Introduction to this document

Email and internet policy

It's important in all office-based workplaces to have policy statements on the use of computers, email and the internet at work and on using the telephone. Our email and internet policy includes provisions on acceptable use, social networking sites, downloading from the internet and email and internet monitoring.

Email and internet misuse

Statistics show that employees, on average, waste more working time on email and on the internet than on any other non-work related activity. Whilst you are probably willing to tolerate the odd bit of non-work related email and online access, the fact remains that you are paying the employee to work, not to shop online, etc. Our Email and Internet Policy sets out strict rules on the use of email and the internet for personal purposes. You can adapt this policy to suit your particular circumstances. For example, you might be willing to be more liberal in your approach to personal use or you might wish to provide that employees have no personal email and internet uses at all whilst at work. We've also included important provisions on social networking and video sharing websites and keeping "blogs". Finally, we've covered downloading documents and files from the internet (both legal and illegal downloads) and spam email, with particular regard to preventing viruses and malware

Big brother

To what extent can you legitimately monitor your employees to ensure they're not breaking the rules? The starting point is that it's unlawful to intercept an electronic communication on your own system. However, there are a number of business-related exceptions to this, including where the interception is to establish the existence of facts, ascertain compliance with regulatory or self-regulatory practices or procedures, ascertain or demonstrate the standards which are achieved or ought to be achieved by employees using the system in the course of their duties, investigate or detect the unauthorised use of the system, and for security reasons (to secure the effective operation of the system). Our policy statement sets out the right to monitor employees' emails and their use of the internet and a list of the business purposes for which monitoring will take place. You should always be fully transparent about monitoring and so inform employees in advance if monitoring of emails and internet use is to take place - and the purposes for and nature and extent of that monitoring. Our policy ensures employees are duly informed. Where you do monitor staff, put in place strict controls regarding the confidentiality of records created as a result of monitoring and only monitor to the extent that it's appropriate to achieve your particular business objective, i.e. make sure that you monitor staff in the least intrusive manner possible and that you infringe their right to privacy to the minimum necessary. For example, if the reason for monitoring is because you suspect an employee is sending and receiving an excessive amount of personal emails in work time, a report of the dates, times, senders and recipients and subject lines should suffice, i.e. monitoring the flow of emails rather than reading the actual content of them. However, where the work email account is a general business one, you should be entitled to have full access to all emails sent and received via that account, provided you’ve also created individual email accounts for each employee and they’ve been told that they must not use the general business account for personal emails.