Many employees stealing from companies send the purloined data to their personal e-mail account held at home or on the web. 21 percent burned the information onto CDs." Due to these technological security issues, employers feel the need and have the capability to monitor their employees. E-mails, voice mails, the Internet, telephones, computers, etc. can be use for unregulated monitoring. Employees say this is an invasion of their privacy. Companies say this is a protection of their assets. The law is not clear on whether companies are invading employees' privacy rights regarding information technology so policies must be set and employees must be informed on what is considered to be an invasion of company confidentiality or employee privacy rights.
In cases of lawsuits and investigations of regulations, instant messages and e-mail messages are used as the main source of evidence. However, according to the 2004 Workplace E-mail and Instant Messaging Survey, "employers remain largely ill-prepared to manage e-mail and instant messaging risks." It is still not common for businesses to have policies set regarding information technology. Studies have found that 35 percent of companies have any policies set in place and a mere six percent of businesses save electronic business records. However, among those businesses that do
"The failure to properly retain e-mail and IM reflects employers' failure to educate employees about e-mail and IM risks, rules, and policies. The fact that 37% of respondents either do not know or are unsure about the difference between an electronic business record that must be retained, versus an insignificant message that may be deleted, suggests that employers are dropping the ball when it comes to effectively managing e-mail and IM use."
Company data is not the only thing that is at risk when policies are not in place and implemented. Employee bank account information, social security numbers, contact information, and other confidential information should also be a responsibility of the company's. Grifing (2006) lists that "8,500 FedEx employees had their W-2 forms and salaries inadvertently exposed" and that is regarding just one company alone. Companies can now collect employee genetic information in order to read further into the employees to determine whether or not he or she will perform well on a job and other information. Gahtan (1997) reports, "Employers may also find that they could be held liable for e-mail or Internet-related activities of their employees. In most cases, employee e-mail or Usenet postings carry the employer's name or trade mark as part of the employee's e-mail address. Defamatory, political or religious statements sent outside the company by employees may therefore be attributed to the employer."
Employers also have an obligation to provide a work environment free of discrimination and harassment. Inappropriate material circulated internally can create a problem. A subsidiary
Employee Privacy Rights 4
of Chevron Corporation settled a