New Jersey Law Journal,
January 29, 2001
Copyright 2001 American Lawyer Newspapers Group, Inc.
New Jersey Law Journal
January 29, 2001
LENGTH: 2283 words
HEADLINE: Internet Law Internet Activity in the Workplace Can Result
in Sexual Harassment
BYLINE: JONATHAN BICK
THE AUTHOR IS AN ADJUNCT PROFESSOR OF INTERNET LAW AT PACE LAW SCHOOL
AND RUTGERS LAW SCHOOL-NEWARK. HE IS ALSO THE AUTHOR OF 101 THINGS YOU
NEED TO KNOW ABOUT INTERNET LAW (RANDOM HOUSE 2000).
It is not surprising that the Internet has been implicated in sexual
harassment conduct in the workplace because it has become mainstream
by every commercial standard.
It is incumbent upon companies and firms to examine their electronic
environment for evidence of harassment activity. They must also know
what action to take upon discovering Internet harassment misconduct.
The Supreme Court has interpreted Title VII of the 1964 Civil Rights
Act as prohibiting sexual harassment. Sexual harassment violates Title
VII when it alters the terms or conditions of employment because of
the individual's sex.
The Equal Employment Opportunity Commission defines sexual harassment
as (1) unwelcome sexual advances, requests for sexual favors and other
verbal or physical conduct of a sexual nature; and (2) conduct, the
submission or rejection of which affects an individual's employment
unreasonably or interferes with an individual's work performance or
creates an intimidating, hostile or offensive work environment.
There are the two types of sexual harassment. The first type, quid pro
quo sexual harassment, occurs when the victim suffers actual, concrete,
economic consequences, such as firing, demotion or failure to receive
a promotion, for rebuffing the sexual harassment. The second type, hostile
environment sexual harassment, occurs when there have been unwelcome
advances that have been sufficiently "severe or pervasive"
so as to alter the terms and conditions of employment, even in the absence
of economic consequences.
In most workplaces owners, managers and professional and clerical staff
use the Internet at every level. The Internet has also legitimized the
home office as a true equivalent of the traditional office environment.
This workplace technological change has brought many benefits to the
workplace but has also enabled employees with malicious intent to cause
grievous harm to their companies, co-workers and clients.
Studies of workplace Internet use have found that employees have extensive
access to other employees while also having a perceived level of anonymity.
Such studies have found that employees view the Internet as a communication
mechanism. These factors are responsible in part for the rise of Internet
sexual harassment in the workplace.
On the Internet, harassing mail needs no paper, no envelopes and no
stamps. Electronic pornography needs no projector or printer. Malicious
employees can distribute material, with the ease of a mouse click, to
any part of the company in a matter of minutes.
Employees use the Internet in nearly every facet of business, and, consequently,
the Internet generally allows immediate access among all employees.
Many employers have implemented procedures to deal with Internet sexual
harassment in the workplace. Unfortunately, even employers with the
most elaborate policies and procedures in place for preventing Internet
sexual harassment are forced to use policies that are often too vague,
too outdated or not actively enforced.
In addition, managers typically misjudge their own skills in detecting
Internet sexual harassment. For example, many believe that users can
only transfer computerized files as attachments to a delivery vehicle
such as e- mail. In fact, one can easily transfer files via the Internet
without e-mail. The use of the Internet may hide the identity of the
person engaging in harassing conduct.
Consider the case of Knox v. State of Indiana, 93 F.3d 1327 (7th Cir.
1996), in which the court found state computers were used to engage
in sexual harassment via e-mail messages to the victim. In addition,
consider Greenslade v. Chicago Sun-Times, Inc. 112 F.3d 853 (7th Cir.
1997), in which the court found that a newspaper's computers were used
to engage in sexual harassment via e-mail.
Electronic mail is the most recognizable method for sending and receiving
communications that include harassing exchanges. Employees can transmit
e- mail to others without regard to differences in servers, services
or physical locations. Such e-mail communication may comprise any kind
of computer file including text, photos, sound or video. The identity
of the sender of an e- mail transmission may not be easy to figure out
if the sender makes efforts to conceal his identity. However, truly
anonymous e-mail -- completely stripped of any identifying information
-- is not currently possible.
Internet newsgroups are essentially online bulletin boards that normally
allow free access. A person can engage in Internet sexual harassment
activity by posting certain text, photographs, software and full-motion
videos. One difference between Internet news groups and e-mails is that
e-mail messages are targeted messages to a specific known group of individuals,
while newsgroup messages are available to the public.
Live conversations among users on the Internet exist in many formats
including text, audio and video and can take place at any time. Online
services such as America Online and Yahoo also offer chat rooms, which
can be a distribution point for Internet sexual harassment in the workplace.
The Internet has a simultaneous presence throughout the world. The Internet
is composed exclusively of digital data that enable its users to make
nearly an unlimited number of copies from a single posted document,
photograph, video or song each being as good as the original. An employee's
use of the Internet as part of a sexual harassment transaction poses
risks of criminal and civil liability for the organization and the employee.
For companies or firms with ethical, professional or associational obligations,
such misconduct may lead to ethical grievances. Other problems can include
embarrassing press coverage, the loss of business, the temporary or
permanent seizure of part or all of the organization's computer system,
the disclosure of internal company secrets and the possibility of additional
criminal charges or civil actions based on other information discovered
on the organization's systems during the initial investigation.
