|
|
|
FW: YOU'RE FIRED
That blue e-mail joke you forwarded this morning could mean a pink slip this afternoon. If you think your office e-mails are private, you could be in for a career-damaging surprise.
Fred Jones (not his real name) doesn't really un- derstand how network computers work. But for many years, he's made a nice living selling them. His strength is that he knows how to keep customers happy. If you like bars, he'll take you out drinking. If you smoke, so does he. And if you enjoy dirty jokes, he's got a million of them. "The jokes are part of my sales kit," he says. "My buyers love them."
And so, when a co-worker put him on a dirty-joke e-mail-distribution list two years ago, Jones started forwarding the good ones to clients who appreciated that sort of thing. He isn't ashamed of it. Over lunch, in fact, he shows me a thick binder stuffed with print-outs of his favorites. Some are over the top. But most aren't too different from the mass-forwarded flotsam that clogs corporate e-mail inboxes. In one typical cartoon, for instance, a male student tells a woman with an oversized bosom: "You're blonde, you have big tits. Why are you wasting your time in college?"
Jones says clients liked the jokes. "If they didn't, they would have told me," he says. "But I never had a problem. Got notes back saying, 'Those are funny. Keep up the good work.' Passing around the jokes was a way to help build up relationships. It's not something I thought about. If the client was happy, I figured I was doing my job."
But that's not how his boss saw it. Despite consistently good performance reviews and maxed-out annual bonuses, Jones, 50, was fired last year. Two other dirty-joke aficionados at the firm were let go at the same time. Unknown to the trio, the company had been monitoring their e-mail for months, following an investigation that began after a customer complained about an e-mail that had Jones and his friends on the recipient list. "
Can you believe it?" asks Jones, who for business and legal reasons spoke to me on the condition that his real name not be used. "I had a corporate credit card. I was allowed to take customers to strip clubs to see real live naked women. But sending those same customers [cartoon] pictures of naked women - that gets me fired."
This year, Jones found new employment in the same field, but not before spending six idle months drifting in and out of depression and alcohol abuse. "The day I was handed my termination letter, I was stunned," he says. "I was [numb] driving home. I parked in a shopping mall and cried for about an hour. Then I went to a liquor store and bought a bottle of Canadian Club. I just remember getting home and sitting in my living room feeling worthless, drinking doubles.
"They're jerks," he adds. "[My firing] didn't make sense then. And it doesn't to this day."
I was troubled by Jones' story: Can sharing dirty jokes and cartoons with your pals really be a firing offence? His plight got me thinking about the do's and don'ts of corporate e-mail. What's acceptable? What's not? What do companies say? What do lawyers say? What are the limits to personal privacy? According to Forrester Research Inc., a technology research firm, the typical e-mail user sends between 1,500 and 4,000 messages every year. But while most of us know the basics of netiquette - that it's rude to "shout" in all caps, for instance - very few of us seem to have much clue about what our corporate bosses and their lawyers consider out of bounds.
Am I vulnerable? It would seem so. When I got back to my National Post office after meeting Jones, I entered a common four-letter word into my e-mail-program's search engine. My "Sent Items" folder yielded a dozen hits, including a few jokes Fred Jones would appreciate and a colourful ramble about a colleague who had inflicted a reactionary rant upon us in that morning's news meeting. Those were just recent gems - my files go back only two months or so. Had I searched through the full archives, I would have dug up hundreds more. If my boss were to look through my account with a view toward reclaiming my cubicle, he could find justification enough 10 times over.
I admit all this freely - for I represent the rule, not the exception. Human resources officers will not go on record to discuss the prevalence of outlaw e-mail: None are eager to admit to presiding over a largely unenforced code of conduct. But it is clear from numerous casual interviews that many workers - perhaps most - either have not read their employer's e-mail-usage policy or knowingly flaunt it. This comment from a friend of mine near the top of the Microsoft corporate ladder is representative: "I think our policy is 'business-use only.' But I'm not really sure. Virtually everyone I know uses e-mail for personal reasons because it's so convenient. A few years ago I got a copy of Bill Gates' Christmas list by mistake, so it appears that this is the case all the way to the top. I figure as long as I'm getting my work done and not doing anything illegal I should be okay." Indeed, misuse of corporate e-mail has become the Internet equivalent of jaywalking: It is a misdemeanor so widely practised and tolerated that many staffers are outraged when someone actually calls them on it.
