Copyright 2001 American Lawyer Newspapers Group, Inc.
New Jersey Law Journal

January 29, 2001

LENGTH: 2283 words

HEADLINE: Internet Law Internet Activity in the Workplace Can Result in Sexual Harassment

BYLINE: JONATHAN BICK
THE AUTHOR IS AN ADJUNCT PROFESSOR OF INTERNET LAW AT PACE LAW SCHOOL AND RUTGERS LAW SCHOOL-NEWARK. HE IS ALSO THE AUTHOR OF 101 THINGS YOU NEED TO KNOW ABOUT INTERNET LAW (RANDOM HOUSE 2000).

BODY:
It is not surprising that the Internet has been implicated in sexual harassment conduct in the workplace because it has become mainstream by every commercial standard.
It is incumbent upon companies and firms to examine their electronic environment for evidence of harassment activity. They must also know what action to take upon discovering Internet harassment misconduct.
The Supreme Court has interpreted Title VII of the 1964 Civil Rights Act as prohibiting sexual harassment. Sexual harassment violates Title VII when it alters the terms or conditions of employment because of the individual's sex.
The Equal Employment Opportunity Commission defines sexual harassment as (1) unwelcome sexual advances, requests for sexual favors and other verbal or physical conduct of a sexual nature; and (2) conduct, the submission or rejection of which affects an individual's employment unreasonably or interferes with an individual's work performance or creates an intimidating, hostile or offensive work environment.
There are the two types of sexual harassment. The first type, quid pro quo sexual harassment, occurs when the victim suffers actual, concrete, economic consequences, such as firing, demotion or failure to receive a promotion, for rebuffing the sexual harassment. The second type, hostile environment sexual harassment, occurs when there have been unwelcome advances that have been sufficiently "severe or pervasive" so as to alter the terms and conditions of employment, even in the absence of economic consequences.
In most workplaces owners, managers and professional and clerical staff use the Internet at every level. The Internet has also legitimized the home office as a true equivalent of the traditional office environment. This workplace technological change has brought many benefits to the workplace but has also enabled employees with malicious intent to cause grievous harm to their companies, co-workers and clients.
Studies of workplace Internet use have found that employees have extensive access to other employees while also having a perceived level of anonymity. Such studies have found that employees view the Internet as a communication mechanism. These factors are responsible in part for the rise of Internet sexual harassment in the workplace.
On the Internet, harassing mail needs no paper, no envelopes and no stamps. Electronic pornography needs no projector or printer. Malicious employees can distribute material, with the ease of a mouse click, to any part of the company in a matter of minutes.
Employees use the Internet in nearly every facet of business, and, consequently, the Internet generally allows immediate access among all employees. Many employers have implemented procedures to deal with Internet sexual harassment in the workplace. Unfortunately, even employers with the most elaborate policies and procedures in place for preventing Internet sexual harassment are forced to use policies that are often too vague, too outdated or not actively enforced.
In addition, managers typically misjudge their own skills in detecting Internet sexual harassment. For example, many believe that users can only transfer computerized files as attachments to a delivery vehicle such as e- mail. In fact, one can easily transfer files via the Internet without e-mail. The use of the Internet may hide the identity of the person engaging in harassing conduct.
Consider the case of Knox v. State of Indiana, 93 F.3d 1327 (7th Cir. 1996), in which the court found state computers were used to engage in sexual harassment via e-mail messages to the victim. In addition, consider Greenslade v. Chicago Sun-Times, Inc. 112 F.3d 853 (7th Cir. 1997), in which the court found that a newspaper's computers were used to engage in sexual harassment via e-mail.
Electronic mail is the most recognizable method for sending and receiving communications that include harassing exchanges. Employees can transmit e- mail to others without regard to differences in servers, services or physical locations. Such e-mail communication may comprise any kind of computer file including text, photos, sound or video. The identity of the sender of an e- mail transmission may not be easy to figure out if the sender makes efforts to conceal his identity. However, truly anonymous e-mail -- completely stripped of any identifying information -- is not currently possible.
Internet newsgroups are essentially online bulletin boards that normally allow free access. A person can engage in Internet sexual harassment activity by posting certain text, photographs, software and full-motion videos. One difference between Internet news groups and e-mails is that e-mail messages are targeted messages to a specific known group of individuals, while newsgroup messages are available to the public.
Live conversations among users on the Internet exist in many formats including text, audio and video and can take place at any time. Online services such as America Online and Yahoo also offer chat rooms, which can be a distribution point for Internet sexual harassment in the workplace.
The Internet has a simultaneous presence throughout the world. The Internet is composed exclusively of digital data that enable its users to make nearly an unlimited number of copies from a single posted document, photograph, video or song each being as good as the original. An employee's use of the Internet as part of a sexual harassment transaction poses risks of criminal and civil liability for the organization and the employee.
For companies or firms with ethical, professional or associational obligations, such misconduct may lead to ethical grievances. Other problems can include embarrassing press coverage, the loss of business, the temporary or permanent seizure of part or all of the organization's computer system, the disclosure of internal company secrets and the possibility of additional criminal charges or civil actions based on other information discovered on the organization's systems during the initial investigation.
Looking for Misconduct
Many organizations routinely review their employees' e-mail, which can be examined on the main e-mail server or on employees' individual computers. Even after users have deleted e-mail, it can be reviewed under certain circumstances. For example, since many organizations regularly back up computer data, employers can recover e-mail years after its first transmission, even if the author has deleted it.
