How much should employers monitor their employees’ computer use and e-activity? 

“Employee monitoring is really controversial, especially within the tech sector,” says Dan Miller, tech entrepreneur and managing partner of StartUp Florida. “It’s pretty well known that knowledge workers will have Internet access. The larger issue is that because of new tools, there is a blurring of work and home time, and the lines between activities blend.” 

Excessive monitoring or rigid rules can drive away productive employees, especially those of Generation X and Y, who expect some freedom in structuring their workdays, says Miller. “Most employers have to come to terms with that new reality.”

Yet from the employer’s perspective, fear of litigation trumps privacy, says Nancy Flynn, executive director of the ePolicy Institute (epolicyinstitute.com), and author of The ePolicy Handbook.

In December 2006, the Federal Rules of Civil Procedure were amended, allowing electronically stored information to be subject to discovery in federal courts. As Venice City Council members discovered last summer, “If your company becomes embroiled in a lawsuit, you can take it to the bank that all your company’s e-mail can be subpoenaed,” says Flynn.“E-mail creates the equivalent of DNA evidence,” Flynn adds. “Employers don’t want this smoking gun evidence sitting in their computer system.”

U.S. employers have the right to monitor employees’ computer activity under the Electronic Communications Privacy Act, which has been interpreted to purport that employees should not expect any privacy on employer-owned computers. “The courts have been consistent in siding with employers,” says Flynn. “Assume Big Brother is reading over your shoulder. If the company provides a cell phone, there’s a good chance that your texting is being monitored, too.”

According to a 2007 survey conducted by the American Management Association and The ePolicy Institute, 66 percent of employers monitor Internet connections and 65 percent use software to block inappropriate Web sites, up 27 percent since 2001.  Forty-three percent of companies monitor e-mail, and 45 percent track content and keystrokes.

Likewise, more companies are monitoring the blogosphere. They’re worried about “breaching company confidentiality rules, giving away trade secrets or secret recipes, uploading videos that would embarrass the company,” says Flynn. “We’ve seen thousands who’ve been fired for blogging on personal time, for content on their personal and social networking sites and YouTube videos.”

So how do you strike a balance in your monitoring policy?  Flynn recommends businesses apply the three Es of risk management:

Establish a written policy governing usage, content and retention of business records. Spell out when employees can communicate with family, domestic helpers, physicians and schools, and what constitutes a reasonable amount of time for personal communication. Expect the policy to evolve with the workplace.

Educate your workforce on e-mail and Internet risks, policies and procedures. The 2007 Electronic Monitoring and Surveillance Survey found that 58 percent of employers fired employees last year for inappropriate e-mail or Internet use, some of which were an intentional violation of policy, and some not.   “You can’t expect your employees to cooperate unless they know about it,” Flynn says.

Enforce the policy with disciplinary action and technology tools, and detail the consequences. While zero tolerance may engender resentment among employees, warnings and escalating consequences will protect the firm and its employees.