Originally created 04/02/00

Boss may be sneaking up on you in cyberspace



At CoManage Corp., a computer software company in Pine, Pa., where the employees play Foosball and race remote-control cars when they feel like it, the boss doesn't read anyone's e-mail or worry whether someone is wasting time surfing the Web on a notebook computer.

As long as people get their work done, everything's cool.

"We call it the 'reasonable person policy,' " says Dave Nelsen, the decidedly relaxed chief executive officer. "We have no restrictions whatsoever on e-mail or Internet use other than to be reasonable. We believe that you can mix your personal life with business. It makes for happier, more productive employees."

It's the same "work-hard, play-hard" approach, he says, shared by many of the dot.com start-ups driving the new economy.

But Nelsen's attitude isn't shared by the majority of companies, where the rules of computer use in the office have evolved to mean management can -- and will -- snoop into your computer files and fire you for what you write, look at or even receive.

Last year, The New York Times fired 22 people at a pension office in Virginia for passing around potentially offensive e-mails, including some that a spokeswoman said included sex jokes and pornographic images.

A month earlier, Xerox Corp. fired 40 workers for spending work time -- in some cases up to eight hours a day -- surfing porn and shopping sites on the Web.

As e-mail and Internet use at work proliferates, more companies are making it clear through written policy that they won't put up with monkey business on company computers. Some, such as Ameritech, have a "zero-tolerance policy" on all personal use of equipment. Others, like CoManage, don't believe in any restrictions.

According to a 1999 survey by the American Management Association, the majority of U.S. companies monitor their employees in some way. Twenty-seven percent of companies snoop into e-mail, up from 15 percent in 1993. Of those companies that have electronic monitoring policies, 84 percent have informed their employees about them.

The National Workrights Institute in Princeton, N.J., says some companies have taken monitoring a step further, examining the Web sites their employees are visiting on their lunch hours.

Labor and workers' rights groups such as the Communications Workers of America and the Privacy Rights Clearinghouse are increasingly concerned about this brand of electronic spying, but companies say they're merely trying to protect their interests.

According to Vault.com, a company that reports on workplace issues, 54 percent of the companies it surveyed recently said they had caught employees browsing Web sites unrelated to work. And of 200 midsize and large companies surveyed by Websense Inc., a maker of filter software, a third reported having fired employees for misusing the Internet.

Federal courts have consistently ruled that companies own their equipment and have the right to control how it's used.

By now, enough of these high-profile horror stories have circulated that most office workers realize they shouldn't be sending nasty notes about the boss by e-mail or downloading naked pictures of Pamela Lee Anderson at their work stations.

But even the more innocuous messages people send and receive every day also are subject to monitoring and often can end up as evidence in discrimination lawsuits -- the dumb-blonde jokes, the Top 10 lists of stupid things downloaded from a Web site, that off-color joke about the priest and the hooker.

"There are three huge myths about e-mail," said Matthew Meade, a lawyer at the Pittsburgh law firm Katarincic & Salmon, who writes e-mail policies for companies.

"First is the 'presumption of privacy.' Obviously, you have no expectation of privacy. Second, 'deletion equals destruction.' But there is always a backup. Third, 'this stuff does not come up in litigation.' It does, all the time, particularly in sexual harassment cases, and it's great evidence."

So good, in fact, that some attorneys call e-mail the "smoking gun" of the 1990s.

The fear of such suits is the engine driving the race to install policies, even more than the need to check up on productivity or protect intellectual property.

The cyberspace experts say every company that has computers should have a policy, make sure employees know what it says and then monitor computer use to head off potential lawsuits.

"Employees should realize it's a BC -- a business computer -- and not a PC," said Kristin Accipiter, spokeswoman for the Society of Human Resource Management, a trade group in Virginia.

Policies are purposefully vague, and the repercussions of misuse vary according to corporate culture. Most companies don't have specific guidelines limiting online activity, for instance. But excessive Web surfing tends to be pretty obvious to a system administrator armed with tracking software.

When Compaq Computer fired 20 people in 1996, for example, the company could prove that each of the employees had logged onto porn sites 1,000 times.

That kind of chronic misuse isn't uncommon. A Nielsen Media Research survey revealed that employees at IBM, AT&T, Apple, NASA and Hewlett-Packard visited the Penthouse Web site thousands of times a month, according to Windows Magazine.

E-mails can be similarly tracked with special software that spares a system administrator from reading thousands of messages. One example is Interscan E-Manager, which Excello Specialty Co., an Ohio auto-parts maker, uses to flag incoming and outgoing e-mail for certain objectionable words.

If those words do turn up, however, firings are usually a last resort. A reprimand is often enough.

Under the Electronic Communications Privacy Act of 1986, an amendment to the federal wiretap law, companies can't monitor personal phone calls. Yet e-mail remains fair game.

It's a double standard that, as the National Workrights Institute points out, allows a company to monitor an e-mail conversation between you and your spouse that would be illegal to listen to were it a phone conversation.

What all of this means for employees is obvious: Assume you are being watched.

According to "Netiquette," a book by Virginia Shea that explores the ethical minefield of modern electronics communications, employees should consider every e-mail public information.

"Don't send anything over e-mail," the author cautions, "that you wouldn't want published on the front page of USA Today."