Email in the Office

Email in the Office

With all the media hype going on about privacy of personal data and court actions against those companies that breach the law, it is easy to think that such rules extend to your own private communications at your place of work. However, in Japan at least, this is far from correct and as an employee you should know that your company is legally allowed to access your email should it be created/read/edited on company owned equipment or services.

Such access may occur at any time, although in reality most companies generally only pry into an employee's email if the person is under suspicion of doing something illegal or materially damaging to the company. There are exceptions however. In some industries where there is a high prevalence of company data being misused, monitoring of emails is the norm. These industries include recruiting – where the object is to protect candidate resumes, online retail customer data in a B2C business, medical data, payroll and accounting data, legal opinions, management consulting advice, etc. In such companies, it is probably in the interests of both the company and the public for management to order regular email content audits to ensure that people with access are using the data properly.

Other industries where you pretty much have to expect that your email is being monitored include the financial sector, the armed forces, national security, insurance, and other similar sectors relying on sensitive information.

How do companies monitor email? There are many ways, ranging from the obvious solution of typing in an administration password on your PC to access your email folder, through to copying every send of an email to a second email address (such as your boss), looking at email flow with some kind of data analyzer, or even remotely recording your key strokes with a key logging software. Usually, there will be a human network administrator acting under orders from senior management, reviewing a user's email. But where volumes are high, some companies have invested in semi-intelligent software-based content parsing agents, which detect key words and trigger alert messages to the administrator.

Once an email is sent it can be really hard to erase. Quite apart from the fact that the recipient has a copy that they can do anything they like with, another thing to remember is that you can never really erase email -- as certain business people have found to their dismay in recent court hearings. The fact is that within minutes of your typing and sending an email, there will typically be a copy of it not only in the main email server but also on the backup as well. And on a daily basis, your network administrator is probably backing up the fresh email data onto a tape or other media and keeping it in archive – just in case the server fails and it needs to be restored.

So this brings us to email etiquette. I have a simple rule in my office – don't send email you don't want read by someone else later in the wrong context, or which could come back to haunt you later such as sexually or racially offensive messages. And in particular, if you have a short temper – as I do, don't send email as an immediate reaction to an inflammatory message you may have received.

As a writer I sometimes get unsolicited emails from people who seem to have nothing better to do than attack others. I'm an emotional type (really!) and my first reaction is to give them "a tongue lashing". But while it can be really satisfying telling them what morons they are, after writing a response I save it to the Drafts folder rather than pressing Send. I then force myself to leave the message for an hour or so before re-opening, reading, and then sending it. This way, I have had time to calm down and think about what I want to say. Often I realize that I'm not going to get through to such a numbskull anyway, and wind up erasing the message.

Possibly the best email usage policy to have as an individual employee is to keep your work email for work stuff only and do your personal email on a web browser through to an email service such as Hotmail or Google's Gmail. Personally I like Gmail because it allows up to 3GB of mail to be archived and because it has a blazingly fast search function. Regardless of service, web e-mail's main attraction is that it gives you a constant interface and access to your data, despite the fact that you might move around and use different PCs. Then again, maybe you forget to backup your data and you have a hard disk crash.

But if you do use web email, just remember that while you may feel that you have a bit more privacy by staying off the company's email servers, in fact, your conversations can still be just as easily monitored by key loggers and protocol analyzers. If you've got something really private to say, best to keep it at home.

One interesting side note on the Japanese laws concerning storage of private information is that it allows for concealed tape recording and for that matter even bugs – but not wiretapping. Thus, if you are being verbally abused by someone at work, and are not getting action from the HR department, you might want to consider covertly recording the conversation. I don't recommend this as normal behavior since obviously it is a violation of trust, but nevertheless, if you feel that you have exhausted every avenue of appeal within your company and you need proof of wrongdoing, I've heard it said that nothing works as well in a Japanese court of law as a clear tape recording.