Internet Usage Policy

Can Social Media Contribute to a Hostile Work Environment Charge?

A Tweet is just a Tweet, right? Not if that Tweet is part of a series of harassing messages or interactions that one employee directs at another. As a supervisor, you’re likely well aware of the factors that define a hostile work environment allegation. It might be an employee’s persistent racially-motivated jokes or a supervisor who is openly hostile to Hispanic workers. But do those same criteria apply when the comments are made on a social network, like Facebook or Twitter?

Social networking sites give employees a new avenue for expressing themselves, and that includes expressions of discrimination, from racial slurs to sexual innuendo. To find out how courts might handle social media comments in this context, let’s consider this hostile work environment suit from the early 2000s:

The Case: A female airline pilot sued her employer, Continental, and fellow male pilots for defamation, intentional infliction of emotional distress, and sexual harassment. She alleged the harassment took place, in part, on a “Crew Members” online forum, which was accessible to all company pilots and crew members. The airline argued it was not liable because the harassment did not occur in a physical space under its control.

The Result: A New Jersey court found that the online forum was not a physical location, but it was so closely related to the workplace and, what’s more, it benefitted the employer. As a result, the forum could be considered part of the workplace. The court also stated that even though an employer is not required to monitor all private communications between employees, a company does have a responsibility to stop harassment in workplace related settings. 

So what can employers do to protect themselves from social media misuse?
[click to continue…]

{ 0 comments }

The Computer Fraud and Abuse Act: Employer FAQs

Did an outgoing worker copy client data files and use them for his or her new job? Has an employee accessed a company database to obtain a fellow employee’s home address? If a worker taps into business data without authorization or exceeding the authorization they’ve been granted, the Computer Fraud and Abuse Act may give you recourse for legal action.

What is the Computer Fraud and Abuse Act?

Also called the CFAA, this federal law prohibits individuals from accessing computers without authorization or in a way that exceeds authorized access. The law was passed in 1986 and has been amended numerous times since.

Can employers use the CFAA to bring action against employees who access data without authorization?

Yes. In fact, a number of recent court decisions have supported employer use of the Computer Fraud and Abuse Act:

  • A Social Security Administration employee was accused of using SSA databases to access information about women he knew. For instance, he looked up data regarding his ex-wife’s earning history. The worker also used the databases to locate the address of a woman he was interested in so he could send her Valentine’s Day flowers. The man was convicted of 17 counts of violating the Computer Fraud and Abuse Act, and the the 11th Circuit Court of Appeals upheld the conviction.
  • An IT employee in a Michigan advertising firm accessed confidential information regarding the company’s CEO. When the worker shared the files with company management, allegedly to reveal the firm’s computer security weaknesses, she was fired and the police were notified. She was later convicted of Computer Fraud and Abuse Act violations and was ordered to pay the company restitution. The conviction was upheld on appeal.
  • The 9th Circuit Court of Appeals has ruled that “any person who obtains information from any computer connected to the internet, in violation of [an] employer’s computer-use restrictions, is guilty of a federal crime.”

How can I protect my business from employees who steal data?

Don’t take it for granted that workers know what they can and cannot do with information collected and maintained by the business. Take time to review and update the company’s computer and data use policy. Examples of what to include in a computer and data use policy might include guidelines that prohibit:

  • Obtaining access or hacking into systems the employee is not authorized to use;
  • Using another employee’s log-in or password to access information;
  • Breaching or monitoring computer or network security features.

The Computer Fraud and Abuse Act may provide the recourse you need when an employee accesses company data without or exceeding authorization. Give the company the best chance of success in those cases by having a clear computer and data use policy in place and ensuring employees are aware of the policy.

 

Dianne Shaddock is the President of Easy Small Business HR, Employee Hiring and Managing Tips and the author of the ebook “How To Supervise:  What Your Boss Never Told You Before You Took the Job“,  A Step-By-Step Guide For New and Seasoned Managers.


 

{ 0 comments }

Writing Your Own Social Media Policy: Sample Social Media Policy Guidelines

There’s a growing interest from employers who are looking for help with developing guidelines around social media usage, including help with developing a social media policy.

