The case of Smith and Partners in Sexual Health (Non-Profit) CCMA (WECT 13711-10) heard in the CCMA in October 2010, which we wrote about here, raises this interesting question? When can an email be considered the “private” property of the employee and not be capable of being monitored by the employer? The simple answer to the question is ‘when its your own email’.
What is your own email?
This is turn begs the question, ‘what is your “own email” ‘? There are two aspects to the answer.
Firstly, (viewed from the employee’s perspective), your own email is that email that is stored or hosted with a service provider with whom you have a contract. The service provider could be a local ISP (e.g. MWEB) or Gmail or a company that offers hosted email solutions (Google Business Mail ). In all these instances the email infrastructure (the hardware and servers) is owned by the email service provider. It is irrelevant whether the employee is able to access email directly on the service providers server through a web browser or download the email (via POP or IMAP) to an email application sitting on the users desktop (e.g Outlook), laptop, smart phone or tablet.
Secondly, where an employer:
- owns its email infrastructure (e.g. owns its own hardware and runs its own email exchange server) and provides a user with an email address to use at work; or
- does not own its own email infrastructure, but instead uses a hosted email infrastructure in the Cloud (e.g. Google Apps for business, which is different to Gmail), which it pays a fee per user to use, and provides each user with an email address,
we are of the view that the default position would be that all emails that a user sends or receives are not private.
In the Smith case, the court appeared to be leaning in the direction of drawing a distinction between whether the employer owns the hardware that makes up the email infrastructure (where the email would not be private) and where the employer does not own that hardware (where the email would be private). Such a distinction in our view would be incorrect.
Why do we say so?
Email has been given to a user to assist the user perform their job and is meant to be used for business purposes. Whilst incidental personal use is permissible (because it would be impractical not to allow it) it is limited. Further, it is not possible for most employer’s to distinguish between private and business emails and are entitled to regard all emails as being business related.
Given our work in this area, we are very aware of the sensitivities around this and all the various nuances that can take place. This emphasises the need to have proper policies in place to clearly define that “grey” area of personal use where employees have been provided with an email account by the company (these policies typically being Email Usage policies or Acceptable Use Policies or Electronic Communications policies).
END NOTE: Some of clients who are assessing the probable impact of our pending data privacy legislation, the Protection of Personal Information Bill (“POPI”) on their businesses, erroneously think that “personal information” as defined in POPI is the same thing as “private information” (which is not defined anywhere). Private information in the context of the workplace, is information that is owned by the employee and not the employer. However, it is possible for the employer to own personal information about the employee (e.g. how the employee scored in a work test).