The Privacy Lawyer: Don't Wait Until An Employee Is Cyberstalked Before You Act

Make sure you're able to log intrusions and communications in real time and capture IP addresses of correspondents, <B>Parry Aftab</B> says.

InformationWeek Staff, Contributor

August 18, 2004

3 Min Read

Cyberstalking in the workplace is a growing problem. How well protected are you?

What would you do if an employee came to you and told you she was being cyberstalked and cyberharassed at work? Who within the company would you inform? What would you tell the employee? What actions would you instruct the IT department to take? Like all online risks in the workplace, the time to think about this is before something like this happens, not after.

Cyberstalking comes in many forms. It might carry a veiled threat, as in an E-mail that reads: "I know where you live," or "I know the way your children walk home from school." A stalker might also post offensive messages about the victim or, by guessing or sniffing the victim's password, masquerade as the victim and send threatening or inappropriate E-mails to co-workers or the victim's supervisors. Or in that guise the stalker might post comments on the Internet that do harm to the victim's workplace, such as informing a chat group that the stalker has access to customers' account numbers or that the company's CEO is molesting his teenage son. (Visible, Vulnerable Target is a story of one cyberstalking victim's plight.)

To make sure you're in a proactive rather than reactive position, you need to do some due diligence before a cyberstalker targets one of your employees. Ask yourself:

  • Does your acceptable-Internet-use policy refer to cyberstalking and online threats?

  • Do you use monitoring software to capture incoming and outgoing online communications with employees?

  • Do you capture IP addresses of correspondents?

  • When an employee leaves the company, do you immediately block his access to the intranet or group E-mail addresses within the company?

  • Can you log intrusions and communications in real time?

  • Does your sexual-harassment policy reference Internet communications?

Just as most employers are addressing workplace-safety and crime-prevention issues, they must address cyberstalking as well. It may be the precursor to an offline attack of an employee or the beginning of attacks against a company or that company's executives.

Providing a safer work environment isn't only good risk management, it's good human-resource management and a morale booster.

Parry Aftab is a cyberspace lawyer, specializing in online privacy and security law, and she's also executive director of WiredSafety. She hosts the Web site and blogs regularly at

Continue to the sidebars: Understanding The Cyberharassment Problem and
Tips To Avoid Cyberstalking

To discuss this column with other readers, please visit the Talk Shop.

To find out more about Parry Aftab, please visit her page on the Listening Post.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights