63% Of Corporations Plan To Read Outbound Email

John writes "Aviran's place reports that a recent survey of 332 technology decision-makers at large U.S. companies reveals that more than 63% of corporations with 1,000 or more employees either employ or plan to hire workers to read outbound email, due to growing concern over sensitive information leaving the enterprise through email."

Gentlemen don't read others gentlemen's mail...

[rd4tech]

The funny thing is... well, not so much funny as it is disturbing, signing an employment contract.

Remember that signature on that thick paper you've signed prior getting that high paid tech job? The one saying that everything you think of during working hours is theirs? The one that maybe is saying (in some cases) that everything you think on and off during working hours, while employed or 3 years after also belongs to them?

Well, it seems to me, and I might be way off here, that thinking up an email by an employee is in fact his company's property and hence, they have all the rights to read it, and it doesn't breaks anyone's right to privacy.

Can anyone with legal experience enlighten me on this one? Do the bastards have the right to do so, provided that one doesn't sign a document that explicitly states "you can read my email" but instead contains a fine version of "all your bases, off lunch hours, belongs to us?

Re:Gentlemen don't read others gentlemen's mail...

[Horrortaxi]

Can anyone with legal experience enlighten me on this one? Do the bastards have the right to do so, provided that one doesn't sign a document that explicitly states "you can read my email" but instead contains a fine version of "all your bases, off lunch hours, belongs to us?

I've never gotten the "sign here to allow the company to read your email" letter before, but over and over I've gotten the one that says "I understand that there is absolutely no guarantee of privacy when using company computers/networks. Company computers/networks are to be used only for company business. Personal use of company computers/networks is grounds for dismissal." I don't work for a Fortune 500 company, I work for a school district. What kind of trade secrets am I going to leak? 2+2=4? No Child Left Behind is a bad idea? But as anti-big brother as I am I think this is perfectly reasonable. While you're at work they own your ass--and they own the computer and they own the network. They have the right to do whatever they want with their property.

I was actually a juror on a wrongful termination case about a year ago. The plaintiff said she was fired because she was pregnant, but the defense was ready with all her personal emails she sent from work. Hundreds of them! Racist jokes, bullying/humiliation of coworkers, invitations to happy hour, bids sent to competing vendors (oops!), booking vacations, getting mortgage rate quotes, etc. Then they whipped out the "I understand that my email is not private at work and I can't use it for personal business and if I do I can be fired" document signed by the plaintiff and it was all over. This small company had actually fired a few people for email abuse already.

They pay you to work. If you send out the occasional personal email they probably won't give you static about it. But if you send so much personal email that they wonder when you have time to work there will be problems. There really shouldn't be any outrage about it.

Re:Gentlemen don't read others gentlemen's mail...

[xQx]

Being the sysadmin at a small company, I am the person who actually ends up reading people's email; and being a small company, the person who has to face the person who's email I just read.

The arguement is simple and well covered, the company owns the computer, your email, and anything you do on company time.

The only grey areas are 'does the company have the right to go through email you deleted', and 'does the company own something you did using company resources in your own time.'

I mix personal email with company email; as do many others...

I say openly to other employees "Yes, I can read your email. Yes, it's not private. Yes, we own it. BUT, The company and I don't care what you and your friends talk about and what you do on the weekend." If you're not trading secrets, resumes or bagging the company, even if we do read your email, we don't CARE.

If you're worried about privacy in a 1000+ employee company, remember this:

You're just not that important. :)

My company scans all email for buzzwords

[Average_Joe_Sixpack]

For example if I include the name of one of my company's products plus "bug"/"flaw"/"crash" then I can expect a follow-up scolding from HR. (I found this out the hard way) Course that's cake compared to the other spying and practices that go on.

This only works on the stupid

[Deagol]

Anyone really clever enough to cause serious damage from the inside can do better than email. Besides, draconian measures like this are ultimately self-defeating in the end. If you treat your employees with disrespect and distrust, the employee reciprocates with equal disloyalty.

I once worked at a small software firm (50 emplyees) and we "merged" with a larger one. What was once an open workplace of mutual respect quickly became one location of seemingly untrusted drones. The new corporate office demanded a firewall, so they could watch what we visited. They snooped people's Exchange folders. Etc.

It had never occured to me to betray my employer. But when they started treating us as untrustworthy, my fellow admins and I came up with all manner of methods to thwart the security measuress. It helped, of course, that we were privy to those measures, which we were sure to disclose to fellow workers who had no idea.

And you'd better be *really* thorough with that Acceptable Use Policy. :) Sure, you can watch what I visit on the web, but it may only *seem* innocuous. One user on the inside may be sending weird HTTP requests to a legit-looking site. But in reality, those requests are lines of an ASCII armoured PGP file (properly URL-encoded, of course).

I don't care if it's the company email server, on company time, yadda-yadda-yadda. And I don't care if the ream of paper I signed to put food on the table gives them the right to records phone calls, archive email, and takes ownership of portions of my brain -- 'cause they *all* do it these days. It's not outright collusion, but the end result is pretty much the same.

If the company expects me to interrupt home/private time for their beneift, they'd better damned well respect my privacy on the job, because there's little time to tend to personal affairs requiring 9-to-5 services otherwise.

"That badge don't make you right."

Even funnier

[YrWrstNtmr]

How many people take their work laptop home every day? Company doesn't want you to leave it on the desk...too easy to get stolen. So they get taken home every day.

Company secrets leaking out through email? Hell. 80GB walking out, as per company rules, in my backpack every single day.

Maybe justifiable action?

[snero3]

I used to work for a university in the MBA school. In order to get the best possible professors for our students we had to allow them to do consulting for large companies on the Uni's time as we couldn't afford to pay them what the going market rate was. This practice was regulated in that they could only spend 30% of their time consulting and they couldn't use any of the schools recourses (IE letter heads, websites, secretaries etc..). Now on the face of it this worked well for both parties as we got the best from industry plus the profs got the salary they had come accustom to. However, as human nature would have it, the profs got greedy and started abusing their position and students started to take notice that the very expensive course they had just paid for was suffering. So as IT we were charged with implementing all sorts of monitoring to gather evidence of these facts to weed out bad apples, otherwise the school would go bust and 100's of people would lose their job. The loss of privacy I can live with, the loss of a single mum's job because of a greed fat man I can't. If faced with that decision again, I would make the same choice in a heart beat.

There is also another good reason for this which is not entirely related to sensitive information leaving the company via company email and that is the sexual harasment/bulling. It is necessary to monitor email to limit this kind of activity before it blows up in your face. We recently did a audit of email boxes and found that 60% stored what would be considered (by law in Australia) as a offensive amount of porn that the company could be and would be held laibale for. What was worst was massive internal/external mail groups that were being sent to. I have no problem with porn (of the legal kind) just view it and send it on your own time. No one likes to see you spanking it at your desk!