Every day, millions of people use electronic mail to conduct business and to communicate with friends and family. But if you think your e-mail is private, guess again. E-Mail is no more private than a postcard. Unlike other forms of communication, such as telephone calls, which are protected in the United States under laws like The Electronic Communications Privacy Act of 1986, e-mail has little similar protection. The situation becomes even murkier for messages sent or received at the office.
For Your Eyes Only?
An electronic message typically makes numerous stops at computers along the route to its final destination. At each stop, it can be intercepted and read by prying eyes. Why would someone want to do this? For hackers, there's the challenge of eavesdropping in cyberspace; for business competitors, confidential information may have great value. After all, information is power.
Where Has All the E-Mail Gone?
Even after you've received a message and deleted it, the message doesn't vanish. Many Internet service providers archive e-mail for some period of time. These archives can be accessed by snoops and even subpoenaed in the event of an investigation or lawsuit. The same holds true for messages received at work. Although you hit the Delete key, the message may still exist in the company system. Those off-color jokes you've been circulating may come back to haunt you!
Let the Writer Beware
While U.S. law offers limited privacy protection for communication over the Internet, almost none exists for electronic messages sent within the workplace. In fact many companies take the position that they not only have a right, but the responsibility to review employees' e-mail. They argue that e-mail is no different than writing letters and memos on company letterhead. Because electronic communication represents the company and is conducted using company equipment over the company network, businesses contend that they have a right to monitor e-mail. Many employees take the opposite position, claiming their right to privacy unless informed otherwise.
While most companies now use e-mail, many don't have an official e-mail policy. In the absence of a policy, employees often feel a false sense of security, particularly because many e-mail accounts are password protected. Passwords do offer some protection, but not from system administrators, who can access almost anyone's e-mail. This comes as news to many employees who mistakenly believe that communication with colleagues is private. In fact in a number of cases, casual e-mail messages that criticized the company have landed on the boss's desk. The result? The employees were fired. In the ensuing lawsuit, the courts have upheld company actions.
To avoid legal skirmishes, businesses, even small ones, should establish an Acceptable Use Policy for e-mail that clearly sets out permissible workplace uses, prohibited uses, and penalties for violation of the policy.
An Ounce of Prevention
You can protect yourself from prying eyes. First of all, regard e-mail as you would a postcard. Would you send confidential information this way? Obviously not. Second, use encryption software to encode your message so no one but the recipient can read it. You can download one of the most popular programs, PGP (Pretty Good Privacy) for free from the Web.