"The classic pattern is that the employee feels he's been blindsided" when accused of wrongly using e-mail, says Jones' lawyer. "When I'm defending an employee, I [argue] that this is behaviour that has been condoned. Often you'll find that, upon close investigation, the employee who's been disciplined has been sending e-mail jokes to his superiors for months. If that can be exposed, the company is vulnerable, because they are cherry-picking as to who is being disciplined."
Jones' case is typical. "See this e-mail," he said after he opened his binder of print-outs to a page marked "FW: Nudist Colony Joke." "Look at the 'To' field. There are 26 people on the distribution list. At least four are managers. This guy had 30 or 40 people working under him. So did this guy. By God, if we got nailed, they should have got nailed - for not telling us this was against company policy."
As I stared at my computer screen showing my archive of four-letter words, I started to wonder if the Post had issued edicts on e-mail do's and don'ts. I looked for my employee handbook, which, like most employee handbooks, lay unread at the bottom of a desk drawer. Here's what it says: the Post's e-mail system is "available for business purposes only" and staffers "must refrain from inappropriate usage." What are the consequences if management finds out just how inappropriate I can get? I don't know. The handbook doesn't say.
According to employment lawyers who see these cases, instances of workers being disciplined for e-mail misuse almost invariably fall into one of two categories. The first involves those who make profane, demeaning or threatening comments about co-workers. The second includes those who receive obscene jokes, cartoons and the like from one source and then forward them with minimal annotation ("This is funny!") to buddies and colleagues.
Off-colour taunts, jokes and gossip are common features of water-cooler discourse, too, of course. But the medium makes all the difference here. A water cooler has no ears - and no memory. Every letter of its virtual equivalent, however, ends up on a corporate hard drive. And because e-mail messages take the form of written text, they are utterly decontextualized from disarming cues transmitted through body language and intonation.
In other words, by combining the casual dynamic of friendly conversation with the cold, dehumanized permanence of a computer database, e-mail presents a unique trap. Think about every bar-room conversation and powder-room gossip session you've had being transcribed and printed out for your employer's perusal. That's what a corporate e-mail system looks like to your sense of privacy. As Cardinal Richelieu said four centuries ago, "Give me six lines written by the most honest man, and I will find in them something to hang him."
Yet the risk is entirely avoidable. Typically, an Internet-equipped worker usually has the option of using either his or her company's proprietary e-mail system or a free e-mail service like Yahoo! Mail, which is accessed through a Web browser. Although an IT department will know whether an employee has been visiting, say, http:// mail.yahoo.com, Big Brother will not know - absent unusual oversight measures like real-time monitoring of a user's computer activity by an actual human - the contents of the messages the staffer sends and receives. Moreover, if an employee uses an anonymous account to send messages to co-workers, the Internet service provider will not be required to divulge the sender's identity without a court order. Given this, why would anyone - even an e-mail addict - use a corporate e-mail network to traffic in questionable material?
American University linguistics professor Naomi Baron, author of the recent book Alphabet to E-mail, thinks she knows why. "What individuals do when they come to use e-mail is they create their own understanding of whether e-mail is more like speech or more like writing," she says. "The kind of messages they construct reflect those understandings. People who have been using e-mail for a long time and who essentially use it as a replacement for the telephone typically see e-mail as speech.
"In order for someone to listen to our phone calls, they have to have a warrant," continues Baron. "You can't just willy-nilly listen in on someone. Because, in so many contexts, e-mail has replaced the phone, we develop a mindset that says the rules for e-mail must be the same as the rules for the phone or a face-to-face conversation, because I'm doing the same kind of thing with the same informal style. Patterns of usage define our mindset, even though, intellectually, we know better."
