AS I WAS SAYING WITH WENDY LEIBOWITZ
Imposing Order on E-Chaos
It’s time to seize the bull by the horns and set sound e-mail policies for the workplace.
In a recent survey by The Guardian newspaper of Britain, more than half of London office workers surveyed confessed that they had used e-mail to stab their colleagues in the back. A large percentage also admitted to sending sexist, racist or pornographic messages to and from work on company e-mail systems. And those were just the people who told the truth to the newspaper. Imagine what the liars are up to.
On this side of the Atlantic, this past July the Des Moines Register reported that Iowa had to fire several state employees for sending pornographic e-mail on the state’s computers. (In Iowa!) Barely a month later, in early August, the Securities and Exchange Commission sought to impose a $10 million fine on six securities firms, including Morgan Stanley and Merrill Lynch, for failing to keep e-mail for the required three years. One can only assume that the people who destroyed the e-mail thought that revealing the messages would be more damaging than a $10 million payout.
Those are just a few reports on office e-mail from this past summer. And there’s similar nonsense going on with other types of electronic documents. We really need to impose some order on this chaos with better business practices and clearer workplace policies.
The Thorny Issues of E-mail: Baby Steps to Take
E-mail is a wonderful medium of communication, but it’s also a frustrating and thorny thicket. For one thing, if an e-mail is damaging or embarrassing, it is, of course, nearly impossible for you to erase the trail. The message has usually been copied and stored in at least 12 different places—it’s on your office desktop computer, with another copy on your computer network and yet other copies on your backup tapes, your home computer, your laptop, your Palm Pilot, your cell phone’s text-messaging service, and your client’s corresponding e-mail system and backups. This is not to mention the copies that the client forwarded to someone else, with a snide comment that won’t be as amusing when it’s displayed on a chart in front of a jury.
On the other hand, if the e-mail was important, or helpful, all copies will have vanished forever, joining three years’ worth of investment banking firms’ e-mails in some cyberspace cemetery, and possibly leaving you and your client facing a multimillion-dollar fine. That’s modern technology for you.
But even if we can’t explain those disappearing records, there are still steps that can, and must, be taken to seize the electronic bull by the horns. For starters, how about getting a grip on workplace e-mail policies?
A first stride involves addressing the knotty issue of employees’ e-mail. There are two concepts that lawyers and clients must master.
• First, employers must have an e-mail policy stating clearly that there is no expectation of privacy in e-mail sent or received from work.
• Second, employers should not fire anyone on the basis of the content of their e-mail, as long as the e-mail is work-related. (Obviously, if the e-mail is racist or pornographic or otherwise unrelated to work, employers are free to act.)
These two e-mail rules, even though they’ve been around for a while, are apparently tough to learn.
Employees’ Use of Company E-mail
Let’s take the firing issue. Back in 1997, in Timekeeping Systems, Inc. v. Lawrence Leinweber (323 NLRB No. 30), the National Labor Relations Board found that an employee who used company e-mail to harshly criticize the employer’s change in vacation policy was engaging in protected, concerted activity under Section 7 of the National Labor Relations Act. A non-union employer, Timekeeping Systems, Inc., had asked the employee in question to apologize. When he refused, he was fired. He sued and was reinstated with back pay.
Did we learn our lesson? Mais non. Take the recent case of Symantec, an Internet security company known for its antivirus software. On August 18, 2002, it announced that it had settled a dispute with an employee who used the company’s e-mail system both to criticize Symantec’s plan to outsource its customer service department and to try to rally employee opposition to the plan. The employee, Anna DeMarco, was fired on June 12. Though Symantec is not unionized, DeMarco filed a complaint with the National Labor Relations Board.
As part of the settlement, Symantec paid DeMarco $5,000 for lost wages and benefits and removed any reference in her employee file to her use of company e-mail as a reason for her termination. In addition, the company posted a 17-by-17-inch poster at its Springfield, Oregon, office, where DeMarco worked, stating that employees have the right to use company e-mail to discuss issues affecting the workplace.
Further, the notice announced that Symantec will not frustrate its employees’ right, under federal law, to communicate about the terms and conditions under which they work.
