Who's been reading your emails?

Who's had a peek at that message you just sent?

Who's had a peek at that message you just sent?

Email might seem like a private conversation - but the reality is if you are sending messages from a work email account there are a number of people inside your organisation, and potentially many more outside, that are legally entitled to take a peek.

A number of different people in the workplace can monitor employees' emails as long as they have a justifiable business reason for doing so.

Victoria Southern, solicitor at Pinsent Masons told silicon.com: "Employers can monitor the emails of their employees provided they tell employees that they are going to do this, for example via a communications or acceptable use policy."

As the provider of the email system, the employer has the right to know what's being sent around its corporate network.

She said: "Employers have always monitored their staff in one way or another because they have always needed to be able to check the quality and quantity of their employees' work."

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

She added: "As employers are very often liable for the actions of their employees, they also need to be sure that their staff are behaving properly."

She explained security is a big issue, with risks of confidential business information being leaked or of companies becoming victims or even perpetrators of fraud through the actions of staff.

A recent poll by security company Sophos supports this: it found 70 per cent of the 200 companies surveyed are concerned about data leakage via emails.

Southern advised people shouldn't expect a high degree of privacy with their work email correspondence, saying: "It would be wrong to assume you could ever send emails and not have them looked at."

But the people in your company who could access your emails depends on the situation. "The purpose for monitoring will determine who in the organisation could do it. It really depends on the purpose," she said.

If someone was accused of sexual harassment by a colleague for example, it would be most appropriate for the human resources department to access the relevant email correspondence to resolve the issue.

But in other situations your emails could be monitored or accessed by anyone from your line manager, other senior employees and the IT team.

While different groups in a company can access emails they are legally required to make all reasonable efforts to inform the people involved. Southern said this is where a corporate communications policy is vital.

There are also some groups outside the work place who can legally look at your emails - but only in exceptional circumstances.

If someone is suspected of illegal activity the police or security services could access their work emails under the Regulation of Investigatory Powers Act 2000 - although a warrant would be required.

Other legislation around email monitoring includes the Data Protection Act 1998 as well as the Human Rights Act 1998.

But Southern said: "People need not be concerned about who can monitor their emails but should be aware that it can happen and adapt their behaviour to suit."