I scoured the web to find the 411 on the latest information on guidelines around social media and found an interesting article from the Delaware Employment Law Blog, published by the law offices of Young, Conaway, Stargatt, and Taylor, LLP.

You’ll find some great social media policy samples from an interesting mix of companies in the article,  Sample Social Media Guidelines.

Be sure to read the following articles in order to get some additional perspectives on social media use at work:

Email and Internet Use at Work– A Right or a Privilege?

Tips for Preventing Issues With Social Media Use at Work

10 Must Haves for Your Social Media Policy

If you have concerns about how much time your employees are spending on the Internet, or about the type of confidential business information Essential Computer Security: Everyone's Guide to Email, Internet, and Wireless Securitythat may be leaving your company via email, check out my email and internet security recommendation.


{ 1 comment }

Email and Internet Usage at Work- A Right or a Privilege?

Employees spend on average 8 hours or more a day on the job working at least 5 days a week.  Is there any harm in allowing staff to use the email or the Internet on occasion?

Your employees may not be aware of the fact that the email account that they use on a daily basis is not private and that their Internet usage can be monitored.

Many of your staff may even assume that because they were assigned an email account, (with their name as part of the email address), that this makes the email account personal, even though access was issued as part of doing business on behalf of their employer.

Case in point:  An employee who resigned from a company that I worked with contacted me a few weeks after leaving to ask if he could get access to his email account as he had “personal” information that he absolutely needed to retrieve from his account.  This former employee could not understand why we would not allow him to have access to the personal information that he had stored on the account.  After all, it was his email account.  He believed that the company did not have the right to deny him access to the account, even though the account was issued as a standard part of doing business and not for personal use.

It is a privilege to use email and the Internet at work for personal reasons if you as the employer chooses to allow it since the access is being given to your employee for business reasons.  Employee use of email and the Internet at work for personal reasons is not a right.

This does not mean that you as the employer shouldn’t allow employee Internet and email use for personal reasons.  It just means that you have the power to decide how these tools will be used as an every day course of business.

Many of your employees would be surprised to learn from you that accessing the Internet or email for even just a few minutes a day is considered inappropriate at best and may even be viewed as stealing time and resources from you.

Employers don’t always clearly communicate their expectations around email and Internet use at work.  Most don’t have clearly written policies, Create Your Own Employee Handbook: A Legal & Practical Guide for Employers(or any policy), on email and internet usage at work.  It’s no surprise that employees aren’t aware that they may be crossing the line when it comes to using email and the Internet for non-business purposes.

Although you may believe that employees should inherently understand this, many don’t.  Some employees may see no harm in spending a minute or two checking a website on the Internet, or emailing a friend as part of their break time.

The easy solution is to make sure that you have a simple, clearly written policy on your company’s position on email and Internet use at work.  You then need to make sure that your employees read and understand the policy by having your employees sign off on the policy.

If you are taking the position that employees under no circumstances should use email or the Internet at work for personal reasons, put it in writing and then communicate the policy to all staff.

If your company is more flexible with employees using company email and the Internet for personal reasons, outline your expectations about when it is ok to use email or the Internet at work and for what purpose.  Put these expectations in writing and communicate your expectations to your employees.

You’ll want to also include your expectations as to what types of websites employees are not permitted to access such as pornography or gambling websites and that employees should not use their business email to send spam or chain letter forwards.

Make sure that you don’t file the policy away on a shelf to collect dust.

It’s a management best practice to communicate key policies to employees at least once a year in order to ensure that all employees are familiar with the policy.

Dianne Shaddock is the Founder of Easy Small Business HR, Employee Hiring and Managing Tips.  Through the Employee Hiring and Managing Tips podcast, blog, and weekly ‘quick tips’  e-newsletters,  Dianne offers expert advice on how to make better hiring decisions, manage difficult employees, develop employee policies, motivate staff, and so much more.   No stuffy, corporate HR policy lingo; but straight forward, easy to understand and implement advice for businesses just like yours.  Stay ahead of the curve and go to Easy Small Business HR for more tips on how to hire and manage your staff effectively.

{ 0 comments }

← Previous Entries