Employee email/Web use: The Risks and the Law


Although the position regarding monitoring employees' email and web use is less than clear, employers should be able to find a workable compromise. The key elements to consider are:

  • Ensure that you have a clear Acceptable Use Policy and that employees understand it - back up the policy with training to help make sure that employees consent to monitoring.
  • Make sure the policy is distributed to all employees and enforced on a consistent basis.
  • Conduct an Impact Assessment to determine if the benefits of any monitoring justify the intrusion to employees.
  • Consider revising your AUP in the light of any impact assessment.
  • Use spot-checks, rather than continuous monitoring (it is more likely to be proportionate).
  • Use automatic content filtering tools rather than checking every site visited and email sent.
  • Make allowances for genuinely inadvertent visits to unacceptable websites or the unsolicited receipt of unacceptable email content.
  • Ensure that the IT and & HR departments talk when determining the policy and methods of enforcement and also on any change of policy.
  • Above all make sure that the method and extent of interception is proportionate, objective and fairly applied to all employees.