How carefully are employees' privacy rights protected?
Privacy issues in the workplace used to be straightforward, dealing with little more than the employer's right to open employees' mail, check their references or search their bags, purses and lockers. Technology has changed that.
Workplace surveillance, an employer's access to medical information and more recently accessing employees' computer files, intercepting electronic mail messages and monitoring Internet surfing are new examples of the erosion of employees' privacy rights.
"Surfing the Net" during working hours is increasingly a problem.
Difficulties have arisen when employers invade employees' privacy by intercepting private communication, and later use that information as either the basis for discipline or to accumulate confidential information about the employee for other purposes.
As an employer, it is important to develop company policies to include provisions on what is acceptable Internet usage, including a prohibition against personal use.
In one recent case, an employee threatened to sue her employer because a co-worker gloated about her dismissal on a chat line. Employers have the right to insist their employees use their workdays to work, not to participate in chat lines.
Prohibited activities should specifically include downloading of pornographic or offensive material, hate materials and copyrighted material. Basically, any activity or material that does not relate directly to the employee's job description and/or the company's business should be included in the policy. If it is violated, employees should be disciplined so the employer cannot be alleged to be vicariously liable for the conduct.
This policy can assist by addressing some of the problems resulting from the availability and abuse of the Internet in the workplace. If an employee downloads pornographic material and transmits it throughout the office, the employer might be vicariously liable for claims of sexual harassment or criminal misconduct, especially if the employee is managerial.
E-mail messages are also fraught with difficulty. Can employers intercept them?
If E-mail communications are found by a court to be "private communications", it's arguable that anyone intercepting them could be criminally liable. The law as to whether E-mail messages are private communications that could create criminal liability remains unclear.
If an employee uses a password, he or she would have a greater expectation that communication will be private. There is then a stronger argument that an employer's interception might be criminal.
A report by Ontario's information and privacy commissioner supports the argument that employers do not have the right to intercept employees' personal messages. The report also recommends two-tier storage for E-mail: one for the employee's personal information and the other for business information, which would be accessible to employers.
These messages are inter-office communications intended to be used for business purposes. Although the law remains unclear about this, it is my view that an employer probably has the right to intercept such communication. This is especially true if the employer has legitimate concerns about illegal activity, improper conduct or even abuse of E-mail.
Employers should have written corporate policies establishing that management reserves the right to intercept E-mail communication either generally or in clearly defined circumstances. That policy should be given to employees in advance. Employers that have done that will have the right to monitor E-mail in the manner they have defined.
The law will evolve case by case as a balancing act between the employee's right to privacy and the employer's right to monitor and control the workplace.
Over the next several weeks, I will examine other aspects of workplace privacy.