Employers can monitor workers` e-mail, telephone conversations and Web browsing without their written consent, lawyers say, but doing so could prove dangerous.
The specialist Internet legal fraternity has been abuzz with analysis of the recently passed Regulation of Interception of Communications and Provision of Communication-related Information Act, known as the RIC Act.
An article regarding the interception rights of employers on ITWeb, followed by a flurry of media attention on the issue, has created much concern in the corporate sector, the lawyers say.
The RIC Act is likely to be controversial for its requirements that all cellphone users be registered and for potentially putting encryption providers in a difficult position. But the rights of an employer to intercept the communication flowing over his network or telephone system has attracted lots of attention, not least because illegal interception carries fines of up to R2 million or prison terms of up to 10 years.
Internet lawyers say written consent is the best way for employers to ensure they are legally protected in intercepting worker communication, but that it is not necessarily required in all cases.
"Where a business intercepts an e-mail or voice-mail in the course of carrying on its business for one of the specific purposes mentioned in the Act, all the business has to do is make 'reasonable efforts` to inform the person who uses the e-mail or voice-mail that his or her communications may be intercepted," says Lance Michalson of Michalsons IT Law Attorneys. "Alternatively, the business needs to obtain the 'express or implied consent` of the person concerned."
Michalson says using these provisions in the RIC Act means businesses should pay close attention to the technical means they use to obtain consent as well as company IT policies. But he believes click-wrap agreements, which require a user to click on an "I accept" button when logging on to a company network, will be acceptable. Thanks to the Electronic Communications and Transactions (ECT) Act passed last year, such a click-wrap agreement carries the same legal force as signing a contract.
However, some lawyers still believe old-fashioned written consent, preferably contained in an employment contract, is the safest course of action for a company that plans to intercept communication.
"Employers will be ill advised if they only rely on [informing of interception or implied consent] to assist them in this regard, as this [part of the law] only relates to the interception of communication in the course of its transmission over a telecommunications system," says Pravesh Singh, an attorney at Buys Incorporated. "This implies that employers may only intercept communications without written consent while it is in the process of travelling over the Internet or a corporate intranet."
Buys Inc points out that evidence used in disciplinary hearings are most often retrieved from information stored on employee computers after an infraction of the rules. Because this information is not actually travelling over a network when it is retrieved as evidence, it may not be legally usable.
The firm says few companies have the necessary technology to intercept communications while it is in transit over the Internet, and unless written consent to intercept is obtained, e-mail, for example, may not be retrieved once it reaches its destination.
Given the complexities of the new law, Buys advises businesses to not only include an interception agreement in employment contracts, but to have a close look at company policies regarding the use of communication tools. As an example, it points out that simply using the terms "pornography" or "racism" in a policy without adequate definition could cause problems in the case of legal action.
The RIC Act is available for download here.
Related stories:
Big Brother employers outlawed
Cryptic quandary for encrypters
New law states cellphone users must register
Share