To get a sense of how difficult it was to catch Fred Jones, I visited Jeff Michea, a systems-support analyst for the National Post. Using my own account as a guinea pig, I wanted to see how employers can monitor the e-mail traffic of their workers. The demonstration didn't take long: about 30 seconds. "If this were for real, I wouldn't initiate the search without direction from on high," says Michea, as he boots up the e-mail administration program. "The order would have to come from [the editor] or someone close to that level." After engaging the message-tracking feature and selecting my name from a user menu, Michea's screen fills with a list of every message I had sent in the last week, including some I had "deleted."
Those quotation marks are necessary because the word, as used in the context of corporate e-mail systems, is a misnomer. It is generally impossible for a regular user to completely expunge an e-mail message from the system once it has been sent or received. "The complete text of recent messages are on a back-up tape," says Michea. "The way we have it now, it would take a while to get at them, but it's all there." As he says this, it occurs to me that he hadn't asked for my password.
While the Post - at least to my knowledge - is a relatively trusting employer, others are not. In fact, the number of companies that regularly peek at the e-mail activity of their workers is increasing. In a recent American Management Association survey of over 2,000 large U.S. firms, 38% reported that they "store and review" employee e-mail messages - up from 27% in 1999 and just 15% in 1997.
Some firms go further than mere "review." By arming e-mail servers with automated "sniffing" software, a company can vet incoming and outgoing messages in real time as they pass through the system. The suspect messages tagged by the sniffer are either saved to an archive, forwarded to management or both. "With sniffing, the users we see most are companies concerned about intellectual property leaving the company via e-mail," says Robert Kusters, a marketing manager for Sniffer Technologies, a business line of Santa Clara, Calif.-based Network Associates Inc. "The client programs the software to identify specific terms used to describe the firm's [proprietary] technology."
However, adds Kusters, "It can also be programmed to identify obscene messages. And a 'utilization filter' can be programmed to identify users who over-use [Internet] applications.... Once an over-user is identified, [his or her] activity can be scrutinized more closely."
As well, companies can use filtering software to block messages that contain key words. According to U.S.-based Trend Micro, these terms are the most commonly targeted by companies: Cyber Sex, Earn Unlimited Income Working At Home, For Adults Only, Lose Weight Fast, Get out of Debt, Earn $$ Fast. In most cases, the object is to prevent mass e-mail messages from entering the corporate system.
Right now, very few corporations use sniffing programs for e-mail analysis - as few as one in a hundred, estimates Kusters. But that will soon change. Why? Because lawyers now routinely demand e-mail disclosure as part of the discovery process preceding corporate litigation. So the stakes have become much higher than simply catching potty mouths. "As companies have increased their reliance on computer systems, lawyers have begun to recognize the electronic treasures that are being kept in these systems," says Alan Gahtan, a Toronto lawyer, who recently wrote Electronic Evidence, a book on the use of electronic evidence. "[Lawyers] have started to target electronic data for discovery in all types of litigation cases."
One such treasure, says lawyer Jeffrey E. Goodman, a partner with the Toronto office of Heenan Blaikie, who has written widely on the issue for legal and human resources trade publications, "comes from the incident involving Rodney King, in Los Angeles. One of the most damaging pieces of evidence in the second trial was a record of an e-mail message sent by one of the officers to his fellow officers on the night of the incident, remarking on the severity of the beating they had administered to Mr. King."
In Canada, we have yet to see a civil litigation case in which an e-mail played the role of smoking gun. But the United States has seen several. According to Samuel Thumma and Darrel Jackson, authors of "The History of Electronic Mail in Litigation," an article that appeared recently in the Santa Clara Computer and High Technology Law Journal, more than 375 reported cases "in which e-mail played a significant role in resolving the issue" were reported from 1997 through the first six months of 1999. More than a few involved managers who said things in e-mails they would never dream of putting on corporate letterhead. Their lack of awareness "ranges from the careless to the obscene," says Goodman.
