Corporate e-mail policy

James C. Sewell jims at MPGN.COM
Mon Aug 5 14:26:39 PDT 1996


At 11:22 PM 8/3/96 -0400, Rabid Wombat wrote:

> What you 
>publish as a use policy, and what you actively enforce do not have to be 
>the same.
>

  Unfortunately this is a problem in many companies.  There are policies
which are enforced to the letter, guidelines which are just suggestions,
and fake-rules which are not even attempted to be enforced.

  The problem comes when the employee and employer can't distinguish
them from each other.  

  Personally I think I would approach it as the privacy we have with the
eontents of our car's trunk.  If an officer has probable cause to search
the trunk then he can, otherwise he can't.  It's not a perfect system but
it does work better than other alternatives I can think of.

  Write into your policy:
    "Electronic mail may be monitored if there is sufficient reason to
     believe that it is being improperly used which includes, but is not
     limited to: mail to competitors, more than 20 recipients (spam), and
     incoming mail from questionable sources.  If such monitored mail is
     encrypted the employee must provide a clear text version of the mail
     which is to be unencrypted under supervision to avoid substitutions.
     Any employee refusing to make available such mail will be ...."

  Just remember, as was said, once you make a policy it becomes precedence
and will stick with you forever... longer if it's a bad one.

Best Wishes
   Jim
Jim Sewell - jims at tansoft.com    Tantalus Incorporated - Key West, FL







More information about the cypherpunks-legacy mailing list