Employee Email and Internet Abuse

‘Tis the season to be merry! As the new year approaches, staff embark on that obligatory end-of-year go-slow. You stumble across evidence that instead of franticly ticking off their end-of-year objectives, your employees are spending Company time surfing the web and socializing on social media. Your internet is being eaten up in illegal downloads as they madly accumulate all the latest blockbusters for the kids to watch on holiday. And when they’re not browsing YouTube they’re merrily sharing countless jokes, video clips, photos and hug me bears on Facebook with their friends and family. Your immediate reaction may be to task your IT guy to investigate who the transgressors are and to prepare their walking papers. However, in light of the Regulation of Interception of Communications and Provision of Communication-Related Information Act (yes, we also question how the drafters dreamt that name up!), this may not necessarily be a wise move. In terms of this Act, you are not allowed to intercept your employees’ communications without their consent. Even if they are using Company infrastructure. Disregard this seemingly innocuous piece of law at your peril: you could face a fine of R2 million or 10 years in prison.

This little issue of consent can be easily solved, however – by ensuring that your Employment Contracts contain the requisite consent for the company to intercept all communication that flows through the Company’s infrastructure.

Now that the employee’s written consent is obtained, your IT guy can happily compile reams of reports on what your employees are up to. The next issue is: what to do with this information? Whilst you are understandably fuming over this apparent waste of Company time and money, your staff may be blissfully unaware of the detrimental effect their actions are having on productivity and Company resources.

Disciplinary proceedings can only be instituted if:

  1. there is a company standard, rule, instruction, code or policy in place
  2. it was communicated to your staff
  3. the employee concerned breached the standard, rule, instruction, code or policy
  4. the employee knew / should have known that his/her conduct was wrong or unacceptable.

A clearly defined Computer Usage Policy can be implemented to set out issues such as:

  1. limiting use of the Company’s infrastructure to company-related business;
  2. limiting personal use of company infrastructure, with strict prohibition on certain actions such as downloading or distributing pornographic or illegal material, sending or receiving excessively large attachments, and limiting or prohibiting time spent surfing the internet or engaging on social media;
  3. informing staff that their email and website usage is being monitored at all times.

In Summary: Ensure your Employment Contracts contain consent for the company to intercept the employee’s communications. And make sure you have an appropriate Computer Usage Policy in place so that staff are aware of what is and isn’t acceptable use of the Company’s infrastructure.

Please note that this information is supplied for general information and does not constitute legal advice. It is advisable for you to contact a legal practitioner for guidance in respect of your unique requirements.