Company Argues For Right To Read Ex-Employee's E-Mail
A finance company is arguing in court that it had a right to read an ex-employee's personal e-mail. Sounds crazy, right? And yet, in this world where we carry BlackBerrys to access work e-mail from home, and handle personal business over the company Internet connection, it takes a crazy person to figure out where personal life ends and work begins.
A finance company is arguing in court that it had a right to read an ex-employee's personal e-mail. Sounds crazy, right? And yet, in this world where we carry BlackBerrys to access work e-mail from home, and handle personal business over the company Internet connection, it takes a crazy person to figure out where personal life ends and work begins.The New York Times has the story. Structured Settlement Investments fired Scott Sidell, who formerly headed the company. He filed an arbitration claim over his lost job and, in a lawsuit filed last month, he says that executives at Structured Settlement read e-mail messages that he exchanged over his Yahoo account with attorneys about strategies for winning the arbitration claim.
How was it possible for Structured Settlements to access Sidell's personal Yahoo account? Sidell said in court papers that he may have left his office computer logged in to Yahoo Mail. But the company says Sidell returned to the office after he was fired and used another employee's computer.
Years ago, I wrote a column arguing that companies ought not to to read employees' e-mail. At least one IT manager scolded me for being childish. What you do on the company's e-mail system, using the company computers, and the company's network, is the company business, he said.
My logical brain says that's right. You can certainly make a similar argument here: Sidell used a company-owned computer to access his mail. He left that computer logged into his account. Therefore the company had a right to access the e-mail on that account. QED. Sidell doesn't have a case.
And yet, intuitively, the situation seems deeply unfair. It wasn't the company's e-mail -- it was Sidell's personal account. He no longer worked for them. The company eavesdropped on communications between a former employee and the employee's attorney -- discussing a case against the employer. How can that be right?
The department had a written policy banning personal use of its networks, computers, and communications devices, and claimed that policy encompassed pagers.
However, officers who went over the limit regularly paid the department back for overage costs. According to court records, the lieutenant in charge of pagers told at least one officer that he would not audit messages if officers paid the overage fees. The police chief said he decided to investigate whether the overage fees stemmed from personal use or work-related activities.
The department contacted the pager service provider, Arch Wireless, and requested transcripts of archived messages sent to and from Officer Jeff Quon, who had previously paid for overage costs and avoided audits. The investigation uncovered personal communication (with Quon's wife, among others). The personal text messages included statements that were sexual in nature.
It's logical to say that anything done with the company resources, during company time, is the company's business. And yet the logical conclusion of that philosophy leads to every employee looking over his shoulder every working minute, waiting for their employer to plunge in the knife. You can never check your bank balance from work, never confide a personal problem to a colleague in the breakroom. Nobody wants to live in that kind of world.
On the other hand, maybe we'd be better off if we went back to having strict barriers between work and home, and did no personal business on company time and no company business on personal time. America is a society of workaholics, we could do with better boundaries between work and personal life.
What do you think? How much privacy should an employee expect when using an employer's communications resources? Let us know.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.