Email Privacy Issues
The focus of your next research paper is e-mail communication and the data and information privacy issues surrounding its usage.

In this paper, I’d like you to explore corporate e-mail policies, practices, procedures concerning e-mail and how these policies, practices and procedures affect data and information privacy?

Additionally, integrate research into your paper involving any legal and regulatory issues which affect information privacy and e-mail communication.

How do these issues affect an employer’s rights concerning employee’s e-mail usage?

As part of your research I’d like you to find a corporate e-mail policy online and discuss the pro’s and con’s of that policy as it applies to data security and online information privacy.

Additionally, I’d like you to review the following issue and integrate it into your research paper:

This story (Harvard secretly searched Deans’ e-mail: Chasing leak in cheating scandal may have invaded privacy) recently broke and it is a perfect subject to integrate into this paper about e-mail privacy since it dovetails very nicely with the subject we are studying this semester: information privacy.

Review the story online originally reported on by the Boston Globe, conduct research on this issue and be prepared to discuss the relevant issues. Harvard administrators are up in arms that their e-mail accounts were searched without their consent.

What are the issues?

Do employers have to get employee’s “consent” to search their e-mail accounts?

What, if anything, did Harvard have to do before they searched the Dean’s e-mail accounts?

Did they have to notify the employee’s? Why or why not?

What would have to be in place for there NOT to have been any notification needed?

If there is employment law in the state which supports the employer, can Harvard have violated employee’s privacy despite what the employees may personally feel?

Are there legitimate information privacy concerns involved when using your employers e-mail system? If so, what are they?

Why do you feel you do, or do not, have legitimate privacy expectations when using your employers e-mail system and was Harvard justified in their search of Dean’s e-mail accounts?

What are the legal justifications and case precedence for this type of action?

These questions, and the information above, frame the issues you need to discuss in your paper about e-mail privacy but there may be other relevant issues in your paper that are directly relevant to the topic of e-mail privacy that you want to include.

