Workers Lament Loss of E-Mail Privacy on Job

An AT&T; employee is upbraided for exchanging affectionate e-mail notes with his wife, who also works for the company. A PacBell manager is fired for viewing pornographic Web sites at work. And an analyst for the Federal Communications Commission is warned that all Web browsing at work is being monitored.

Sparked by the need to make their computers secure for the year 2000, companies from Los Angeles to London are tightening the rules governing use of personal computers in the office. And employees are grumbling that, in an era when they often take their work home, it is unfair for companies to monitor their personal time at work.

“It’s really impossible to keep your life at work completely separate from your home life when we are working more and more hours a week,” said Nanda Barker-Hook, director of the Massachusetts Coalition on New Office Technology, a watchdog group that follows workplace technology issues. “But workers should know that their files on their office PCs are not their own and that other people might be looking at them.”

A backlash against too much corporate spying is beginning. In California, Gov. Gray Davis is expected to sign a bill this month that would make it a misdemeanor for employers to monitor workers’ e-mail without notifying them in advance.

What distinguishes this wave of security from previous attempts at curbing non-business-related computer usage at work is technology. Sophisticated new tools allow companies to track everything workers do on a PC--from the software they use and the e-mails and letters they write to the Web sites they visit and the individual keystrokes they type.

Companies argue that computer systems are too expensive--and too delicate--to risk outside invasions.

“I don’t think we have to be heavy-handed about it but we won’t hesitate to crack down because we are responsible for protecting the network here,” said Wanda Sims, deputy information director at the FCC. Next month, the FCC will phase out 62 software products and increase its surveillance of employees bringing in unauthorized software from home. The FCC is also more closely monitoring where employees spend their time on the Internet.

To employees, the new policies represent a major departure from the laissez faire attitude that once prevailed.

Ever since Apple Computer launched its breakthrough ad campaign 15 years ago denigrating IBM and its mainframe computers and celebrating the PC as a liberating force for creativity, the personal computer in the workplace has been very much personal. Employees felt free to explore the Internet, exchange messages with friends, store family shopping lists and even, when the boss wasn’t looking, play solitaire.

Now, sparked by the need to shield computers from the dangers of the Y2K bug and fearful of potential liability from security loopholes, employers are in the throes of a major security crackdown.

About 17% of Fortune 1000 companies and half a dozen federal agencies now have monitoring software to watch over their office PCs. By 2001, 80% of large companies are expected to be using such software, according to International Data Corp., a research firm in Framingham, Mass.

Employers say that they only want to improve productivity, ferret out computer products that could malfunction in 2000 and avoid legal problems, such as company secrets or racist or harassing computer messages.

“By putting the software onto our 3,000 computers we are able to track, at the desktop, the activities that a person performs,” said Paul Higday, business technology manager at Owens & Minor, a medical supply firm in Richmond, Va. “We’re not using it to spy on people. We are just tracking the activities that are work-related.”

Detailed information on how workers use software to process orders for medical supplies, added Higday, helps managers improve productivity and “ensure we have the lowest operating costs of any company in our industry.”

In embracing monitoring software, employers also are eyeing multimillion-dollar savings in software licensing fees by trimming their inventory to those products their workers actually use--removing word processing software, say, from managers whose secretaries write their correspondence.

“The point is not to use this data to deliver pink slips but to better manage your inventory,” said Randy Britton, a spokesman for Tally Systems Corp., a leading provider of monitoring software.

Today, AT&T; monitors more than 1 million internal employee e-mail messages each day as well as the tens of millions of Web sites employees visit.

“If an employee tries to access a Web site with material we think is objectionable--say, a pornographic or hate site--they see a message on their computer screen that says the site is not accessible,” said spokesman Burke Stinson, who has a demerit on his record because of his amorous e-mail messages to his wife.

But if companies argue the need for security and efficiency, workers argue that their privacy is being invaded, their sense of computer freedom violated.

Cindia Cameron, director of 9 to 5, a national organization for working women, said the group’s hotline has fielded many calls from workers wondering if their employers can read their e-mail messages or trace their Internet meanderings. “Our basic message is, ‘Don’t take anything for granted,’ ” she said. “Technology gives your employer the ability to know all sorts of things about what you do on your computer.”

Because monitoring software is relatively new, few workers--even top executives--are generally aware of the extent to which their PC activities can be tracked and how permanent the computer records they create are, experts say.

“I have been personally present at a couple of meetings at large organizations at which some senior managers were startled to learn that there were computer archives of everything they have ever done on their office computer,” said Adam Clayton Powell III, vice president of technology and programs at the Freedom Forum, a research foundation based in Arlington, Va.

Powell added that some of the monitoring software is so inexpensive and powerful that there is potential for misuse: “It may not be just your boss who is monitoring what you are typing at your PC. It could be anyone who wants to keep tabs on you.”

Delta Air Lines, Exxon Corp., the U.S. State Department, the Department of Veterans Affairs and Lockheed Martin Corp. are among dozens of companies that have purchased even more sophisticated monitoring software that records the date a computer program was started, the time it was started, how long it was used and every keystroke a user enters.

WinWhatWhere Corp., a privately held Kennewick, Wash., company that makes this software, says it cannot be certain how its product is being used. But company president Richard Eaton attributes a 50% jump in sales of the software this year to corporate buyers using it “when they suspect somebody is doing something they shouldn’t be doing.”

Employers generally have the legal right to monitor their employees, including videotaping them on the job or monitoring their telephone and computer use. However, few did so in the past because of the cost and technological challenge.

Today, inexpensive and easy-to-use products have given companies a vast storehouse of data that is rewriting the rules of workplace privacy. The surveillance is facilitated by data routinely stored by many popular, everyday software products.

Take Internet Web browsers. They automatically store a copy of each Web site visited on the computer’s hard drive in a “history” folder. (To view these files in Netscape or Internet Explorer, open the browser, hold down the “Control” key and type the letter H.)

Similarly, when office PCs are tied together in networks, company computer managers have access to all files stored on PCs connected to the network, and often install software that copies files created on the machines to a central server for safekeeping in case they are accidentally deleted.

Makers of security and computer management software--such as IBM’s Tivoli Systems Inc. and Computer Associates International Inc.--report strong demand for products that track PC usage.

Another maker of monitoring software, Elron Software Inc., makes a product that can track the content of e-mail messages and block inappropriate terms. The company says such capability enables company managers “to properly enforce your organization’s . . . acceptable usage policy for Internet communications.”

Some experts, however, say the workplace crackdowns are too draconian. Even some computer system managers warn about the negative effects on employee morale if office computer use is controlled too tightly.

“It’s not likely that somebody is going to push a keystroke that will bring a company down,” said Shaun Brachmann, who manages 3,500 computers at plumbing supply maker Kohler, based in Kohler, Wis. “I think you have to trust your people and treat them professionally. It’s just not good use of my time to constantly look over people’s shoulders.”