Legal Issues

Time to Log Off? Take Care When Crafting Workplace Internet Policies

© arrow - Fotolia.com

By K. Carrie Sarhangi

Are your employees allowed to use their work email account to send and receive personal emails? Should staff be permitted to surf the net while at the workplace?

What about Facebook and Twitter? Does your employee handbook have any limitations on how employees should (or should not) use social media at the office?

In today’s world — where there are more devices connected to the Internet than there are people on the planet — the Internet and social media keep the world connected.

But from a corporate compliance and accountability perspective, the question that employers need to ask themselves is: what Internet use limitations do I need to insulate my company from being held vicariously liable for an employee’s criminal conduct?

Carefully crafting workplace Internet policies

In a recent Pennsylvania Supreme Court opinion (Commonwealth of Pennsylvania v. Levy), the court affirmed the lower court’s ruling that interactions and images of child pornography relayed over Skype, the ever-popular Internet-based telecommunications system, are considered “computer depictions” under Pennsylvania’s child pornography laws.

While the court expanded the statutory definition of “computer depiction” to include video images displayed on a computer monitor via Skype, it reasoned that doing so was well within the General Assembly’s intent in enacting the sexual abuse of children statute and “[t]o construe the term ‘depiction’ as excluding images displayed on a computer monitor would circumvent, and confound, this legislative intent.”

The practical implications of this ruling (and other similar rulings relating to the statutory interpretation of child abuse prevention laws) are that employers should be prudent in drafting and disseminating their employee conduct handbooks, particularly when it comes to the use of the Internet, social media, and Skype at the workplace.

Employers have a larger duty

And while some may coin the implementation of rigorous Internet policies as micro-managing or the imposition of ‘big brother,” the reality is that employers have a federal duty to report promptly and in good faith knowledge of any employee utilizing child pornography — even at the workplace. Failure to do so can not only result in stiff fines, but also civil liability.

At least one employer has been found liable in a civil lawsuit (Doe v. XYC Corp) for failing to report that an employee was visiting child pornography sites at work and sending child pornography from his work computer.

So what’s the bottom line?

Update your Internet use policies, ensure that your employees know to whom to report possible misconduct, and familiarize yourself with the federal CyberTipline should you have to report the criminal misconduct of an employee.

This was originally published on Montgomery McCracken’s White Collar Alert blog.

K. Carrie Sarhangi is an associate in the litigation department in the Philadelphia office of the law firm Montgomery, McCracken. Her practice concentrates on government investigations and white collar crime, related civil litigation, and complex commercial litigation. Contact her at csarhangi@mmwr.com.