Digital Evidence of Pornography in Hostile Workplace Lawsuits

Internet Files Can Corroborate Sexual Harassment Claims

A new privacy feature in Microsoft’s Internet Explorer 8 may foster more viewing of pornography in the workplace.  It should heighten the incentive for employers to actively block Web porn sites.

Internet Explorer is the most popular web browser.  Forthcoming version 8 includes a so-called InPrivate mode, where browsing history is not retained and temporary Internet files are deleted upon completion of the browser session.  With the advent of InPrivate mode, some employees may be lulled into a false sense of seclusion at their desks and may succumb to temptation to peek at porn.

Legally speaking, pornography is very dangerous in the workplace, as it can be evidence of a hostile work environment.  Although InPrivate mode may make access to that evidence – in the form of retained files on a PC hard drive — more difficult, the digital evidence may still be recoverable.  Forensics experts have demonstrated that they can (with effort) still reconstruct browsing history when InPrivate mode is engaged.

Further, evidence of World Wide Web pornography on the job need not come just from digital records.  It can come from, say, Employee #1 testifying that he/she witnessed pornography on the monitor of Employee #2.

Some observers are recommending that employers to disable InPrivate mode.  But disabling is difficult, and it addresses the problem only indirectly.  The more direct and complete approach is to use software to block access to adult sites.

–Ben Wright

At the SANS Institute, Mr. Wright teaches IT administrators how to stay out of jail.

Guest Internet Access and Hostile Work Environment

Abuse by Patrons of Library, Church or Internet Café?

E-pornography is dangerous for any organization that provides others with openly-visible access to the Internet.  The organization’s employees might claim hostile work environment.  Just as employees can complain about the viewing habits of co-workers, they might complain about the habits of guests and patrons.

Guests and students at libraries, schools and churches (places with shared computers) can indeed endanger those organizations by accessing objectionable material.  For example, librarians at the Minneapolis Public Library complained that their rights were violated when patrons used library computers to view porn.  The Equal Employment Opportunity Commission agreed.   Then, after the employees sued in court, the Library settled, reportedly agreeing to pay employees $435,000 and agreeing to take steps, including possibly technical filters, to reduce the potential that librarians would be exposed to porn on account of activities by patrons.

Can’t an organization protect itself Read the rest of this entry »

Employer’s Duty to Investigate Employees

Internet Endangerment

Employment law suggests an employer has a duty to investigate if it sees dangerous activities by an employee. One approach is for an employer to close its eyes, and hope it sees nothing that would give rise to an obligation to investigate.

But that approach is risky. After disaster happens, proving that the employer saw nothing is hard – especially when the clues are records stored on the employer’s computers. It’s better to be generally aware of what employees are doing through their computers. Employers have reason to monitor Internet usage for both pornography and other dangers.

A lawsuit titled Jane Doe v. XYZ Corporation, 887 A.2d 1156 (N.J. 2005), said an employer could be held responsible for injury to a child, where an employee was using his work computer to access child pornography on the Web. The New Jersey Supreme Court said the employer should have known of the employee’s illicit surfing and therefore should have informed the police. Had the police been informed, then the employee’s abuse of his step daughter at home might have been prevented.

In addition to pornography, an employer has incentive to monitor for other dangerous matters like weapons or illegal drugs.

–Benjamin Wright

Mr. Wright has teamed with Messaging Architects to educate employers about electronic records and eDiscovery.

Employee Computer Acceptable Use Policy

Limits on Facebook and Myspace?

An employer is wise to publish an acceptable use policy (AUP) for employees. Generally, the policy should forbid the use of work equipment for pornography and other offensive or non-business purposes. It might specifically warn against wasting of time at places like gambling, shopping or social networking sites. And it should warn that violation of the policy could be grounds for reprimand or termination.

However,  some experts argue that employee use of social networking sites like Facebook and Myspace can be productive.  They say social networking is a modern form of communication that builds bonds among colleagues.

Fair enough.  Still, excessive time on social sites can be a waste.  Therefore a wise employer might use software to monitor and limit the time an employee lingers on specific social sites.

–Benjamin Wright

At Messaging Architects, Mr. Wright leads a workshop on the development of IT policy.