Richard A. Spinello Boston College The Case for E-Mail Privacy ========================== Introduction Electronic mail is rapidly becoming a major means of efficient communication, and it is affecting the corporate culture in fairly significant ways. Along with groupware products, E-mail allows workers to share information immediately and simultaneously. It has therefore become one of the basic tools for facilitating decentralization and disintermediation in organizations, i.e., the removal of "information filters" between upper and lower levels of the traditional corporate hierarchy. In addition to making the workplace more egalitarian, it has also helped to make the organization more transparent to its workers as they become better informed about the various aspects of corporate processes and decisions. But the proliferation of E-mail systems has also brought about unintended tensions as some companies utilize this tool in an authoritative fashion. A growing number of firms such as Pillsbury, UPS, and Intel Corporation have reserved the right to routinely inspect the E-mail messages of their employees. Some companies let their employees know quite explicitly about this practice, while others are more covert. Kmart Corporation, for example, has adopted a policy that allows the company to review all E-mail messages, and every employee is informed of this policy at orientation meetings (Samuels, 1996). But a recent study has shown that only 36% of companies have developed such policies. A comprehensive policy statement will inform employees under what circumstances their E-mail messages may be examined, and identify those who might be checking these messages. Many of the companies that have embraced a formal E-mail policy seem to believe that this goes a long way to legitimizing the archiving and random inspection of E-mail messages. There is a general sentiment in the business community that as long as employees are informed of this policy it is morally permissible to inspect their E-mail. In this paper we reject this common but misguided viewpoint. Instead we contend that an individual has a prima facie right to the confidentiality of his or her E-mail communications. We begin our defense of this position with a cursory overview of the legal status of E-mail privacy. We will then discuss the critical importance of privacy and why there should be privacy rights in the workplace. Finally we will demonstrate that meaningful workplace privacy must encompass the confidentiality of all communications, including telephone, fax, interoffice mail, or electronic mail. Legal Status of E-Mail Privacy The Fourth Amendment of the Constitution protects written communications from "unreasonable searches and seizures." In Katz v. United States (1967) the Supreme Court reversed an earlier decision and ruled that telephone calls are included in this Fourth Amendment protection since the caller has a "reasonable expectation of privacy." Hence phones cannot be tapped without a warrant. At the present time, however, E-mail and other forms of electronic communications are not protected by the Fourth Amendment, though this could certainly change in future years (Tuerkheimer, 1993). Part of the confusion and controversy about electronic mail stems from the unique features of this medium. E-mail has the same immediacy and transitoriness as a phone conversation, yet it has the permanence of the written word since these messages can be easily saved on the user's personal system or archived by the system administrator. These qualities have led the Courts to regard E-mail as a separate and distinct form of communication that is not entitled to the same Fourth Amendment protection as phone calls and written documents. Furthermore, recent court rulings have reaffirmed that employers can read electronic mail sent over their computer systems, even if employees are uninformed of this policy. In a precedent setting case in 1996 the U.S. District Court in Pennsylvania ruled that Pillsbury Co. could fire a manager who had referred to his bosses as "backstabbing bastards" in an E-mail message. In his defense the manager claimed that he was given a clear impression at Pillsbury that his E-mail messages were completely confidential. The judge ruled, however, that even if the company had made a promise of confidentiality, Pillsbury's actions did not "tortiously invade the plaintiff's privacy." The rationale advanced by the Court was that "the company's interest in preventing inappropriate and unprofessional comments" took precedence over an employee's privacy rights. In summary, then, electronic mail confidentiality in private networks is clearly not protected by the Fourth Amendment or any other federal laws such as the Electronic Communications Privacy Act (ECPA) which pertains only to public networks. Thus, at the present time corporations have every legal right to monitor the E-mail of their employees even if they do not inform them of their intentions to do so. The Importance of Privacy Despite its legality and widespread acceptance, is there something fundamentally wrong with such corporate policies from a moral point of view? Should electronic mail communications be kept confidential, just as phone calls and regular mail are considered confidential in most organizations? Are companies that indiscriminately inspect E-mail messages violating the employee's moral right to privacy? And is this one more manifestation of the growing panoptic power of management? In order to appreciate the full import of these questions we must first understand the nature and importance of privacy. Privacy is not a simple concept that can be easily defined. Perhaps the most basic and inclusive definition dates back to a seminal Harvard Law Review article written by Samuel Warren and Louis Brandeis in 1890. They differentiated the right to privacy from other legal rights and defined it as the right to be left alone, that