[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 808
  • Last Modified:

Is it illegal to read company emails being the IT guy?

Is it illegal to read company emails even though I am the IT admin? I dont know the legal ramifications - our company states in the handbook that we own the email, but I have recently heard the courts have claimed this as an invasion of privacy.
0
yoojie
Asked:
yoojie
4 Solutions
 
epichero22Commented:
If you have authorization from the company to have your head in the emails, then yes it would be legal.
0
 
Jason ThompsonSenior UX DesignerCommented:
Yep, agents of the company are in the clear legally.

http://www.nolo.com/legal-encyclopedia/article-30088.html

Now it's just a question of whether or not this falls under your job description, and if there are any company rules pertaining to who will be monitoring company email?
0
 
behendersonCommented:
Not only is it legal it is very often times necessary and other times advisable.  If your company does not have some type of disclosure in your employee handbook advising that all content on company owned computers is company property then you have really awful lawyers.

I once worked for a company that did not have enough bandwidth to the cloud and so email would routinely get stacked up in the mail router and at times I would have to go through the messages and remove all non-mission critical messages from the outgoing mailbox on the mail server, So I was reading everyone's mail..  

At a larger company I worked for they had a guy who was selling a list of every sales meeting that their sales force had scheduled to their competitor..... you have to talk to hundreds of companies to get a sales call and this meant that the number of sales they could expect was cut in half because they would always have another competitor who knew EXACTLY what their offer was, we are talking about tens of millions of dollars of revenue.  

Any company that just sits back on their high horse and decides they don't do that kind of thing is nuts.  We live in an age that you can lose your entire company, every proprietary secret, everything with the touch of a few buttons.  At several companies I worked for not only did we look at company email, we looked at Yahoo email, MSN, anything that was accessed from a company computer, from inside the company where trade secrets were stored on the company network.  I tell you what, the first time I was involved on a contract where I was doing stuff like that I felt uncomfortable, but then you see what is at stake.  Millions of dollars and thousands of jobs on the line all because of one unethical person.  You lose one government contract because of company espionage and double agent employees and you close an entire office, a big office with 30 floors.  It is a big bold techno world out there and you need to adopt to the new security needs or risk everything.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
PowerEdgeTechIT ConsultantCommented:
Most companies explicitly state that there is - or should be - no expectation of privacy when it comes to company email.  I think that is said in the spirit of "don't abuse your email, because we reserve the right to read it if we feel we need to check up on you" rather than "your email will be read on a regular basis and may be the topic of management meetings and the latest gossip".  The company would have to have in place some pretty clear policies on who can and can't read them and under what conditions emails might be read to even stand a chance in court.  That said, just because there's nothing saying you can't read them, that doesn't mean you should.
0
 
griff4345Commented:
You can read and/or monitor the outgoing and incoming emails, but you cannot do it covertly. You must advise, in some manner and in exact terms, any/everyone who may fall victim to this action, that you will be doing so.
0
 
behendersonCommented:
Sadly, if you are a large company you probably should.  There is no fortune 500 company without some level of industrial espionage going on.  The part about clearly stated policies is spot on and company gossip would render any security efforts completely and totally ineffective.  If you do go into emails then you need to have a clearly stated objective, nothing that falls outside of that objective should be shared with anyone for any reason.  Objectives like, is someone sharing company secrets with outsiders, is someone stealing company assets in the hundred thousand dollar range are reasonable.  Things like the Head of HR is gay, or the marketing director is looking for a new job are totally off limits.  And Gossip would need to be a loss of employment offense for those reading email.  Most large scale theft of company assets is stolen by some very unorganized bunglers (see The Informant with Matt Damon)

If you are the CEO of a large company you have thousands of people who are depending upon you for their livelihoods.  If you let all your company assets get stolen and that leads to thousands of people losing their jobs and you didn't do everything you could to prevent that then you are a wussy who shouldn't have been a CEO.  For any large company a very comprehensive highly secret, very pinpointed security plan should be a part your organization.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now