Who's Reading Your Email?

by Ted Proulx

I've always felt the "SEND" button on email programs should be attached to a breathalyzer. The pop-up after you blow into the plastic tube may read something like, "Sorry. Your blood alcohol level is too high to send emails to ex-girlfriends."

Most of us have sent an email or two that we wish we could take back. It's painful for a while, but eventually the message gets deleted and is lost to the world forever...or so it was. Data retention policies across the world are changing. While you are still fairly safe using your private email accounts, your work and school email may be monitored and saved in ways that could surprise you.

One of the first things you, as a new employee, should realize as you enter the business world is that data on a corporation's computer systems belongs to the corporation. That includes your email, instant messages, web browsing habits, and any music or pictures that you save to your company desktop, laptop or server. Not only does the corporation own that data, they tend to keep it for more years than you may suspect. Ten years from now when you are applying for that department head job, they are perfectly free to dig up the personal emails you sent as an intern last summer from your my.name@bigcorp.com account.

How long are you going to have to worry about those love notes to your sweetheart? Kevin Wright, a team lead of the Messaging Team at Medtronic says that emails are currently retained for ten years and they are working on a project to retain emails for even longer. Charles Hart, who works with system backups at United Health Group, indicated that their corporation retains emails for seven years, and they also are working on systems to retain emails indefinitely.

I know of a couple cases where improper use of corporate email accounts has resulted in lost jobs. In one case an unnamed upper level manager was fired for forwarding three emails he received from friends at his work email account to his home email account. The emails were of questionable taste, but nothing that most of us haven't seen before. He was sending the emails to himself, but it still broke company policy to send those types of emails.

At one time I worked with the person who set up corporate instant messaging for a large company. I was shocked to find out that they not only could read other people's instant messages, but did read them on a regular basis. The system administrators were not trying to pry into people's lives; they were ensuring that the tool was a viable business system and that it would be used to facilitate the company goals. The system administrator told me, while most instant messages were from employees working together, he also saw enough messages about what people do after work to question whether or not using instant messaging was a good business practice.

Are companies out to get us? Do they only hire us to try and find creative ways to fire us? Of course not. Data retention and the ability to see what is happening on company networks is an absolute must for companies to protect themselves. If there is an accusation of harassment, a suspected case of insider trading or even a tax audit, companies need to be able to retrieve data that may have been deleted at some point. For the last twelve years I've worked for five Fortune 500 companies as a systems administrator or systems engineer. My experience has shown that companies rarely look at personal email or monitor instant messaging, but they legally can and will if a situation calls for that type of action.

It's probably a good idea to keep your Yahoo, Gmail, or MSN account active once you get a corporate email account. Companies can still monitor downloaded internet mail, but most don't, and if they are truly worried about free email usage, they will block the sites. I advise new employees I work with to never give out their work email address to web companies that may distribute that address to people who don't have their best interests at heart. Try not to give out your work email address to friends, especially the ones who would like to send you the more risqué emails. It might hurt the friendship if those friends get you fired. You will probably never get in trouble over receiving an email, only for sending inappropriate materials, but why take the chance? Odds are, if you go work for a large corporation, you will only have instant message access inside the company. They've learned the hard way how much productivity can be lost to people chatting when they're suppose to be working. If you do have access to an outside instant messaging system be careful what you send and to whom you send it; instant messages are typically sent in clear text and easy to monitor.

A set of codes with close friends can be handy. When an email would probably be inappropriate at work, start the subject line with NWF (Not Work Friendly). Then you and your friends will know not to open that email while in the office. If an email on a Web-based email account (Yahoo, Gmail, MSN) is not opened, it will not be transmitted on the company network, and the company will never know it existed. The moment that email is opened or downloaded into your company email program, the company has the rights to review the email. Even if your email is not being monitored, you can cause a stir by opening a questionable email while someone is walking behind you and looking over your shoulder.

It all boils down to common sense. If you live a clean life and have Saints for friends, don't worry about it. If you sometimes step in puddles on purpose, if you occasionally send dirty jokes to your mother, if once in a while you send four-letter-word-filled rants about the Vikings to buddies, play it safe and know what rules apply to where you are, and keep the fun stuff for home and your own computer.

Works Cited:

Wright, Kevin. Personal interview. 10 October 2006.
Hart, Charles. Personal interview. 15 October 2006.

Back to top.