Preventing illicit images at Work Andy Churley, marketing director at The Irish company, looks at the management challenges and legal responsibilities facing today’s corporations.
Controlling the misuse and abuse of information technology in the workplace is becoming an increasingly important aspect of IT security.
Employees’ misuse of company computer resources can open up a whole host of problems for organisations from lost productivity, wasted computer resources and e-viral infections to serious business interruption and security breeches leading to civil and criminal lawsuits.
Cyber-skiving is estimated to account for as much as 30%-40% of lost worker productivity according to a BusinessWeek survey and over 90% of US workers admit to recreational surfing on the job (Source Vault.com).
Sometimes this surfing can lead employees to stray deliberately or inadvertently to sexually explicit web sites or those promoting violence and hate. According to a recent survey conducted by the CIPD and The Irish company, over 70% of UK companies have already taken disciplinary action as a result of employees viewing pornographic images at work.
This kind of activity can lead to lawsuits, harassment charges and even criminal prosecution. Of the Fortune 500 companies, 27% have battled sexual harassment claims that stem from employee misuse of inappropriate images on corporate computers. And the stakes are high for both employers and employees.
Pornographic e-mails sent around the company cost Microsoft $2.2 million to settle a sexual harassment suit and at Xerox, 40 employees were sacked for downloading pornographic images. The scale of the problem is also reflected by the incident at the UK Department of Works and Pensions that hit the headlines in 2004. It was disclosed that, after an investigation, 2 million inappropriate images and more alarmingly, 18,000 illegal images were discovered on its computer systems leading to a series of dismissals, disciplinary action and prosecutions.
In 2006, the UK Driver and Vehicle Licensing Agency was reported to have terminated the employment of 14 staff and has considered other disciplinary action against 65 others. And this is not an isolated case; a recent UK Audit Commission report highlighted a huge increase in the viewing of computer pornography by public sector workers. In 2004, incidents of reputational damage caused by access to inappropriate material by staff accounted for 47% of all reported security breaches.
This is a 51% increase on the figure reported in the previous survey conducted in 2001. Legislative exposure Clearly the problem of managing inappropriate or illegal images in the workplace is growing. And while many companies use technology to prevent employees visiting pornographic sites this is only small part of the problem and one which is very difficult to address successfully since over 20,000 new pornographic web pages appear on the Internet every day. Images can also get onto desktops and the corporate network through an increasing number of new entry points. These include laptops, CDs/DVDs, USB keys and digital cameras. But it is still the legal duty of companies to take reasonable steps to eliminate harassing material from the workplace and provide an environment free of discrimination. Failure to do so may result in prosecution under various legislation (depending upon jurisdiction) including, Child Trafficking and Pornography Acts, Sexual Offences Acts, Obscene Publications Acts and the Civil and Human Rights Act.
Company directors and managers can be held personally liable for the content of corporate computers, whether they are aware of the activity or not. Under compliance legislation they can be subject to criminal prosecution if negligence is found in the management of data and images on company computers. And, in the UK, Ireland and USA the penalty can be up to five years in prison.