by Merlin Hernandez

With reports of inappropriate online activities by employees, and suspected lost productivity and data breaches because of it, numerous software applications are available to monitor employees’ internet use. The practice of non-work browsing remains of major concern to both employers and employees. The essential conflict revolves around the employer’s need to ensure a high level of productivity and employee assertions that their privacy should not be violated.

It is predominantly unregulated territory with federal laws that are not well-defined and/or do not go far enough. There is the tendency to lean more in favor of employers – courts have held that employees do not have a reasonable expectation of privacy in e-mail while employers are expected to review e-mail messages on their networks in order to defend against any charge of vicarious liability in cases of sexual harassment. A 2007 survey by the American Management Association and the ePolicy Institute found that two thirds of employers monitor their employees’ website visits…and 65% use software to block connections to websites determined to be inappropriate like those with sexual content, shopping, sports, and social networking. In some states, the employee needs to be notified of the monitoring, especially if it is used for future training purposes. Some employers do notify about computer and telephone monitoring, as a matter of course, through memos, handbooks and union contracts. But in most cases, the employee only discovers the monitoring during a performance evaluation exercise.

The conventional wisdom is that the employer, as owner of the equipment, has the right to know what activities are conducted on their computers. There are some clear restrictions, however. Union contracts may limit the employer’s right to monitor, while public sector employees may have some protection under the Fourth Amendment which safeguards unreasonable search and seizure. In addition, according to a New Jersey Supreme Court ruling in March, 2010, an employer can be in violation of the privacy rights of an employee by reading password-protected e-mails that fall under the category of “protected communication” as that between an employee and his/her attorney.