Employers slam plans for e-mail monitoring

Employers this week dismissed a code of practice designed to protect employees from unwarranted snooping by their bosses as...

Employers this week dismissed a code of practice designed to protect employees from unwarranted snooping by their bosses as confusing, unbalanced and badly thought out.

The code calls on employers to respect the privacy of workers by giving staff separate logins for work and private use, and of any e-mails that appear to be personal.

Although the code is not compulsory, the Information Commission has warned that it may cite breaches in enforcement action against firms that fail to comply with its recommendations.

The code aims to strike a balance between the need for employers to safeguard the security of their IT systems and control their businesses, and the rights of employees to privacy. But employers claimed that it favours employees and ignores companies' needs to monitor communications.

"It seems to be all about what employers have to do. I don't recall anything about what the employees' responsibilities are. It's not balanced," said Susannah Haan, legal adviser to the CBI.

Other groups said the code would simply confuse employers. "We have been calling for a clear framework to help business to interpret what is a very complex piece of legislation, the Data Protection Act.

"In trying to be all things to all men the Information Commission has failed to do this," said Sally Low, senior policy adviser at the the British Chambers of Commerce.

The code will confuse those it is meant to help, said Will Roebuck, legal executive at e-business user group E-centre UK. "The easy option would be for employers to put a blanket ban on all use of personal e-mail, telephone calls and Web browsing in the workplace," he said.

"The idea about separate e-mail and Web accounts for private use - why should employers be put to the expense of doing that? Why should they run Internet cafes for their employees?" asked Richard Baron, deputy head of policy at the Institute of Directors.

But the code has been welcomed by trade unions. Peter Skyte, national secretary at the Amicus IT Professionals' Organisation, said, "There are legitimate interests in monitoring communications, but if someone criticises a manager in an e-mail or challenges plans and proposals, that should not be used against them."

The code, which faces a final consultation with a small group of businesses, is unlikely to go through any significant changes before it is published, the Information Commission has confirmed.

Iain Bourne, strategic policy manager at the commission, said that the code is clearer than earlier drafts. He accepted that some businesses might object to it. "There will still be employers who do not like this code," he said.

Read more on IT risk management