This article by Stuart L. Adams, Jr. appeared in the 

Louisville Computer News

 

E-MAIL NETIQUETTE

CORPORATE PRIVACY AND SPAM

(October 1998)

Trust a lawyer to tell you that there are rules for everything, even including the Internet. While some judges have told us that they can't define what pornography is, but they know it when they see it, there are some basic rules related to the etiquette of e-mail. These started as a courtesy or an unspoken "netiquette" but are now starting to become legally enforceable.

Corporate employees often have an expectation that their e-mail messages are personal or private and should not be subject to the employer's scrutiny. There have been recent estimates that over 90% of employees in companies of a thousand or more use e-mail on a daily basis. It is becoming the communication channel of choice, exceeding the phone, the fax and the personal visit.

There are a number of laws, including federal and state statutes, as well as "common law" tort theories, which might give rise to a legal action by an employee against his or her employer for invasion of privacy, if the employer covertly reviews e-mail communications. While employers should certainly not routinely "bug" their employees, an investigation of inter-employee harassment or theft allegations, for instance, could give rise to the employer reasonably conducting surveillance of communications.

Recently, two minority employees of Morgan Stanley & Company, filed suit seeking thirty million dollars each in damages against the company because of allegedly racist jokes sent over the company's e-mail network. About this time last year, The Courier-Journal reported that the ousted Columbia CEO had outlined his vision of health care in an e-mail message with words to the effect that diseases were like product lines, whether admitting patients or making radios. While neither of these messages may have been startling to the recipient, they certainly provided a great deal of corporate embarrassment and, in at least one of the two cases, very substantial litigation.

COMPANY E-MAIL POLICY

Although many employees may have what they consider to be a reasonable expectation that the computer they use at work and the files on it are their personal property, this is typically not the case. E-mail, likewise, does not necessarily constitute private communication. The simple way for the employer to handle this, eliminating doubt and litigation, is to institute a realistic e-mail policy. Probably the best method of doing this is to give new employees an agreement which indicates that, for as long as the employee adheres to the obligations of the agreement, the employee will have access to the company e-mail services, including file storage and exchange services. The employee would sign the agreement acknowledging his or her understanding that the employee may be subject to discipline, including termination, for violation of the terms of the agreement.

The policy should state that the employee agrees to use the e-mail services of the company only for company business and that the employee will not it use it to cause any violation of state or federal law, cause harm, embarrassment or misinformation to another individual, or violate the rights of another employee, a third person or the company.

Further, the policy of the company should probably indicate that the company has a right to review the company's file storage system to determine that the employee is not storing illegal information, information likely to infringe on the rights of the third person, proprietary information of the company which is not secure or which is inappropriately stored, files which may contain a virus or which may be stored for any other inappropriate purpose. While there are a number of additional points to be included in such a company e-mail policy, the items above should be sufficient to start the protection process.

A WORD ABOUT SPAM: "STOP"

A growing concern for all of us, as e-commerce increases, is the spam tidal wave. Which of us had a day go by recently when we have checked our mail and not had an unsolicited e-mail message from some Internet marketer offering us a deal we can't refuse? Sometimes they are interesting, but most of the time we would rather not have to click them into the virtual round file while we sort through a wave of such Internet ads that simply slow down our communication process.

Both the legislative and judicial processes are starting to focus on this problem. I have noticed that some of the most recent junk e-mail I’ve received has carried a disclaimer at the bottom that not only tells me how to "unsubscribe" to further messages but also indicates the message is sent in compliance with proposed federal legislation. Although not yet enacted with any teeth, there are a number of federal and state bills which are circulating, which seek to regulate commercial e-mail. One instance of this, which can be found on the Internet, is a web site posted by Senator Murkowski relating to his proposed bill on unsolicited commercial e-mail.

Senator Murkowski's bill contains provisions, including injunctive relief and civil fines up to $15,000.00 for violation of the law, which can also be enforced by the states after notice to the Federal Trade Commission. The bill also allows Internet service providers to decline to carry e-mail if it is in violation of the bill. The bill requires that the correct name, physical address, e-mail address and telephone number of both the message initiator and creator must be stated along with a further statement that repeated messages can be stopped for free by replying to the unsolicited commercial e-mail (UCE) with the word "remove" in the subject line.

This legislation, which is mirrored in legislation proposed by a number of states, including Kentucky, requires a valid Internet routing statement, since many UCE's are sent with intentionally invalid routing information, so that no unsubscribe or remove message can be sent and the true identity of the sender cannot be revealed by the message itself.

If a waive of this legislation, both federal and state, actually crashes on the shores of e-commerce, this may go far in turning back the tide of UCE's. On the other hand, some consumers have taken the law into their own hands, so to speak, by filing preemptive lawsuits. The first litigation I am aware of filed under an anti-spam law was initiated in Washington State on July 17th. A number of plaintiffs sued California marketer World Touch Networks in Washington for violation of Washington's new anti-spam statute. The complaint is available online at www.tidbits.com/anti-spam/complaint.html. Under the Washington statute, the plaintiffs are seeking a thousand dollars per violation (each UCE being a separate violation) with some of the plaintiffs alleging thirty and forty violations. The Washington action also alleges consumer protection violations, asks for injunctive relief, treble damages, attorneys' fees and costs of the litigation, all pursuant to the Washington statute.

I don't know how this lawsuit will turn out, but I suspect it is just the first of many to be filed. I do know that some spammers have filed suit against Internet service providers, such as America Online, to get back online, when they have been cut off for spamming customers of the ISP.

The legislation and the lawsuits may start to turn things around for all of us. Even lawyers, however, are not immune from the tendency to want to spam. One of the better known cases on this issue relates to some Arizona-based immigration lawyers, now two of the most reviled persons in the history of the Internet, who created a text book study of how not to handle e-mail advertising. In a major article recently in Lawyers Weekly USA, the message to lawyers was how not to conduct e-mail advertising, based upon the mistakes of the immigration firm. The immigration lawyers spammed all over a Usenet, where an informal ban on commercial advertising had long been respected by almost everyone. The messages were sent indiscriminately to discussion groups which had no real interest in the lawyer’s immigration practice, were sent in a manner forcing recipients to read at least part of the message to tell what it was, failed to identify itself as an advertisement, and made other errors which would typically draw Bar Association disapproval on the lawyers.

These folks got a lot of publicity, which was part of their goal, but they obviously forgot that bad publicity doesn't necessarily convert into something good. The message for all of us should be clear. Don't send spam and, if it really is causing you problems, lobby your legislators to pass stronger laws in this area or, perhaps, even file your own lawsuit to stop it.