Internet and email use: Know thy policies and what they mean
An interesting legal case surfaced recently that highlighted the fact that technology alone will not help you prove your case. On the contrary, as the outcome clearly showed, technology is only a tool. How it’s used and how you interpret the results is what counts.
The case involved an accountant working for Scottish and Southern Energy (SSE) who had been repeatedly warned about his internet use during office hours. Evidence provided during an employment tribunal in Glasgow showed that the employee had allegedly made “more than 27,000 visits to non work related websites”.
Even though the report does not say over what period these sites were visited, that is a LOT of browsing. With such damning evidence, surely this was a clear-cut case for the company? On the basis of that figure alone, the employee’s dismissal should have been justified. The tribunal, however, thought otherwise.
During the process, the company’s disciplinary office presented the employee and later the tribunal with a report obtained from the IT department that revealed the employee’s excessive internet use. Unfortunately for SSE, the disciplinary officer simply presented the report without providing a proper analysis and explanation of its content.
The tribunal’s view was that presenting the report alone, without properly discussing what it meant, was not enough to justify the dismissal. The tribunal not only found in favour of the employee but also awarded him nearly £40K.
This story teaches us a number of lessons.
- If you use technology to gather evidence, it is not enough to present a voluminous report without proper interpretation – and don’t leave the interpretation to a non-techie. If you don’t understand the report, there is little chance that your employee or a court or tribunal will do so either.
- Although it is not clear in this case, always make sure that employees are aware of what they can or cannot do with the technology. You cannot assume that they should know what the company’s expectations and requirements are.
- If you don’t have Acceptable Use Policies in place, you need to adopt these sooner rather than later. All employees should be aware of the policies and through the HR department, should sign a copy after they have read it.
- Leaving policies to gather dust on a shelf will not help. The IT team and management must work hand-in-hand to ensure that ALL employees are fully aware of their responsibilities and rights. Regular updates, possibly even a quarterly email, will keep them on their toes.
- Internal communication is essential. If disciplinary proceedings need to be taken against an employee, everyone involved needs to know what the process involves and what is required of them. If technical matters are involved, let your IT guys do the talking or at least fully brief the person who will be giving evidence.
About the Author: David Kelleher
David Kelleher is Director of Public Relations at GFI Software. With over 20 years’ experience in media and communications, he has written extensively for business and tech publications and is an editor and regular contributor to Talk Tech to Me.
Wow. Talk about shooting yourself in the foot. There’s one lucky employee. I wonder how much of that 27,000 visits was on Facebook. LOL
27,000 visits? Wow! Over what span of time I wonder? SSE was clearly in the right-it’s too bad their disciplinary officer’s cluelessness cost them the case and a good chunk of change!
It’s not fair for a company to be paying an employee who is doing something not related to his work, and excessively at that. This is why I think it’s ok to use activity monitors like auto screen captures on employees’ machines to log what they are doing on normal working hours. Some people think it’s invasion of privacy but i think any company has the right to do whatever their employees are doing on normal working hours.
You can not leave a pile of data for someone to interpret in their own way. Especially when they are not technically savvy.
While the employee was obviously browsing non work related sites, the timestamps would have been an important piece of the puzzle I believe.
It is also common for one page view to actually contain multiple views, depending on how laden it is with advertising etc (which look to outside domains). Some mailicious sites will cause a chain reaction of loading pages that climb in excess of 50 views if proper protection and blocking is not in place.
All of these can be used in the employer of the employee’s benefit in this case, depending on who is pointing to which column of data.
Thus it is critical to have protection in place, and provide good interpretation of data. Imagine giving your monthly stats to management as a big pile of spreadsheets. Who knows what they could read from that (other than they need someone in your role that can sort things better).
I can’t believe that the employee not only slacked off during office hours, but got paid a big fat paycheck in the process. There’s no excuse for that kind of behavior, but then again, I think the article points out a real good lesson.
The IT department literally dropped the ball in that court case, and probably without any supervision from management, failed to give any articulation to the report they had given the court.
I think the question in everyone’s mind is how long the employee had to visit 27,000 sites. If it ended up being as long as 27,000 days (as impossible as that may seem), that would simply be a visit per day (which I bet a lot of employees do anyway). Time makes the weight of the accusation relative.
It would be beyond ridiculous if that important information was the one fact excluded from the report.
I’ve actually read a news article where technology became the case winning piece of evidence. True story — a young man was accused of robbery, but after his Facebook status allegedly claimed that he was fighting with his girlfriend at the time, it was impossible for prosecutors to put him at the scene of the crime. His defense lawyers then subpoenaed Facebook to release documents proving that his Facebook status was indeed changed on the young man’s account using his computer at home. After the father verified the claim, all charges were dropped and the man was set free.
I guess technology doesn’t have to be the villain all the time.