Such carelessness was on display in the U.S. government's anti-trust suit against Microsoft Corp. In this instance, e-mail messages between Microsoft executives were used to bolster the Justice Department's assertion that the software company had used its monopoly in PC operating systems to try to monopolize the Web browser market with Internet Explorer. In January 1997, for instance, in an e-mail later surrendered to government lawyers, Microsoft senior vice-president James Allchin told fellow vice-president Paul Maritz, "I do not feel we are going to win on our current path. We are not leveraging Windows from a marketing perspective. We do not use our strength - which is that we have an installed base of Windows. Pitting browser against browser is hard since Netscape has 80% market share and we have less than 20%. I am convinced we have to use Windows - this is the one thing they don't have." And in response Maritz said, "If you agree that Windows is a huge asset, then it follows quickly that we are not investing sufficiently in finding ways to tie [Internet Explorer, Microsoft's browser] and Windows together."
But didn't the police officers involved in the Rodney King trial have the right to shield their e-mail from prying eyes? Didn't the Microsoft execs? Doesn't Fred Jones? Don't I?
Apparently not. "There isn't a lot of legislation that protects privacy rights," says David Elenbaas, a labour and employment lawyer with McMillan Binch in Toronto. "Many employers will make it known to their employees that they do monitor their e-mail. [But even] if they don't, I don't think there's anything unlawful about it in Ontario." The situation is similar in other jurisdictions. "In Canada," says Sunny Handa, an IT lawyer with the Montreal office of Fasken Martineau DuMoulin, "there are no common law reported precedents protecting an employee's e-mail privacy. Of course, Quebec has a civil law system with general privacy protection in place. But even in that province, it is unclear whether the law protects an employee's e-mail from his employer's eyes."
Although Canadian courts have yet to deal with a case directly on this point, American courts have. Consider Michael A. Smyth v. The Pillsbury Company in 1996. In this situation, a district court made the following ruling: That a company that fired an employee after snooping on his e-mail account had not engaged in tortious invasion of privacy despite the fact the company had repeatedly and explicitly assured employees that all e-mail communications would remain confidential and privileged. "We do not find a reasonable expectation of privacy in e-mail communications voluntarily made by an employee to his supervisor over the company e-mail system," wrote the court. "The company's interest in preventing inappropriate and unprofessional comments or even illegal activity over its e-mail system outweighs any privacy interest the employee may have in those comments." Why was the employee's e-mail being monitored? The court's judgment didn't say. And, as the law now stands, it doesn't matter. In the United States and Canada, a company can monitor its employees' e-mail at any time for virtually any reason.
As to the question of what management can do to an employee once it finds nasty messages, the answer depends on the content of the e-mail and the names on the recipients' list. If the sender broadcasts a filthy message indiscriminately, it may be construed as a form of harassment. "Is there any difference between that and the person who puts the Toronto Sun pin-up on his workstation?" asks Elenbaas. "There's probably none - and I think [in both cases] it could constitute harassment. The definition in Ontario under the human rights code, [like] the definition in other jurisdictions, talks about conduct that's known or ought to be known to be unwelcome."
On the other hand, even if a message is deemed objectively offensive, courts will generally not view it as evidence of harassment if the recipients are complicit buddies. In Canada, the leading case is the 1996 British Columbia Supreme Court decision in Di Vito and Mathers v. MacDonald Dettwiler & Associates Ltd.
In this instance, the court found that a man who had used his employer's e-mail system to send his friends a transcript of an Andrew Dice Clay monologue about a sex act performed with an obese woman - altered so that it referred to an overweight female co-worker - did not deserve to be dismissed for sending the e-mail. However, because the man had lied during the investigation about his knowledge of the distribution of the e-mail, the court ruled in favour of his employer.