Alternatively, an employee's newsgroup posting may also be found after the author no longer has access to it because it has been copied by another server. One such server system allows searching by user name, by company name and by many other terms, which have been posted during the past five years or so. A similar service allows the retrieval of all messages posted by an individual. The use of such archives may be helpful when interviewing potential employees and when reviewing the activities of existing employees, to prevent and reduce harassment misconduct.
Evidence of employee misconduct on a chat network is fleeting because, unlike newsgroups, computers do not usually record activities on live chat networks. Generally, one cannot search chat networks for past visits, file transfers or conversations after the fact. However, an employer's system administrator can configure the employer's server software to log chat activity. A review of such logs can also reveal Internet sexual harassment misconduct.
Transmissions to and from an employee's computer can be an excellent source of information and evidence regarding sexual harassment misconduct. Such a review can confirm abusive activity that is already suspected. It can also alert the organization to new forms of abuse. Apart from what the e-mail or file contains, transmissions usually contain a wealth of clues about the source and destination of the transmission, even where the sender's identity appears unknown.
It should be noted that barring enactment of a company policy of electronic monitoring, there is very little that cannot be done by the nongovernmental employer to electronically detect employee harassment abuse. However, the Fourth Amendment protects governmental employees to the extent that such searches are unreasonable.
Collecting and Preserving Evidence
Once employee harassment misconduct is detected, special steps must be taken to collect the associated evidence. A mistake in collecting and preserving the evidence is often irremediable.
Computer evidence is "animated" in the sense that, unlike documents, mishandling can change its intrinsic condition. Even the likelihood of alteration can obliterate the company's legal action because it may not be possible to prove a negative -- that nothing has been changed.
Consequently, firms are advised to use a team of technicians and attorneys to preserve the data in question. Team members might include a company principal or manager; the company's attorney; the company's system administrator; a private investigator or computer expert; and, in some situations, a representative from a law enforcement agency.
The involvement of state or federal law enforcement agencies requires thought because it is not always clear what agency has jurisdiction. At the very least, an attorney should review and approve policies and procedures for handling problem situations. The firm needs to ensure that it does not become a target of the inquiry. The involvement of law enforcement can mean unwanted publicity, delays and the loss of control over the investigation.
In the event that a firm is satisfied that wrongdoing has occurred, it should take certain steps at once to set the stage for proper evidence collection. The first step is to separate the employee from his computer and from remote access to the firm's server as quickly as possible, to prevent the destruction of evidence. It is possible to delete all information on a computer's hard drive or on a firm's server in a matter of minutes, either locally or remotely. The separation should be done in as noninvasive a manner as possible, since it is always possible other employees are involved.
The employer should change the suspected employee's passwords to all company programs and accounts, remotely if possible, to maintain the terminal exactly as the employee left it after it has been physically disconnected from the firm's e-mail system. The employee's work area also should be secured but not altered. All items that the employer must preserve should be conserved in the condition in which they were found. The degree of preservation and collection depends on the wrongdoing and the choice of remedy (i.e. disciplinary, termination, etc.)
In order that evidence can be identified computers, computer screens and the employee's surrounding work area should be videotaped under the supervision of a person knowledgeable in litigation videotaping. Still photographs also should be taken, particularly of the components' serial numbers and model numbers.
To prevent the discovery of data, an employee can configure his machine to delete data if it is started in his or her absence. To circumvent this eventuality, the use of a "boot disk" to start the computer is advised. A boot disk is a floppy disk that contains the information necessary to start or "boot" the computer's systems from a location other than a computer's hard drive.
Internet and other computer-related evidence should be downloaded on two sets of movable media, such as diskettes or zip disks. This reduces the risk of deletion or modification of data being downloaded. Directory and file names, creation dates and the contents of each file must be left precisely as found. Only one set should be used and the other should be left in the same condition as it was created, allowing for verification that the employer did not tamper with the evidence.
There are several ways to obtain evidence that an employee has visited certain Internet sites. The most frequently used way is to identify the hyperlinks and the cache copies of the Web sites on the employee's computer. Care should be taken to save all the components of the cache to ensure that the employer can present an exact duplicate of the site at the time the employee visited it. When attempting to save e-mail or other Internet messages, be sure to save the routing information, sometimes known as the " header."
If the matter is to be referred to law enforcement authorities, management must ensure that nothing is altered. To do otherwise will lead to arguments of tampering or modification. The chain of evidence is critical to a prosecutor's ability to use the evidence.
A well-designed Internet sexual harassment prevention policy, developed before a problem is discovered, is the key to minimizing the risk from claims of sexual harassment. It is important to balance the legitimate privacy interests of employees with the legitimate workplace and security needs of the employer. Firms must be prepared to address these Internet-based problems, both within their organization and on behalf of employees who experience such problems.
However, since no plan is fail-safe, policies and procedures should include contingency plans to address problems when they arise. With an understanding of the Internet and the associated laws, companies and firms can timely and properly address Internet sexual harassment in the workplace.