is, the right to some measure of solitude in one's life. This general definition is a good starting point but it is obviously inadequate, since the "right to be left alone" is rather broad. Perhaps a more suitable but still comprehensive definition is Ruth Gavinson's. She defined privacy as the limitation of others's access to an individual with three key elements: secrecy, anonymity, and solitude. Anonymity refers to the protection from undesired attention; solitude is the lack of physical proximity to others; and secrecy involves limiting knowledge about an individual. Although the right to anonymity must be extensively qualified, secrecy (or confidentiality) and solitude are certainly fundamental conceptions of genuine privacy (Gavison, 1984). For our purposes, however, anonymity and secrecy are especially germane for E-mail privacy. Although philosophers in different traditions have long held that we must all have a right to privacy, they disagree on how this right can be grounded or justified. The most compelling approach regards the right to privacy as derived from other basic rights such as property, bodily security, and freedom. A primary moral foundation for the value of privacy is its role as a condition of freedom (or autonomy): a shield of privacy is absolutely essential if one is to freely pursue his or her projects or cultivate intimate social relationships. Without privacy we have no psychological "space" to deliberate about our plans and projects. Also, we are subject to the control of our activities by external forces, by those who have collected sensitive information about us without our knowledge and permission. This thwarts our autonomy, our basic capacity for making choices and directing our lives without outside interference. As Carol Gould has observed, "privacy is a protectio! n against unwanted imposition or coercion by others and thus a protection of one's freedom of action" (1989, p. 23). Privacy in the Workplace But even if we admit that all human beings have a basic right to privacy, does this right extend to the workplace? Indeed, do employees have any rights in the workplace, or must they abandon their civil liberties when they cross the corporate threshhold? This is a highly controversial question which cannot be fully treated in this paper. Suffice it to say that without any rights in their respective workplaces, human beings would be extremely vulnerable. They would find the work environment to be an oppressive and hostile place, and this would surely undermine important economic goals such as efficiency and productivity. Kant sums up the essence of an individual (or corporation's) moral obligation to others as RESPECT, which entails treating others as ends and not mere means. If corporations as moral agents aspire to live up to this obligation they must respect the basic human rights of their workers, though the extent and precise nature of those rights in the work environment can certainly be debated. If there are workplace rights, privacy must surely be one of them, given its great importance. A worker's privacy rights must obviously be balanced with a corporation's "need to know," and achieving the right balance here will always be difficult. Employers do need to screen prospective employees and to check up on their performance once they are hired, but they must do so in ways that respect the employee's privacy rights. This implies, for instance, that they must not be overzealous in the information they collect or disseminate about their workers. There are several cogent arguments supporting workplace privacy rights, but we will focus on two which seem especially pertinent and tenable . The first is based on the role responsibilities of employees to perform the normal demands of their jobs. According to Patricia Werhane, "these responsibilities and the accountability relationships they entail involve reciprocal obligations on the part of the employer to whom one is responsible" (1985, p. 94). Reciprocal obligation is a critical element in virtually all accountability relationships including those in business. While employees must live up to the responsiblities of their jobs for which they must be held accountable, employers have a reciprocal obligation to uphold their part of this employment agreement. According to Werhane, the reciprocal nature of employer-employee relationships entails certain rights such as a right to privacy. An employer cannot expect respect for privacy as confidentiality, i.e., for the ! protection of corporate secrets, unless that employer respects the privacy rights of its employees. The second argument centers on each person's fundamental right to autonomy, to make choices freely and direct one's activities. As we argued above, privacy is a critical prerequisite for the exercise of one's autonomy. Without privacy, autonomy will be consistently threatened and enervated. Moreover, autonomy is a basic aspect of one's humanity according to moral common sense and most philosophical traditions. The Kantian conception of personhood, for example, links the moral worth of persons to "the supreme value of their rational capacities for normative self-determination" (Doppelt, 1988, p.278). All normal persons have an innate capacity to determine and pursue their own conception of the "good life" and to respect that same capacity in others. Kantian self-determination is protected in our society by the civil liberties guaranteed by our Constitution, and this protection should not be discarded in a corporate environment. Managers do not have some sort of moral immunity simply because they are interfering with the autonomy of their employees. Respect for the human good of autonomy is a categorical moral imperative that cannot be jettisoned for the sake of corporate objectives. And since privacy is a necessary condition of autonomous behavior, it follows that workers must have some sort of privacy rights. Of