But if a company has a strict e-mail usage policy, management does not have to prove harassment to justify firing a naughty e-mail user. In fact, management can often hang an employee with no more noose than a handful of mildly titillating messages. A case in point is a 40-year-old technician at a Mississauga, Ont., engineering firm, whom I'll call Ron Wilson (he would only agree to an interview on the condition his real name not be divulged). He was fired after 13 years of service because he e-mailed pictures of Cindy Crawford in a bathing suit. Unlike Fred Jones, who openly admits to having sent hundreds of naughty messages, Wilson says he sent only three: "A manager calls me into his office and pulls out [copies of] the e-mail I sent. He asked me if I had sent this. I said: 'Yeah - but so what? There's no harm in it. It's just a joke.'" Wilson was terminated on the spot. "The manager said I had been given warnings," he says. "That's true - but only indirectly. They had put out a written memo a long time before, saying e-mail was for 'work purposes only.' But I didn't take that seriously because everyone was doing it. Everybody...."
"All I was doing was sending a few jokes around the office," he adds. "I guess I was just the one who got caught. They made an example of me."
Ken Lumbert is another victim of zero tolerance. He was one of the 250 Michigan-area workers for The Dow Chemical Co. who had been disciplined in July for improper e-mail use. Lumbert, a 31-year-old electrician, received a two-week suspension. He also had a letter placed in his personnel file indicating that he "transmitted... inappropriate material, totally unrelated to work, using the company's e-mail system" and that his conduct "constitute[d] potential just cause for discipline up to and including the termination of employment." His offence? Sending friends two images: one, a photo of six women in bikinis; the other, a picture of a set of false teeth placed over a woman's private parts, alongside the label "man's greatest fear."
Brent Rayce, another Dow electrician, was also suspended. His offense? Forwarding a picture of a breast with a cartoon Smurf attached to it. Read the caption: "Happy Smurf."
Rayce and Lumbert got off easy when compared with 50 of their colleagues who had sent material deemed more offensive, like X-rated pornographic images. They were fired outright. "It's hurt me emotionally enough that I can't imagine what other people are going through," Rayce told a local reporter in July. "Some of these other guys have been basically tattooed on their heads with a big P for 'pervert.'"
Fred Jones has my sympathies. It's easier to empathize with a down-on-his-luck worker than with the faceless company that fires him. But, to be fair, it should also be recognized that corporations are in a bind. Even if managers have no interest in holding an employee to the letter of the firm's e-mail usage policy, they sometimes have little choice. If a co-worker or third party accuses an employee of sending offensive e-mail, management must be seen to act. Otherwise, the company is vulnerable to the accusation that it is condoning the sender's behaviour.
A situation that arose at the National Post this year is instructive. When the newspaper was under fire from letter writers for publishing a series of news articles and commentary pieces critical of the Tamil Tigers' and their alleged affiliates, certain Post reporters were bombarded with angry e-mail messages. One recipient, exasperated because he had not written any of the controversial articles, fought back. "Is it your company's policy to allow employees to send junk e-mail chain letters of a political nature to journalists?" he wrote to one critic, who had written him from a Nortel e-mail address. "Does your letter reflect the views of your employers? Finally, did Nortel's media relations officers know about your freelance PR? They do now." On his CC list, my colleague placed the e-mail addresses of several highly placed Nortel officers plucked from the company's website.
Nortel officials, it seems, had words with their subordinate. A few days later, this tail-between-the-legs reply from the original sender popped up in my colleague's inbox: "I am extremely sorry for having sent that e-mail to you. It was totally my own personal view and in no way represents that of Nortel Networks. I sincerely apologize."
For their part, Nortel officials refused to comment on the exchange - or on any other aspect of their e-mail policy.
Beyond telling employees about e-mail usage policy during job training or with periodic memos - two methods that clearly have not worked - how do you teach proper e-manners?
One promising strategy is to use sniffing software as a teacher rather than as a police officer. One such system, implemented in 1998, is in operation at New York-based Bloomberg LP, a financial information and media company. Its proprietary electronic messaging system, which is used by both employees and clients, can now warn a user when the program detects potentially offensive terms in his or her e-mail. "Compliance alert": the pop-up warning reads, "The following word, XXX, is considered to be inappropriate in the context of business correspondence."
