Australian employers are increasingly concerned about when and to what extent they may monitor employees’ use of electronic media in the workplace. It is not simply a matter of productivity, which may be harder to measure in knowledge and information based industries. There may also be good reason to be concerned about the security of proprietary information and the risk of liability to third parties for problems as diverse as data theft, harassment and defamation.
Employees also typically hate the feeling that they are being “spied upon,” which leaves employers walking a very thin line.
Furthermore, workplace surveillance of employee emails is only a piece of the overall security puzzle. Fortunately NSW employers have relatively clear guidance under the the Workplace Surveillance Act 2005. These restrictions limit the monitoring of employees and the employees of any labour hire companies who may also work at your business. Although the guidance is fairly straightforward, applying it to the rapidly evolving universe of cyber threats can be somewhat difficult.
The Workplace Surveillance Act Requires Notice to Employees
Under the Workplace Surveillance Act, employers must give written notice to employees at least 14 days prior to the commencement of any workplace surveillance. If a workplace surveillance program is already in place, new hires must be notified before they begin employment. The notice must describe:
- the kind of workplace surveillance to be carried out (e.g. computer, camera or tracking);
- how the workplace surveillance will be carried out;
- when the workplace surveillance will start;
- whether the workplace surveillance will be continued or intermittent; and
- whether the workplace surveillance will be for a specified limited period or otherwise.
The notice may also reduce the resistance of employees to monitoring.
Employers Must Have an Up-to-Date Email and Internet Policy
At the outset, employers should make clear that the emails and computers in the workplace belong to the employer. Security is one of the most important reasons not to permit employees to use their own devices for work purposes.
The policy should explain how to report disputes, complaints and grievances. It should also address how the company will deal with inappropriate behaviour, bullying, victimisation, discrimination and harassment in relation to the company, its employees and workplace, including any action that may be taken to resolve disputes, complaints and grievances.
In addition, employers should make sure to include clear statements that cover the following issues:
- What employees may and may not do with email;
- What kind of information the employer can gain access to, and where this information will be stored or made available;
- How the employer intends to deal with the risks of improper email use to colleagues, the security risks to the business and its confidential information and the risk that the employer may become legally liability to third parties; and
- The procedures for ensuring, enforcing and encouraging staff compliance.
Because internet technology moves at nearly the speed of light, your business solicitor should review the email use policy at least every 12 months to ensure it stays abreast of new technological developments.
Because workplace surveillance of employee emails is only part of the overall electronic security issue, your business should also be aware that other laws may be relevant, including those regulating video monitoring of employees and the electronic storage of sensitive employee information in personnel files.
Get the Help From Us
At Owen Hodge Lawyers, we would like to work with you to ensure that your workplace is protected from the rapidly-developing security risks that have arrived with the internet age, including the need for workplace surveillance of employee emails. We are also mindful that the most productive workplaces must also be harmonious places where workers feel protected from unwarranted intrusion.
Call us today at 1800 770 780 or contact us via [email protected] for a free consultation about how best to address your electronic security needs in compliance with the law, while balancing employees’ protected rights.