Looking for Misconduct
Many organizations routinely review their employees' e-mail, which can
be examined on the main e-mail server or on employees' individual computers.
Even after users have deleted e-mail, it can be reviewed under certain
circumstances. For example, since many organizations regularly back
up computer data, employers can recover e-mail years after its first
transmission, even if the author has deleted it.
Alternatively, an employee's newsgroup posting may also be found after
the author no longer has access to it because it has been copied by
another server. One such server system allows searching by user name,
by company name and by many other terms, which have been posted during
the past five years or so. A similar service allows the retrieval of
all messages posted by an individual. The use of such archives may be
helpful when interviewing potential employees and when reviewing the
activities of existing employees, to prevent and reduce harassment misconduct.
Evidence of employee misconduct on a chat network is fleeting because,
unlike newsgroups, computers do not usually record activities on live
chat networks. Generally, one cannot search chat networks for past visits,
file transfers or conversations after the fact. However, an employer's
system administrator can configure the employer's server software to
log chat activity. A review of such logs can also reveal Internet sexual
Transmissions to and from an employee's computer can be an excellent
source of information and evidence regarding sexual harassment misconduct.
Such a review can confirm abusive activity that is already suspected.
It can also alert the organization to new forms of abuse. Apart from
what the e-mail or file contains, transmissions usually contain a wealth
of clues about the source and destination of the transmission, even
where the sender's identity appears unknown.
It should be noted that barring enactment of a company policy of electronic
monitoring, there is very little that cannot be done by the nongovernmental
employer to electronically detect employee harassment abuse. However,
the Fourth Amendment protects governmental employees to the extent that
such searches are unreasonable.
Collecting and Preserving Evidence
Once employee harassment misconduct is detected, special steps must
be taken to collect the associated evidence. A mistake in collecting
and preserving the evidence is often irremediable.
Computer evidence is "animated" in the sense that, unlike
documents, mishandling can change its intrinsic condition. Even the
likelihood of alteration can obliterate the company's legal action because
it may not be possible to prove a negative -- that nothing has been
Consequently, firms are advised to use a team of technicians and attorneys
to preserve the data in question. Team members might include a company
principal or manager; the company's attorney; the company's system administrator;
a private investigator or computer expert; and, in some situations,
a representative from a law enforcement agency.
The involvement of state or federal law enforcement agencies requires
thought because it is not always clear what agency has jurisdiction.
At the very least, an attorney should review and approve policies and
procedures for handling problem situations. The firm needs to ensure
that it does not become a target of the inquiry. The involvement of
law enforcement can mean unwanted publicity, delays and the loss of
control over the investigation.
In the event that a firm is satisfied that wrongdoing has occurred,
it should take certain steps at once to set the stage for proper evidence
collection. The first step is to separate the employee from his computer
and from remote access to the firm's server as quickly as possible,
to prevent the destruction of evidence. It is possible to delete all
information on a computer's hard drive or on a firm's server in a matter
of minutes, either locally or remotely. The separation should be done
in as noninvasive a manner as possible, since it is always possible
other employees are involved.
The employer should change the suspected employee's passwords to all
company programs and accounts, remotely if possible, to maintain the
terminal exactly as the employee left it after it has been physically
disconnected from the firm's e-mail system. The employee's work area
also should be secured but not altered. All items that the employer
must preserve should be conserved in the condition in which they were
found. The degree of preservation and collection depends on the wrongdoing
and the choice of remedy (i.e. disciplinary, termination, etc.)
In order that evidence can be identified computers, computer screens
and the employee's surrounding work area should be videotaped under
the supervision of a person knowledgeable in litigation videotaping.
Still photographs also should be taken, particularly of the components'
serial numbers and model numbers.
To prevent the discovery of data, an employee can configure his machine
to delete data if it is started in his or her absence. To circumvent
this eventuality, the use of a "boot disk" to start the computer
is advised. A boot disk is a floppy disk that contains the information
necessary to start or "boot" the computer's systems from a
location other than a computer's hard drive.
Internet and other computer-related evidence should be downloaded on
two sets of movable media, such as diskettes or zip disks. This reduces
the risk of deletion or modification of data being downloaded. Directory
and file names, creation dates and the contents of each file must be
left precisely as found. Only one set should be used and the other should
be left in the same condition as it was created, allowing for verification
that the employer did not tamper with the evidence.
There are several ways to obtain evidence that an employee has visited
certain Internet sites. The most frequently used way is to identify
the hyperlinks and the cache copies of the Web sites on the employee's
computer. Care should be taken to save all the components of the cache
to ensure that the employer can present an exact duplicate of the site
at the time the employee visited it. When attempting to save e-mail
or other Internet messages, be sure to save the routing information,
sometimes known as the " header."
If the matter is to be referred to law enforcement authorities, management
must ensure that nothing is altered. To do otherwise will lead to arguments
of tampering or modification. The chain of evidence is critical to a
prosecutor's ability to use the evidence.
A well-designed Internet sexual harassment prevention policy, developed
before a problem is discovered, is the key to minimizing the risk from
claims of sexual harassment. It is important to balance the legitimate
privacy interests of employees with the legitimate workplace and security
needs of the employer. Firms must be prepared to address these Internet-based
problems, both within their organization and on behalf of employees
who experience such problems.
However, since no plan is fail-safe, policies and procedures should
include contingency plans to address problems when they arise. With
an understanding of the Internet and the associated laws, companies
and firms can timely and properly address Internet sexual harassment
in the workplace.