Email, social media and the internet at work
Email, social media and the internet at work: A concise guide to compliance with the law

(7th edn, PP Publishing, 2014), written by Stephen Mason

Immediately computers were connected to the internet, the line between the inner and outer world of communications altered forever. Email has become ubiquitous – it is the most commonly used method of corresponding for both internal and external purposes. Social media has extended the way many people connect.

Communicating has become effective and efficient.

However, problems occur. For instance, some people do not adjust their behaviour when using such technologies, causing themselves, their friends and families, and their employers embarrassment. Others use the technology to steal, commit fraud, bully and continue with unpleasant and illegal activities – and do so when using the corporate infrastructure.

The content of this book is deliberately general in nature. Written by a barrister that has given numerous seminars (both public and in-house) on the topic over the years, it provides copious examples is to provide the reader with a clear understanding about the nature of the case in order to more fully understand the reason for the decision made.

Whether you are working for a commercial or public sector organization, whether a lawyer, accountant, architect, doctor, head teacher, governor, trustee, director, administrator, senior manager, sole trader, small, medium or large business, IT manager, banker, stock broker, risk controller, data controller or responsible for personnel, this book helps you understand the use of email, social media and the internet in the legal context.

Chapter 1 Networked communications in context

Chapter 2 The liability

Chapter 3 Types of misuse

Chapter 4 Liability and employees

Chapter 5 Operational liability

Chapter 6 Monitoring networked communications

Chapter 7 Personal data: workers, customers and security

Chapter 8 Storing networked communications

Chapter 9 Evidence

Chapter 10 Content of the networked communications policy

Chapter 11 Operational implementation of the policy

Chapter 12 Check list for the network communications use policy

Appendix 1 Further examples of misuse of networked communications

Appendix 2 Sample email, social networking and internet use policy

Reviews of previous editions

Preston W. Shimer, FAI reviewed a previous edition in The Information Management Journal, November/December 2005 Volume 39 Number 6

Don’t read this review if your e-mail and electronic records management concerns only reach to the county line. Everyone else, read on!

Stephen Mason is a Brit. He is a skilled British barrister (lawyer) with a systems engineer’s understanding of computer hardware, software and networking concepts. The title of the book, Networked Communications is an umbrella concept for all the forms of electronic communication we have available, ranging from e-mail through instant messaging to weblogs. Potentially Mason’s knowledge could make him dangerous. Instead, he is devoted to our cause, the cause of records and information managers striving to manage the full spectrum of information for their varied organizations. The book is a concise, clearly written treatise and spiced with cartoons (the work of his collaborator Geoffrey Thompson, a cartoonist) that capture the essence of an issue in a few frames.

In Britain, as in the United States, legal issues frequently are defined by case law rather than statutory rules and regulation. While the majority of the cases cited in this book are from the courts of England and Wales, a number of examples are drawn from North America, Australia, Europe and elsewhere. It is very apparent that networked communications are a problem worldwide, and Mason’s book shows he is prepared to deal with them.

Mason chose to focus on the use of networked communications between employers and employees only. The use of e-mail, instant messaging, and related tools for marketing, political action and other purposes is not discussed.

The initial chapters of this book build the case for being concerned and taking action. Beginning with a reality check about e-mail, its benefits and its uses, Mason dives for the flip side – its risks and implications. Is no control an option? Can an organization choose to ignore these risks? If an organization doesn’t want to ignore the problem, can each message be monitored? Can an organization invade the personal rights of its employees? Can all of these messages possibly be stored? Who should make the retention decision? All of these issues are beautifully illustrated and derived from actual case stories. Far from being a dry read, the case studies are almost as much fun to read as a John Grisham novel. The inescapable truth is that e-mail and other forms of networked communications are a minefield of potentially damaging evidence. The rest of the book deals with that contention.

Mason makes the case that the most powerful tool available to organizations choosing to address networked communications problems is a policy and a follow-through program of audit trails and compliance enforcement. The “policy” chapter and its related appendix, a “Checklist for the Network Communications Use Policy,” are worth the price of the book. Mason says the first issue that should be covered in a networked communications policy is a section designed to explain to the employee why the policy is needed. The intention here is to get “buy in” to the disciplined use of networked communications that will follow because both employee and employer are at some personal risk. He further writes that the majopr sections of the policy that follow the introduction should focus on security, obscenity and indecency, evidence and recordkeeping, retention periods, wasting time, formation of contracts, confidential information and trade secrets, intellectual property rights, malicious code (viruses and worms), defamation, the actual content of the messages, and communications for private use. Here, as elsewhere in this book, the writing style is clear and to the point, balancing the useful benefits of networked communications with their inherent risks.

Still not convinced to get a copy? Then read Appendix 2: “Examples of Dismissal”. This is a litany of companies and organizations and the stories behind the numbers of employees who were dismissed for misusing the networked communications provided to them.

What makes Mason’s contribution to the literature significant to the North American audience is that he addresses a common problem that all of us and brings solutions to our attention that will work in international environments. This author is a valuable contributor to the field. RIM professionals will be hearing a lot more from him.

Tamzin Mathews, Computers & Law, December 2005/January 2006 Volume 16 Issue 5:

‘The thing that sets this book apart from many other similar books on the market is its sheer entertainment value. The layout is attractive and easy to read, and the book relies heavily on cases to illustrate key points, which in this area of the law, in itself provides some amusing material.

The book promises to be concise, and concise it is, providing just the right amount of information to be used as a reference book by a practitioner who quickly wants to remind him or herself of the outline details of a particular case, or to obtain a quick overview of a particular topic. Because of the fact that the book does not seek to over-complicate the issues, and relies on entertaining examples to demonstrate the legal points, it is likely to be invaluable for those on the lecture circuit or those who are called upon to explain this topic to lay people. The format of the book also renders it a perfect start point for the novice or those without legal training. The book provides sensible practical guidance in a “tips” section, which in reality many readers will be looking for, rather than academic conjecture.

For those who are wrestling with more complex legal issues arising from the use of networked communications, such as what to do in group companies in cross border e-mail monitoring situations, a more heavy-weight publication would be required. Those who are likely to have to answer questions on the lines of “what if?” from those whom they advise will probably want to obtain the full case reports for the cases summarised in the books, as the format of the book by necessity has lead to some over-simplification of the cases cited. However, as an entry level text, I have yet to find a book that beats this one for accessibility.’

Niels J Bjergstrom, Information Security Bulletin Volume 10 Issue 6 July 2005:

‘This is a ‘must read’ book for everybody tasked with implementing and controlling networks, writing email and data retention policies and assuring compliance with the law. The book applies equally to large and small organisations, public as well as private. We have mentioned this work before, but because this is an area of law which changes frequently it is necessary to keep up to date by re-reading the book regularly. Compliance is currently a buzzword, and it is good to know what it is you’re complying with, how to do it and how to document compliance.

The book is written with a broad, lay audience in mind and is easy to read and understand despite the often convoluted complexity of the subject. It deals in depth with the relationship between employer and employee in connection with networked communications but also e.g. Data retention in other contexts. It is based on English law.

The author quotes around 40 cases, some of them hilariously funny to read. In many cases it seems to be attitudes that need to change and legislation rolled back to before the age of ridiculous levels of political correctness …….

We have seen a number of books on this subject over the past few years. I must say that, as a lay person in relation to jurisprudence, I consider this the authoritative work for persons like myself. It is clearly written and updated regularly. Refrain from reading it at your peril!’