Privacy Law and Policy Reporter
Electronic Frontiers Australia
Electronic Frontiers Australia (EFA) has published a Model ‘Acceptable use policy for employee use of the internet’ (Version 0.5, 24 November 2000). Comments about the policy are welcome and may be sent to <email@example.com> The policy is available at <http://www.efa.org.au/Publish/aup.html> which should be checked for updates.
As provision of internet access by employers to employees becomes increasingly common, issues arise as to acceptable use of the internet in workplaces. Frequently employees find themselves subject to reprimand and/or dismissal in relation to employer policies that have not been previously advised to them, resulting in disharmony and unnecessary confrontation in the workplace. In some cases this situation arises because implementation of internet access has been delegated to technical staff without due consideration being given by management to the ‘people issues’ inherent in providing employee access to the internet.
The EFA is of the view that less problems would arise if employers developed and disseminated to employees an ‘Acceptable use policy for employee use of the internet’ (AUP). Ideally such a policy would be developed in conjunction with employee representatives with a view to achieving shared ownership and agreement to the policy.
For many employers, the primary problem is where to start in developing a policy.
To assist towards that end, EFA has developed a model AUP and has made it freely available to anyone to copy and adjust for their own workplace needs. The model does not necessarily signify the EFA’s views about what ought to be ‘acceptable use’ in workplaces; it simply addresses a range of aspects that should be considered in developing an AUP suitable for a particular workplace.
To modify this document for your organisation, you should:
This policy sets out guidelines for acceptable use of the internet by employees of Widgets Ltd. The primary purpose for which access to the internet is provided by Widgets Ltd to its employees is to assist them in carrying out the duties of their employment. They may also use the internet for reasonable private purposes which are consistent with this Acceptable Use Policy. They may not use the internet access provided by Widgets Ltd in such a way as to significantly interfere with the duties of their employment or to expose Widgets Ltd to significant cost or risk of liability. Widgets Ltd may modify this policy upon 30 days notice in writing to its employees.
Subject to the balance of this policy, employees may use the internet access provided by Widgets Ltd for:
provided in each case that the personal use is moderate in time, does not incur significant cost for Widgets Ltd and does not interfere with the employment duties of the employee or his or her colleagues.
Except in the course of an employee’s duties or with the express permission of Widgets Ltd, the internet access provided by the company may not be used for:
Widgets Ltd keeps and may monitor logs of internet usage which may reveal information such as which internet servers (including world wide web sites) have been accessed by employees, and the email addresses of those with whom they have communicated. Widgets Ltd will not, however, engage in real time surveillance of internet usage, will not monitor the content of email messages sent or received by its employees unless a copy of such message is sent or forwarded to the company by its recipient or sender in the ordinary way, and will not disclose any of the logged, or otherwise collected, information to a third party except under compulsion of law.
Responsibility for use of the internet that does not comply with this policy lies with the employee so using it, and such employee must indemnify Widgets Ltd for any direct loss and reasonably foreseeable consequential losses suffered by the company by reason of the breach of policy.
Widgets Ltd will review any alleged breach of this Acceptable Use Policy on an individual basis. If the alleged breach is of a very serious nature which breaches the employee’s duty of fidelity to the company (for example, emailing confidential information of the company to a competitor), the employee shall be given an opportunity to be heard in relation to the alleged breach and if it is admitted or clearly established to the satisfaction of the company the breach may be treated as grounds for dismissal.
Otherwise, an alleged breach shall be dealt with as follows.
Version No: ...... Date: ......