Employee Internet Use: How You Can Guard Against Online Risks—A 7-Point Internet Policy Checklist

One of your employees has been copying pornographic images off the Internet and showing them to coworkers. Another has been distributing racist jokes through company e-mail. And others have downloaded some hot new software onto their office PCs, violating federal copyright laws. It’s bad enough these employees are surfing the Net instead of working. But you also have another big problem: You can be held liable for their online activities. In a recent development, the Recording Industry Association of America sent letters to hundreds of employers, warning they could face “significant legal damages” because employees allegedly used their networks to illegally download music off the Internet.

Fortunately, you can buy yourself a great deal of protection by adopting and enforcing an Internet policy.

Surfing Risks

As Internet use has expanded, so has your potential for problems. Consider these scenarios:

• Employees who use the Internet to send sexist or racist e-mail messages expose you to hostile work environment claims. And you could be hit with a sexual harassment lawsuit if, for example, an employee obtains pornographic materials on the Internet and shares them with coworkers or other employees happen to see them on the computer screen. The use of file-sharing software also increases this risk. A recent survey revealed that 40 percent of the traffic on Gnutella, a popular site for swapping songs, involved sharing pornographic images and videos.

   

• Many workers download music, software, or other materials off the Internet without realizing they are subject to copyright restrictions. Employees may also be tempted to “borrow” copyrighted materials found on the Internet and incorporate them into company reports, brochures, materials, or products.

   

• The Internet makes it easier than ever for employees to disclose— intentionally or not—your valuable company trade secrets. The problem is compounded because many workers incorrectly assume e-mail messages are private and secure.

400+ pages of state-specific, easy-read reference materials at your fingertips—fully updated! Check out the Guide to Employment Law for California Employers and get up to speed on everything you need to know.

7-Point Checklist

The key to protecting yourself is to draft a policy regulating employee use of online resources and clearly informing workers that their computer activities may be monitored. Although the specific provisions will vary depending on your organization’s needs and goals, be sure to follow these Internet policy guidelines.

 

1. Define permitted uses. Spell out what’s considered acceptable online use. You can limit it to work-related purposes only. Many employers allow more flexibility—such as permitting workers to send personal e-mail or to surf—but restrict the hours of the day or amount of time employees can spend on personal Internet use. In either case, state that employees cannot use their company affiliation or purport to represent the company in any way while on the Internet unless authorized as part of their job duties.

    

2. Prohibit harassment and pornography. Be clear that sex, age, race, or other harassment is prohibited, including sending racially or sexually offensive messages. Forbid retrieving, downloading, or sending pornography of any kind.

    

3. Protect confidential information. Make sure workers know your trade secrets policy and stress that they must be careful because confidential company information can be inadvertently disclosed over the Internet. Consider using encryption software so that sensitive material that falls into the wrong hands won’t be readable.

    

4. Limit privacy expectations. Explain that workers’ online activities and communications are not private and that all messages sent or retrieved over the Internet are company property. Spell out the circumstances, if any, under which you may monitor employee e-mail or Internet use. For example, you may choose to monitor online usage whenever there’s a business reason for doing so, either on a periodic basis or at any time for any reason.

    

5. Restrict unauthorized downloading. Explain that copying software or other material off the Internet can violate copyright laws unless the vendor or author permits it. You can require employees to obtain your advance written authorization before downloading software—including popular file-sharing applications such as Kazaa and Grokster—into your system.

    

6. Specify penalties. Put teeth in your policy by stating that violations will subject the worker to disciplinary action, up to and including termination.

    

7. Publicize your policy. Distribute the policy to all workers and have them sign an acknowledgment that they have read, understood, and agreed to abide by it. Consider having an electronic reminder summarizing your policy—for example, that Internet access is not private and is permitted for business use only— appear on the screen each time employees log on. Finally, make your Internet policy part of any computer training you provide.