According to Chris Taylor, a Bloomberg spokesperson, the warnings haven't caused any significant backlash. "There were a few complaints from some clients who use the messaging service," she says. "But, to my knowledge, we didn't lose any business over the issue."
This approach may very well become the wave of the future. Wherever there is a formal policy, according to Kenneth Withers, a research associate specializing in electronic discovery issues at the U.S. government's Federal Judicial Center, in Washington, D.C., e-mail is already considered part of the formal corporate record, alongside word-processing documents, client files and personnel records. "When you open up your e-mail software," he predicts, "there will immediately be a message that says: 'Hi, welcome to the XYZ company e-mail system. Remember, we own all of this and we own you, too' - which should put people on notice that they are not supposed to use the system for personal use."
According to Withers, corporate e-mail will no longer be the free-for-all it is now. In five years, when you compose an e-mail, you will be required to file it according to subject and client matter. "You are going to be asked, 'What is this e-mail about?' Users are going to be asked to categorize it on the front end - to create document profiles. And the category will contain rules for retention or deletion. If they categorize it as something that has no business purpose, it can be deleted immediately. And that will go through one server. Business documents will go through different servers. People are going to be asked to become their own record managers."
But is such a system practical?
"What have I used e-mail for in the last half hour?," asked Alan Gahtan, at the beginning of our interview. "I was on a conference call and I was sending e-mail back and forth to colleagues in New York, who were on the same call. If I'm using e-mail for real-time communication, there's no way I have time to fill out a document profile for every e-mail. It just won't happen. We don't put a muzzle on people's mouths. What we do is try to give them some training. Once in a while people say stupid things. And once in a while people e-mail stupid things. That's just the way it is."
Five months into his new job, Fred Jones is a happier man. He's re-established relationships with many of the customers he had at his previous position, and he still goes out of his way to build bonds and to keep his contacts thinking of him and his new firm - that includes freebie hockey tickets and picking up the tab at lunches and dinners. And he hasn't given up the dirty jokes either: "I still send them," he says, "but only to people's personal [home] e-mail addresses - and never from work.
"Oh, and I still take 'em to strip clubs."
Laying down the law
no sex, no hatred and other e-mail edicts from our justice department
To avoid embarrassments, lawsuits and other mishaps, an increasing number of companies and organizations have put together strict guidelines on employee use of corporate e-mail systems. In March, for instance, the federal Department of Justice distributed a 19-page do's and don'ts list to its employees. Some highlights:
Individuals must not access or download websites or files or send or receive electronic mail messages or other types of communication involving content that incite hatred against identifiable groups... or whose main focus is pornography, nudity or sexual acts (however, authorized users may access such information for valid work-related purposes...).
Individuals must be careful to ensure that any personal messages sent using a Department of Justice network are not construed to represent the views of the Department of Justice or the Government of Canada; and do not embarrass the Department of Justice through such things as inappropriate language; political advocacy or criticism; negative comments about third parties, including clients and respondents of the Department of Justice.
Be aware that when communicating externally, authorized users are representing the Department of Justice and that all statements reflect upon the integrity and professionalism of this institution.... Add a disclaimer to the signature block when not officially representing the department if the message could be perceived as a Department of Justice opinion. An example of a disclaimer is: "The opinions expressed here are my own and do not necessarily represent those of the Department of Justice."
Do not send: chain letters, viruses or hoaxes; threatening or demeaning messages; racially and/or sexually harassing messages; personal campaigns such as "Save the Whales"; and unsolicited e-mail to large groups. Do not steal e-mail messages; copy e-mails and/or electronic files without permission; and forward Department of Justice or other sensitive government materials to non-authorized personnel....
Act in a professional and courteous manner. Avoid gossip and remember that statements about others may find their way back to them.
Due to the fact that humour does not translate well in electronic communications, include visual clues such as smiles :) or emotes .