course, this does not imply that employees have complete freedom in the workplace, since they are accountable to their employers for fulfilling the normal demands of their jobs. Autonomy and privacy must be circumscribed appropriately to help meet those demands. It does mean, however, that unless there is a legitimate "need to know" employers should not gather information about their employees that viol! ates their privacy rights and threatens their basic autonomy. The Ethical Dimension of E-Mail Privacy Clearly, when one's electronic mail messages are randomly inspected, one's privacy is violated since confidentiality (or secrecy) and anonymity are lost. Recall that these are two key elements of Gavison's defintion of privacy. The information in the message is no longer confidential since it is read by a third party (a systems administrator or a manager) and the names of the sender and receiver are exposed so both lose their anonymity (see Doss, 1995). Companies that do inspect their employees' e-mail messages cite a few basic reasons as justification for their actions. E-mail monitoring, they maintain, can help prevent blatant misuse of the corporation's E-mail system: if employees know that E-mail is monitored they are less likely to divulge valuable trade secrets through this medium, waste company time by conversing with friends and relatives, or even use E-mail for illegal or fraudulent purposes. They also claim that E-mail monitoring is an important means of quality control in some businesses where its workers are engaged in frequent E-mail contact with customers or suppliers. Finally some organizations contend that because they own the computer resources, the hardware, software, and networks on which E-mail messages are transmitted, they should have an unconditional right to control and monitor the contents of those messages. Although these arguments may appear to be sound and plausible, some of them are simply spurious, and none of them convincingly justifies the displacement of privacy rights for a higher corporate purpose. The final argument about resources, for example, seems especially problematic. Does the owner of resources have the right to inspect everything generated by those resources or to surreptitiously check on how those resources are being employed. By this logic the corporation would have the right to inspect everything written with a company pen! Or if I rent out my vacation property do I have the right to monitor the personal activities of those using my property? Further, does the possibility that someone might abuse E-mail mean that everyone's E-mail should be monitored? The civil liberties of innocent people should not be suppressed because a few rogue employees might abuse those liberties. If a corporation has legitimate suspicions that someone is using its E-mail s! ystems for illegal, untoward or frivolous reasons, it should investigate and take any necessary action. A breach of privacy would surely be justified under such circumstances as long as there are appropriate procedural safeguards. On the other hand, there seem to be more compelling arguments for preserving the confidentiality of E-mail communications. To begin with, many interactions in the workplace intersperse business and personal information; this often happens inadvertently as workers discuss what's new in their personal lives as they conduct business. It seems untenable and unrealistic to demand that workers refrain from doing this at all times. Also, employees who regularly work from 9am to 5pm (and in many cases for much longer hours) often have no choice but to conduct some personal business from their offices. As a result, those companies which routinely peruse E-mail will sometimes become privy to an employee's business affairs or to sensitive details about an employee's private life. For example, if Manager X regularly inspects E-mail correspondence between Joe and Marie he may discover things about Joe's personal life that could affect Joe's relationship with Manager X, including Joe's future in the firm. Perhaps in the midst of an exchange of electronic mail messages Joe confides in Marie a few details about his personal affairs, since they explain why he has been tardy in completing an assignment at work. Joe's autonomy has then become threatened and potentially impaired since his future plans and aspirations in the firm (or perhaps even in his profession) may be unduly interfered with in certain ways by Manager X who has become privy to this personal information without Joe's knowledge or consent. Further the loss of anonymity could be consequential in some situations. For example, the correspondence between Joe and Marie might be perfectly innocuous and professional, but Marie's manager might draw an unwarranted inference from the frequency of those communications. This too might affect her future position in this company. In addition, even if the communication between Joe and Marie is strictly business-related it may still contain sensitive corporate information meant only for specific individuals within the organization. Perhaps in a matrix-like organizational structure, Joe reports to Manager Y as well as Manager X and the communication with Marie involves information that pertains to Manager Y's domain but is of no concern to Manager X. If Manager X routinely inspects Joe's E-mail he is apt to gain access to this information which he shouldn't have. Here again Joe's autonomy could be compromised since Manager X may interfere directly or indirectly in Joe's activities involving Manager Y. These fictional but realistic scenarios reinforce the acute need for a corporate policy of E-mail privacy, which manifests respect for the confidentiality of information being shared by employees and for the anonymity of those employees. By safeguarding privacy this policy preserves and protects an employee's autonomy or power of normative self-determination. As we