Businesses can experience problems if their employees visit web sites using their work computers. For example, ‘cookies’ or ‘web beacons’ may be installed to the computer without anyone’s knowledge.

This often happens automatically to let web sites identify and monitor computer usage, including tracking future activity after the user visits the site.

This was publicised recently in respect of Facebook’s targeted behavioural advertising. For example, saucepan adverts can be displayed if employees look up these on ebay after their visit to Facebook. The issue is that your employees may use an internet browser for client work or file management systems and confidential information may also be compromised. In the financial industry, this may lead to compliance issues and compromise a business’s integrity.

’Cookies’ that leave a mark of computer activity for specific websites  can cause negative publicity or embarrassment if inappropriate statements have been made, games accessed or files stored, downloaded or forwarded. Such actions may also amount to an offence if, for example, the material is pornographic in nature which in turn could cause liability for businesses if carried out on an employer’s computer.

A number of practical solutions have been tried but some financial businesses  have been finding that web filters are ineffective and counterproductive to their productivity. For many the solution has been to communicate clear policies which prohibit and list social networking websites in an effort to drive an understanding of the seriousness of their use and the risks to the business. This is not usually a complete list, but instead a framework of what is not permitted,

e.g. – ‘employees should not use work computers on sites such as Bebo, Facebook, online gambling or any material which could, in any way, be regarded as illegal, offensive, in bad taste or immoral.’

The wording is important, as not all content which is legal will be in good taste.

A good ‘catch all’ to prevent breaches or misunderstandings of the policy would be something along the lines of,

‘If you might be offended by the contents of a web page, or if made public, your access or viewing of any internet material may be  of embarrassment to you or us, then your viewing or access of the material is in breach of this policy and will constitute misconduct. In these circumstances the disciplinary policy will apply and you will be required to delete the offending post or material. ’

This sort of wording would allow for some use of the internet, without reducing your protection.

For financial businesses, reputation is important. Regardless of company blogs and wikis, many employers are now stating that unless permission has been agreed in advance, employees may not use their computers to participate in internet chat rooms, post messages on any internet message boards or use blogs or wikis, even in their own time.

Most businesses still want to allow some level of incidental internet use to avoid being seen as overly draconian, and are starting to find that behavioural guidelines are useful to add to their internet policies, such as,

‘Use must be minimal, out of office hours, not interfere with work, posts or emails should be labeled personal, not commit us to any costs, be in keeping with equal opportunities, data protection and confidentiality policies etc.’

Policies also need to provide for the possibility that internet use will be monitored and permissions may be revoked at the employer’s absolute discretion if inappropriate.

This article illustrates that precise policy wording is crucial and we hope that it triggers a conversation amongst those readers who could be affected.  However this advice is in nature  general, and is not comprehensive or a substitute for specialist legal advice.

Article contributed by John Friend, Employment and Commercial Solicitor

ACUMEN BUSINESS LAW is an award winning, innovative and dynamic Law Firm, providing legal services in a way different to other law firms.

Image copyright: Flickr