Introduction
The practicality, convenience and efficiency of emails have made them become the main communication channel chosen by most businesses and organizations. Manapragada (2017) indicates that about 42% of modern businesses use emails as the most important tool for lead generation. However, even with this widespread use, emails tend to have their unique challenges, especially in regards to privacy concerns. An email can be stored on multiple locations that include the sender’s computer, receiver’s computers and servers, and a company’s email servers, among others (Manapragada, 2017). This factor implies that merely deleting emails from the inbox is not a guarantee that there is no other copy of that Email that exists. Unlike traditional paper documentation, email messages are digital, which implies that they can be archived for a long time. Putting these factors into consideration, along with the ever-growing cybersecurity risks and email hacking, presents huge concerns for most companies that heavily rely on emails for various business transactions, especially those involving private conversations and transactions. Protecting email privacy does not just involve safeguarding confidential employee and corporate data, but there are certain policies, regulatory laws and procedures that must be followed. This discussion explores corporate email policies, practices, procedures and how they affect data and information privacy, as well as review the email privacy issue of 2013.
Corporate Email Policies, Practices, Procedures and How They Affect Data and Information Privacy
According to Manapragada (2017), Email privacy issues and breaches can be very devastating to an organization resulting in reputational damage, financial loss or chaos. As such, having an effective email policy in place is important because it serves to encourage positive, productive communication in any organization while ensuring that a company is protected from potential security breaches, legal liability and reputational damage. Manapragada (2017) argues that just like most polices within a company, the practices and procedures involving corporate emails have to be tailored in such a way that they can match a business’s needs and the industry it operates in. Corporate email policies should clarify that company emails, which would imply to all emails created, stored, sent or received on the company’s computer, are considered as the property of the company (Manapragada, 2017). This fact implies that such emails can be admissible in any legal case. Based on this understanding, employers have the right to monitor how their employees use emails but equally important to ensure that these employees are made aware of the potential monitoring that is going on.
The standard practice is that most employers ensure that their employees have signed a computer or network usage policy outlining that a company’s emails should only be used for business purposes (Manapragada, 2017). Such a policy ensures that the employer has the right to monitor emails or computer usage. With such an agreement in place, an employer’s right to privacy appears to be deprived, which implies that an employer has the right to search through an employee’s company emails. Unlike it’s the general practice with law enforcement, employers don’t have to deal with numerous obstacles that might prevent them from conducting searches on a given email (Manapragada, 2017). The reasoning behind this approach is that the communication made on company emails has the potential to affect the overall business outlook of an organization, thus justifying them to search through their employee’s emails.
Even with no binding email policy or agreement in place, Manapragada (2017) suggests that courts have always ruled that employees don’t have any reasonable privacy expectations regarding their company emails or any emails sent while at work. For instance, in one court ruling, the decision made was that the emails used within any given business context become part of a given office environment, and the employee should not have any reasonable privacy expectations. Manapragada (2017) adds that other court rulings have suggested that work emails should inherently be work-related, which implies that no reasonable privacy expectations should be in place.
A Review of Brown University Email Policy
The main goal of this policy ensures that critical services within the university remain reliable and available to promote the university’s mission. The scope of this policy is to all university members entailed to email services like it is detailed and outlines in the institution’s Computing Privileges document. The policy outlines that the use of the university’s email services has to be consistent with the educational goal of the institution as well as other university policies (Brown University, 2015).
The pros of this policy are that it services to promote the university’s email privacy and security. In other words, Brown University can provide reliable and secure email services by adopting solid information technology practices. Another advantage with this policy is the fact that it has managed to outline the guidelines to follow to prevent various types of email attacks that might involve malware, identity theft or password security breach.
The con associated with this policy is that Brown University is not able to guarantee the privacy, security and reliability of their email services. This fact implies that email users within the university have to exercise a lot of caution when using these emails to communicate any sensitive or confidential information through these emails.
Based on this Brown University’s Email Policy, the data security and online information privacy of the institution are well safeguarded. In particular, the policy suggests that the use of the university’s email services has to be consistent with the educational goal of the institution as well as other university policies. As such, this policy ensures that the employer has the right to monitor the emails or computer usage and implies that the employer doesn’t have to deal with numerous obstacles that might prevent them from conducting searches on a given email.
The Harvard Email Privacy Issue
The issue, in this case, was that central administrators at Harvard University secretly searched email accounts belonging to 16 resident deans and later leaked to the media about the intuition’s rampant cheating case (Carmichael, 2013). These resident deans are members of the Harvard’s Administrative Board, a committee that handles the cheating case. These 16 resident deans had not been warned of the planned access to their accounts by the administrators, but only one of them was later informed about these searches shortly afterward (Carmichael, 2013). The administers maintained the position that the searches had been done in a thoughtful and limited manner to identify individuals who shared confidential emails with unauthorized persons (Carmichael, 2013). This disclosure raised serious concerns that there is a high likelihood of other information in particular sensitive student information to be at risk of being exposed to similar disclosure.
In this case, employers don’t have to get the consent of their employees to conduct searches on their email accounts. Although email communication is confidential, under certain conditions, the employer is allowed to search for any open messages sent or received by their employee’s company email address (Manapragada, 2017). As such, in the Harvard email privacy issue, the administrators didn’t have any obligation to get the consent of their employees to conduct searches on their email accounts.
However, according to cooperative legislation, Harvard was mandated to allow the administrators to be heard before they could make any decisions about these searches. When cooperation or institution like Harvard isn’t subjected to cooperation legislation, the employer has to afford their employees an opportunity before any important decisions can be made about any email searches conducted (Manapragada, 2017). Moreover, Manapragada (2017) adds that once this hearing procedure is complete, the employer can come up with a written guideline on how the information obtained from these emails can write before informing the employees.
According to the United States Electronic Communications Privacy Act, willful interception or intentional disclosure or utilization of electronic communication is prohibited or considered unlawful (FindLaw, 2016). Unauthorized access to employee’s emails can be considered to be a violation of this act. However, as earlier discussed, the emails used within any given business context become part of a given office environment, and the employee should not have any reasonable privacy expectations (Snow, 2007). As such, in the Harvard email privacy issue, the administrator’s didn’t have any obligation to get the consent of their employees to conduct searches on their email accounts which means that Harvard didn’t violate the administrator’s privacy since their emails were obtained from the institution’s electronic platforms thus considered the property of the university.
An exception to the Electronic Communications Privacy Act supports this position, which allows an employer to monitor the emails sent through any system owned or supplied by a company (FindLaw, 2016). Moreover, another exception is that an employer can monitor the content of their employee’s emails as long as they are interested in business information and not person materials or private emails (FindLaw, 2016). Based on this understanding, the Harvard administrators have a legal justification for conducting email searches on the 16 administrators as long as they were not searching for personal materials but interested in information related to the institution.
Conclusion
From the preceding, emails tend to have their unique challenges, especially in regards to privacy concerns. As such, employers should ensure that their employees have signed a computer or network usage policy outlining that a company’s emails should only be used for business purposes. Such a policy ensures that the employer has the right to monitor the emails or computer usage of their employees. The emails used within any given business context become part of a given office environment, and the employee should not have any reasonable privacy expectations. In other words, the employer has no obligation to get the consent of their employees to conduct searches on their email accounts.

References
Brown University. (2015). Email policy. Retrieved from https://it.brown.edu/computing-policies/email-policy
Carmichael, M. (2013, March 10). Harvard secretly searched deans’ Email. Retrieved from https://www.bostonglobe.com/metro/2013/03/10/harvard-university-administrators-secretly-searched-deans-email-accounts-hunting-for-media-leak/tHyFUYh2FNAaG2w9wzcrLL/story.html
FindLaw. (2016, April 4). Email privacy concerns. Retrieved from https://consumer.findlaw.com/online-scams/email-privacy-concerns.html
Manapragada, A. (2017). The always-on employee: The antecedents and consequences of work-related email use after hours. DOI:10.25148/etd.fidc001945
Snow, N. (2007). A copyright conundrum: Protecting email privacy. Kansas Law Review. DOI:10.17161/1808.19957

Published by
Essays
View all posts