have been at pains to insist here, since autonomy as constitutive of our personhood is a fundamental human right, there is a correlative duty to respect that right in all venues including the workplace. Consequently there is a strong deontological or duty-based argument for a prima facie right to E-mail privacy. In addition, there are convincing utilitarian arguments for maintaining a strict policy of E-mail privacy. A thorough treatment of these various arguments is beyond the scope of this paper, but we can indicate some of the basic lines of reasoning that are worth pursuing. E-mail privacy gives employees greater empowerment and independence in doing their jobs, which is so highly prized in today's decentralized organizations. Also, the absence of E-mail surveillance will encourage its more frequent and responsible use. If employees know that E-mail is being monitored they will not use it in some situations where confidentiality is important. Instead they may rely on more expensive and less efficient means of communication. Further, by respecting E-mail privacy corporations demonstrate their trust and respect for their workforce; this can help boost morale and encourage long term loyalty. But can it be reasonably argued that there is something distinctive about E-mail that justifies this monitoring? Does E-mail abuse constitute a more serious threat to corporate security than other forms of communication? Most companies that do monitor electronic mail seem to implicitly make this assumption, since they do not listen in on their employees' phone calls or open up their interoffice mail. Why not monitor phone calls to make sure that they too are being used for company business? What accounts for the different treatment? Employees use E-mail as a substitute for phone calls and interoffice mail, so why should it be singled out for special treatment? The point is that there is nothing qualitatively different about the medium of electronic mail. The use of an E-mail system does not increase a corporation's vulnerablity by making it easier for employees to indulge in excessive personal communications or to disseminate trade secrets -- the phone, fax machine, and the regular mail can also be used for these same purposes. In my view, corporations would be hard pressed to substantiate the claim that their information assets are exposed to an appreciably greater risk because of electronic mail. But unlike these other forms of communication E-mail technology provides an easy means of saving and inspecting messages for many years. This is not as easy with other forms of communication in the workplace. There is no permanent record of a fax or a phone call. The opportunity, therefore, is too tempting for many managers who cannot resist the authoritarian impulse to use this technology for convenient monitoring of their workers. Moreover, they rationalize corporate policy to fit this opportunity. According to Erich Fromm's perspective, this would represent an example of how a technological capability or "can" implies an "ought," that is, how "technological development becomes the foundation of ethics" (1968, p.34). Since corporations can monitor E-mail, they believe they have every right to do so. Conclusions In summary, then, there seems to be little justification for treating the medium of E-mail differently from other communications media in the workplace, and hence there is not a sufficient reason for singling out E-mail messages for indiscriminate inspections. Moreover, E-mail monitoring violates the privacy rights of employees since messages are no longer confidential (as intended) and the anonymity of sender and recipient is lost. This poses a grave threat to an individual's autonomy since it opens up the potential for outside interference in one's capacity for self-determination. Companies have no right to jeopardize the autonomy of their workers in this way. This manifests disrespect for them as "ends," as persons with freedom and dignity. Further, there are some key utilitarian reasons for the support of E-mail privacy. Users will be more apt to rely on this efficient form of communication if it is not monitored. Also, respect for privacy is consistent with empowering workers to do their jobs without excessive managerial interference, while it promotes a morale building "we trust you" image in the workplace. One last word. As we have observed throughout this paper, the right to e-mail privacy is prima facie and not absolute. The burden of proof is on the corporate hierarchy to demonstrate that other rights take priority in certain circumstances. Legitimate suspicions of criminal wrongdoing, fraudulent behavior, or similar abuses of the E-mail system would assuredly justify a suspension of one's right to E-mail privacy. In some cases inspection of E-mail may even be mandated by a court order. All companies, therefore, must develop appropriate guidelines for determining when a breach of E-mail privacy is morally justifiable. References Doppelt, Gerald (1988) "Beyond Liberalism and Communitarianism: Towards a Critical Theory of Social Justice," Philosophy and Social Criticism, vol. 14, pp. 271-292. Doss, Erni and Michael Loui (1995) "Ethics and the Privacy of Electronic Mail," The Information Society, vol. 11, pp. 223-235. Fromm, Erich (1968) The Revolution of Hope: Toward A Humanized Technology. New York: Bantam Books. Gavison, Ruth (1984) "Privacy and the Limits of the Law," The Yale Law Journal, vol. 89, pp. 421-471. Gould, Carol (1989) The Information Web: Ethical and Social Implications of Computer Networking. Boulder, CO: Westview Press. Samuels, Patrice (1996) "Who's Reading Your E-Mail? Maybe the Boss," The New York Times, May 12, p. F11. Tuerkheirmer, F.M. (1993) "The Underpinnings of Privacy Protection," Communications of the ACM, vol 36, no. 8, pp. 69-73. Werhane, Patricia (1985) Persons, Rights, and Corporations. Englewood Cliffs, NJ: Prentice-Hall, Inc.