Ken Turbitt Blog
Aidan Lawes Blog
Paul Gostick Blog
Dr Jenny Dugmore Blog
Shirley Lacy Blog
Alim Ozcan Blog
Juan Jimenez Blog
Ian Clayton Blog
Nas Ozcan Blog
Aidan Mills Blog

Digital Health Technology Vision 2018
Health organizations are embracing intelligent technologies but must do more to prepare for societal impact...

Ten Strategic Technology Trends for Government
Technologies that enable new service models for digital government must be at the top of the list for government organizations as they prioritize technology investments...


The Robots are Coming: Are CEOs Ready for the Era of Automation?
CEOs agree that robotics is going to make their companies more efficient, with 94% of those who've already adopted robotics saying that it's increased productivity in their business...


The 2015 Chief Digital Officer Study
More companies are appointing a Chief Digital Officer to join their C-suite - but are they doing it quickly enough?...


18th Annual Global CEO Survey
The United States has overtaken China as top target for growth for the first time in five years...

17 April 2009 | Paul Gostick Blog
Send to a colleague | Add to MY ITP

Plausible Deniability - Aka nothing to do with me Gov!
This week Paul looks at technology within the work place and why it is important for companies to have an acceptable use policy in place..

In many ways the proliferation of technology has changed the landscape of the workplace. One of the most dramatic is in the rise of employees' use of e-mail, voice mail and the Internet. Not so long ago, access to the Internet within many organisations was limited to a few people in the IT or marketing groups. Today, with a PC on every desk and the rise of Web 2.0 – blogging, social networks, video etc many employees find themselves with access to the Internet and email but with little understanding of the potential problems of using this facility in an inappropriate way. 

Employers are responsible for their employees' activities when using the Internet. If software used in an organisation is obtained illegally, the employer is liable even if it was obtained without his or her knowledge or permission. In a similar way, information on a company's website or in its email systems can give rise to legal action against the company, whether or not such emails were sent outside of the company. Employers are responsible if employees send email messages which are defamatory or which breach confidentiality or contract. Any such messages will be disclosable for the purposes of legal action. There are many examples of such situations. A case in point is the circulation of damaging and untrue emails on Norwich Union’s internal mail systems about a competitor. Following an investigation, they had to pay £450,000 in damages and costs to their competitor.

To reduce liability, employers must be able to prove that they have a policy in place to prevent unauthorised and illegal actions, that employees have been made aware of the policy and that appropriate steps are taken to enforce this policy.

The purpose of implementing an acceptable use policy is to ensure that employees understand the way in which such resources should be used in the workplace. Such a policy also enables both employer and employee to get maximum value from email and the Internet in conducting the organisations business, alerts them to the risks to the organisation if such technology is misused and details the consequences of such a transgression.

All this would seem to be quite straight forward and it makes sense to ensure that email systems are not abused to protect the organisation. So it seems quite incredible that a Government that introduced so much legislation around Data Protection, Regulation of Investigatory Powers (RIPA) and Privacy and Electronic Communications Regulations (PECR) should leave itself open by allowing its systems to be used for send defamatory material. It does not matter one bit that the emails were not sent into the public domain. The fact that they were created at all and then sent in electronic form means that the crime had been committed.

Unfortunately, the Prime Minister cannot just shrug this off as the act of a rogue individual. Gordon Brown may not have been aware of the precise content of the e-mails sent by Damian McBride, his own and probably closest special advisor but, IMHO, he was more than aware of Mr McBride’s modus operandi and must have known about, and approved of McBride's "style".

No 10 is responsible for the emails that were sent and it remains to be seen if indeed proper acceptable usage policies were in place.

Any feedback and comments are always welcome!! 

Paul Gostick Email to a colleague | Add to MY ITP

terms & conditions