Let’s repeat this, once and for all, for employers who still don’t get the message: You can’t fire anyone in this country for communicating, even on company e-mail and on company time, about a work-related issue. This is the law even if the company is a non-union shop, and even if the complainers are generally not contenders for the Employee of the Year Award.
Workplace Privacy Expectations
He then asks the client, "How did you come to see the e-mail? Did you receive it because the employee sent it to everyone? Or did you access the employee’s e-mail account?" If the company policy does not clearly state that there is no expectation of privacy in e-mail sent or received on its systems, then the company could face exposure for accessing the e-mail, says Overly.
Two states—Delaware and Connecticut—have laws requiring employers who monitor employee e-mail to inform their workers of the practice in writing.
All work and no play? An additional question is whether e-mail activity can be precluded. Some employers figure that since their company computers are private property, and should be used for business purposes only, the employer can preclude employees from sending troublesome e-mails to colleagues at work, especially if those e-mails use offensive language. The reality is a bit different, says Overly: "It is difficult, if not impossible, for any business today to state that you can use your e-mail only for business purposes." It is widely accepted that e-mail will be used, incidentally, for personal purposes, just as a telephone is. Plus, according to Overly, the first thing an employee who is fired for using e-mail for personal purposes will do is subpoena the e-mail records of the company president, or the person who did the firing, and reveal—surprise—that the superior also uses e-mail for personal purposes.
Records Management in the Age of Corporate Responsibility
E-mail is just the tip of the iceberg. The confusion that now reigns in all electronic records management has got to stop. We’re talking about more than electronic discovery issues—we’re talking about the quality of our clients’ and our own work lives.
In the paper world, records management was an established field: There were rules, protocols and librarians or other people with master’s degrees who specialized in records management. But in the electronic age, much information became decentralized, according to Ken Withers, a researcher at the Federal Judicial Center in Washington, D.C. (His Web site, www.kenwithers.com, is a treasure trove for those interested in electronic records issues.) "What happened is that corporate culture changed tremendously—there was no accountability for information," he says. "E-mail is a classic example. Everyone has their own system of organizing e-mail." Or refuses to have a system.
Yikes. What about other corporate documents? Do your clients know how and where their critical records are archived? Dare we even ask about accounting systems? In the post-Enron age, when document retention and destruction policies have garnered so much attention, the situation presents dodgy electronic discovery issues.
Withers, who emphasizes that he speaks only for himself and not for the Federal Judicial Center, speculates that electronic document organization may become a part of the new age of corporate responsibility. "Under the pall of Enron, WorldCom and those other Arthur Andersen-inspired debacles, we indeed will start swinging in the other direction," he says. Some businesses, in fact, may decide to keep their electronic archives forever, to avoid the shadow of guilt now associated with document shredding. "Companies can’t justify the destruction of anything if it is done just before or after a subpoena," Withers says. "But unless there are organized information systems," he warns, "information overload will sink us." Adds Withers, "It’s like watching American businesses launch 1,000 Titanics."
The prospect of litigation and the few emerging cases on electronic discovery have struck fear into some corporations, and it’s clear that businesses must adopt electronic management practices that reflect sound record-keeping and business practices. (Microsoft Corporation recently held a forum in Washington, D.C., to explain how Outlook Express works. "Everyone was terrified that the issue of deleted e-mails would arise during litigation," said one lawyer who was there. "Fear is a tremendous motivator.")
Even in the paper world, discovery could be a nightmare. The nightmares multiply, in cost and difficulty, in electronic media. "The promise of information technology is that we can reduce transaction costs," Withers says. But, he also says, "The reality is that technology has run away from us."
Time for a Little Housekeeping
The good news is that more standardized electronic record-keeping practices and early negotiations over the scope of electronic discovery hold real potential to improve business practices and put some order into the discovery process. If people can impose rationality on their business practices, protecting both their business and legal interests by putting their document houses in order, life may indeed turn for the better. If you know ways to make this happen, please send me an e-mail.
Wendy R. Leibowitz (email@example.com) is a lawyer, writer and the editor of Cybercrime and Digital Discovery and Electronic Evidence. Her Web site is www.wendytech.com.