Hi Friends,
I wanted to know whether any Act/Law on Information Technology supports an employer's right to access an employee's official email account without the said employee's knowledge. I have broadly heard that 'owners' of a business have a right to know what their employees are doing. Can someone point me to any relevant section of Law/Act on this subject?
Thanks,
Kiran
From India, Hyderabad
Acknowledge(0)
Amend(0)
68I wanted to know whether any Act/Law on Information Technology supports an employer's right to access an employee's official email account without the said employee's knowledge. I have broadly heard that 'owners' of a business have a right to know what their employees are doing. Can someone point me to any relevant section of Law/Act on this subject?
Thanks,
Kiran
From India, Hyderabad
Acknowledge(0)Amend(0)
Yes, an Occupier/Employer has the right to access the official email without the employee's knowledge, considering the ultimate control of the business.
For example, at Coca-Cola in Bhopal, a contract employee was responsible for managing internet/computer services at the plant. However, company policy dictated that contract employees would not be provided with an official email ID. Despite this, the individual created an email ID in his name without authorization. The HR manager had the necessary access to uncover this information through the system. Upon discovery, the employee was confronted and subsequently terminated for violating company policy.
In another instance, in a reputable company (whose name I will not disclose), the Managing Director had the ability to intercept any employee's phone calls by entering a code. While employers have the authority to carry out such actions, they may not align with specific laws or regulations as it pertains to confidential company matters.
Regards,
Sidheshwar
From India, Bangalore
Acknowledge(0)Amend(0)
For example, at Coca-Cola in Bhopal, a contract employee was responsible for managing internet/computer services at the plant. However, company policy dictated that contract employees would not be provided with an official email ID. Despite this, the individual created an email ID in his name without authorization. The HR manager had the necessary access to uncover this information through the system. Upon discovery, the employee was confronted and subsequently terminated for violating company policy.
In another instance, in a reputable company (whose name I will not disclose), the Managing Director had the ability to intercept any employee's phone calls by entering a code. While employers have the authority to carry out such actions, they may not align with specific laws or regulations as it pertains to confidential company matters.
Regards,
Sidheshwar
From India, Bangalore
Acknowledge(0)Amend(0)
Hi Kiran,
Good topic. I can't tell you about any law being in place but yes, in a broader framework every Company's HR Policy manual has it defined either as a separate policy or under "code of ethics".
I remember creating one such point called "intellectual property" in a code of ethics I was assigned to work on during my summers. And the compliance guy had specifically asked me to make note of it.
Now, as per this clause - during his period of employment with the company, whatever the employee creates, develops, innovates for the company is considered as an intellectual property of the company - such that if it is found that the employee in a particular way claims ownership of this data by forwarding the same to his personal account from his email ID - he can be held accountable for it and tried.
That's one way to look at it if you are wanting to create such a system of security for company data. Looking into his/her company email account therefore stands to be more of a right of the owners if they notice any suspicious activity by a particular employee.
They have the right to investigate, and at the same time, the employee has the right to defend himself. Period.
So, your HR policy can answer that question for you. IT laws, if any, would be too generic. Please do research, however, on the latter.
Hope that helps.
Best Wishes,
Nad
From India, Mumbai
Acknowledge(0)Amend(0)
Good topic. I can't tell you about any law being in place but yes, in a broader framework every Company's HR Policy manual has it defined either as a separate policy or under "code of ethics".
I remember creating one such point called "intellectual property" in a code of ethics I was assigned to work on during my summers. And the compliance guy had specifically asked me to make note of it.
Now, as per this clause - during his period of employment with the company, whatever the employee creates, develops, innovates for the company is considered as an intellectual property of the company - such that if it is found that the employee in a particular way claims ownership of this data by forwarding the same to his personal account from his email ID - he can be held accountable for it and tried.
That's one way to look at it if you are wanting to create such a system of security for company data. Looking into his/her company email account therefore stands to be more of a right of the owners if they notice any suspicious activity by a particular employee.
They have the right to investigate, and at the same time, the employee has the right to defend himself. Period.
So, your HR policy can answer that question for you. IT laws, if any, would be too generic. Please do research, however, on the latter.
Hope that helps.
Best Wishes,
Nad
From India, Mumbai
Acknowledge(0)Amend(0)
Employers normally have policies on voicemail, email, and internet usage. For example, the employer may dictate that email usage is solely for the purpose of conducting company business, and any private email by the employee would offend the provisions of this policy. In any case, email is insecure and is readily available to the person maintaining the office server.
Internet use also creates the possibility of contamination via viruses, some of which compromise the security and confidentiality of company information. Employers need provisions to ensure their systems are not compromised, and one of the means is to have surveillance of email emanating from the office. The employer cannot be faulted for intrusion into the privacy of the individual as the system is owned by the employer, and he has made it known that the employee is not to use the facility for his private business.
I doubt you have laws restricting the right of the employer to protect his business.
Ganapathy Ramasamy
From Malaysia, Melaka
Acknowledge(0)Amend(0)
Internet use also creates the possibility of contamination via viruses, some of which compromise the security and confidentiality of company information. Employers need provisions to ensure their systems are not compromised, and one of the means is to have surveillance of email emanating from the office. The employer cannot be faulted for intrusion into the privacy of the individual as the system is owned by the employer, and he has made it known that the employee is not to use the facility for his private business.
I doubt you have laws restricting the right of the employer to protect his business.
Ganapathy Ramasamy
From Malaysia, Melaka
Acknowledge(0)Amend(0)
Most of the companies have their own network. They have established rules in their standing orders to access employees' mail. They also track the types of emails that are being sent and received.
Regards,
Vikram Singh
09810102421
From India, Delhi
Acknowledge(0)Amend(0)
Regards,
Vikram Singh
09810102421
From India, Delhi
Acknowledge(0)Amend(0)
the Question is Whether IT Act 2000 allows access to the employees account by employer with out the consent of employer.
From India, Hyderabad
Acknowledge(0)Amend(0)
From India, Hyderabad
Acknowledge(0)Amend(0)
The email IDs given under the company domain are for official correspondence. In all company mail domains, it is notified that the company reserves the right to have access to incoming and outgoing mail from your email ID. Your logging in is assumed as your automatic acceptance of the above terms and conditions.
So, it is advisable not to use the official ID for personal matters. Please remember that the objective of the company behind this is not to evade the privacy of employees but to guard the interests of the company against information pilferage. Information secrecy is of vital interest to all companies.
Regards,
Anita
From India, Mumbai
Acknowledge(0)Amend(0)
So, it is advisable not to use the official ID for personal matters. Please remember that the objective of the company behind this is not to evade the privacy of employees but to guard the interests of the company against information pilferage. Information secrecy is of vital interest to all companies.
Regards,
Anita
From India, Mumbai
Acknowledge(0)Amend(0)CiteHR is an AI-augmented HR knowledge and collaboration platform, enabling HR professionals to solve real-world challenges, validate decisions, and stay ahead through collective intelligence and machine-enhanced guidance. Join Our Platform.
Employee reference policy.doc