policies that and, at the same time, protect the company
from potential legal, moral and ethical liabilities. Some companies are moving
to a tighter monitoring model, while others are taking a hands-off approach
to make employees feel trusted. Both approaches have benefits and drawbacks
— the one that is right for your company will depend on your organization's
history with its employees, employee attitudes toward the firm, federal and
state laws, and judicial precedents. Regardless of the approach you take, employees
must be made acutely aware of the policies and penalties associated with the
use of an organization's computers.
Hands-on vs. hands-off
Let's take a look at two companies with two very different approaches to privacy
in the workplace.
The first is a large, direct mail company that does not monitor its employees'
computer use, and provides no specific training on E-mail or Web usage. The
company assumes that if employees waste time it will affect their performance.
The company also believes that by not telling employees they will be protected,
they are limiting the firm's liability should an employee get into trouble.
The second firm is a large railroad company that has five employees dedicated
to monitoring employee E-mail and use of the Internet. The organization holds
periodic update seminars and has clearly written policies that are very specific
about the proper usage of company computers.
According to William Henney, a Minneapolis-based attorney, the direct mail
firm may have a problem because its lack of a computer policy opens the door
to abuse. Its employees may do things that are unprofessional and that create
a "hostile workplace," which could lead to legal action. On the other hand,
the railroad company is in a more likely position to prevent any problems resulting
from an employee's improper use of E-mail and the Internet, he said.
If employees have E-mail and Web access, said Henney, there should be rules
to govern their use. This includes what types of E-mails are acceptable and
what kinds of sites employees can visit. Most organizations argue that, since
they own the equipment used to transmit data (including both E-mail and Internet
usage), they should have the right to monitor any use of their equipment. Companies
further argue that personal use of equipment during business hours can hurt
productivity. Thus, Henney contends that organizations can and should regulate
use of their electronic resources.
Training: The best prevention
The best prevention against lawsuits over privacy in the workplace is a comprehensive
policy concerning the use of an organization's electronic resources; in addition,
the policy should be communicated to all employees in a properly structured
training class. Classes should be held for new hires, and for all employees
when policies are changed or updated. According to Henney, training classes
should communicate:
- What the organization wants to accomplish with its policies.
- The purpose of the allowed access in generic terms (e.g., professional
use only, with some personal exceptions such as during lunch hour or after
work hours).
- Specifically what is and is not allowed, but in broad categories (e.g.,
all pornographic sites are not allowed, regardless of content).
- Specifically, that employee use is monitored.
- All content is owned by the organization, not the employee, and even personal
data on the organization's computers may be subject to examination.
All of this information should be included in the employee handbook. It is
also important to make sure that employees acknowledge in writing that the material
was received and understood. Inserts and updates to the handbook should be provided
whenever policies are changed.
According to Henney, organizations should train employees on policies and monitor
usage to create a standard, professional workplace that limits the firm's liabilities.
Warren Reid, an Encino, Calif.-based technology consultant and litigation expert,
agrees. Because inappropriate use of company computers continues, he said, organizations
must have some kind of written policy. Such policies prevent employee confusion
and show consistency. Consistent enforcement is important, explained Reid, because
selective enforcement can give employees the impression that the organization
does not care about its policy. This can make prosecuting violations more difficult.
In the extreme case of a termination, for example, an employee who violated
a rule could say "everyone does it," and then claim discrimination. Courts frequently
judge the validity of an employee's claim of discrimination or other improper
termination by how consistently the organization has enforced the policy or
policies leading to termination, as well as how clearly those policies were
communicated to employees. Good training programs prove that an organization
cares about its policy and makes a good faith effort to communicate those policies
to employees accurately and often.
Clearly communicated enforcement policies have another benefit: Improved workplace
efficiency. The math is simple: Reducing Internet abuse by just 30 minutes per
day adds 2.5 hours of work time per week — a potentially significant increase
in productivity. Reid said a temporary decrease in employee satisfaction might
occur because employees may be prevented from doing some personal tasks on the
Web. However, for those employees to whom professional growth is important,
overall job satisfaction will actually rise because they will be more productive.
