A couple of interesting articles today. Germany has just enacted a new law that requires companies to obtain a signed consent from employees before their work communications can be monitored. How this affects monitoring for inappropriate, illegal and insecure communications by – say – email is fairly obvious. How it affects scanning of emails, instant message etc. for viruses and data leakage e.g. transmission of credit card numbers, isn’t clear to me.
And, in New Zealand, a woman was sacked for sending “confrontational” emails in red, bold and CAPITAL LETTERS that “caused disharmony in the workplace”. Regardless of whether sacking was an appropriate course of action for the employer, it would be interesting to know whether ths was covered by the employer’s Acceptable Use Policy (AUP) and whether the employee had signed the AUP.
Either way, the importance of being able to show that employees have read, understood, and agreed to comply with company policies is clear. And these cases also highlight how important it is to automate the policy signature management process as far as is practicable in order to avoid being swamped with paper.