They will also be rewarded by the organization for that value added during the
additional work hours.
Controversy continues
Organizations such as the Electronic Freedom Frontier (EFF) and the American
Civil Liberties Union (ACLU) oppose monitoring because they believe it constitutes
an invasion of privacy. The ACLU states that employee privacy should be protected
as long as it does not compromise the workplace. However, these organizations
do not address the fact that the equipment employees are using to send E-mail
and surf the Web is purchased and maintained by employers.
Employee opposition to monitoring generally centers on workplace morale. Employees
claim that monitoring makes them nervous, and makes it more difficult for them
to concentrate on their work. Employers counter that employees shouldn't have
to worry about monitoring if they're not doing anything wrong. Obviously, this
controversy is not likely to be resolved soon. Court decisions are still mixed,
and the U.S. Supreme Court has yet to send a clear signal regarding who can
or cannot do what to whom. However, both sides agree that workplace monitoring
policies (if any) should be communicated clearly. In this way, both the employee
and the organization are clear on the acceptable and unacceptable uses of electronic
resources.
As more employees gain access to E-mail and the Internet, it will become even
more important for organizations and employees to come to a mutually beneficial
definition of workplace privacy. Firms must continue to monitor court decisions
regarding employee monitoring closely, and their legal counsels should stay
up-to-date on precedents. Employees should bear in mind that the equipment they
use is purchased by their employer for its own benefit. Employees should also
stay current on their organization's policies and procedures on electronic resource
usage.
The issue of workplace privacy will no doubt continue to be controversial.
However, organizations and their employees should work together to ensure mutual
understanding. This relationship is best built and maintained through clear,
easily understood policies that are communicated frequently.
Books in Brief
Is Now Good Enough?
The world is moving at warp speed. People are no longer satisfied to have
information presented today; what they now require are instant answers.
In his book, The Power of Now, How Winning Companies Sense & Respond To
Change Using Real-Time Technology, Vivek Ranadivé gives us the
technological future (which in this day and age could be tomorrow) in
the form of the event-driven company. Such an organization "instantly
senses and responds to the events that drive its business and, on the
other hand, uses the power of information to drive the development of
new products and services."
Ranadivé is the founder and CEO of Tibco Software Inc., a manufacturer
of real-time software. Event-driven companies, he states, rely on publish/subscribe
technology and the ability to distribute data in real time, rather than
on the passive "query me" client/server technology still found in many
companies. These cutting-edge companies are able to reinvent the way information
is used, maintain competitive flexibility, engage in superfine market
segmentation, and can embed the firm's core competencies in customers,
partners and allies. These capabilities imbue organizations with a strategic
advantage and improve overall performance.
One of the keys to becoming an event-driven company is IT infrastructure.
Not just any architecture, but one that includes messaging, adapters,
message transformation, business flow coordination, portals and event
notification, and monitoring and management. These six components or layers,
notes Ranadivé, allow information to be moved, managed and integrated
as needed.
But the future cannot be wagered on technology alone. People are needed
to transform the profusion of information into knowledge that the organization
can actually use. Event-driven companies prefer to hire "stars." This
"is a worker, regardless of official rank, who creates superior customer
value by combining personal skill sets with the advantages of event-driven
information to anticipate a customer's need (often before the customer
realizes the need) and then fills this need with the most inventive, highest-quality
product or service at the highest possible margin." Translation: Stars
spot trends and make things happen.
The Power of Now is a reminder that things are changing. Business is
conducted at a frenetic pace, with the Internet and all of its related
technology bombarding us with data from every direction. While the majority
of organizations will not change their structure overnight, having an
event-driven architecture in place can help a firm derive more value from
information, and act instead of react.
— Reed A. Book
The Power of Now, How Winning Companies Sense & Respond to Change Using
Real-Time Technology by Vivek Ran- adivé; The McGraw-Hill Companies
Inc., New York, N.Y., 1999.
|