Internet use in the workplace: a digital dilemma?
Discussion of the recent case of Grant and Woods v Mitie Property Services (dismissal for personal use of the internet during working hours), and its potential implications for employers
It is common for employees to use the internet at work for personal use, and most employers are content to allow their employees to do so during their lunch break or outside their working hours. However when the workload of an employee dips and they have no tasks to do, should they be disciplined or summarily dismissed for using the internet for personal use during working hours?
On the one hand, personal use would appear to affect employee productivity and time devoted to work related tasks, thereby increasing employers’ costs. However, on the other hand, if there are no work tasks to do, has any harm been done? Moreover, does policing the employee’s internet use amount to a breach of their right to a private life and correspondence, as illustrated in Copland v UK Government  ECHR 253? These are not easy questions to answer, but the recent employment tribunal decision of Grant and Woods v Mitie Property Services (UK) Ltd (Cases S/113536/08 & S/113613/08) may have shed some light on the issue.
The backround to the case is that both the claimants worked as administrators for the respondents in the same office, mainly dealing with invoices and financial record keeping. They were both provided with a personal computer to allow them to carry out their duties. The PCs were linked up to the respondents’ area network and this enabled the claimants to access the internet.
The claimants were allowed to use the internet for personal use so long as it was outside “core working hours”. However their manager became suspicious of Internet misuse because on several occasions, when he approached their desks during working hours, the internet website windows would immediately be clicked out, leaving a blank desktop. The manager asked the IT department to produce a report showing all the websites they had been on with dates and times. A number of non-business related websites appeared on the report such as easyjet.com, boots.com, and virgin.net. Also many of these websites had been accessed during working hours.
The respondents decided that the claimants were in breach of their IT policy, which allowed personal use of the internet but “subject to it being outside core work times”, and promptly proceeded with disciplinary action. Following suspension and separate disciplinary hearings, the respondents summarily dismissed the claimants on the basis that their misuse of the internet amounted to gross misconduct and contravened the IT policy.
Both claimants appealed, arguing that the sanction imposed was excessive and that “unauthorised overuse of the internet” was not specifically mentioned in the list of examples of gross misconduct in the employee handbook. In addition, it became clear that both the claimants would only use the internet for personal use when they had completed their tasks and were “looking for work”. However the respondents, in rather crude terms, stated the claimants had committed fraud by taking wages when they had not been working.
One out of two
In establishing that the dismissals were fair, two hurdles had to be overcome by the employer. The first hurdle was whether at the time of taking the decision to dismiss, the employer had a genuine belief that the employee was guilty of the misconduct in question. Such belief must be based on reasonable grounds and after having carried out as much investigation into the matter as was reasonable in the circumstances.
The second hurdle that required to be overcome was whether the respondents had acted reasonably in terms of s 98(4) of the Employment Rights Act 1996, in treating use of the internet within working hours for non-business purposes as sufficient for dismissal. The claimants submitted that a reasonable employer would have warned them and given them an opportunity to improve. In deciding that the misconduct was sufficient for dismissal, the respondents’ decision must fall within the range of reasonable responses available to a reasonable employer. However the tribunal when judging the employer’s reasonableness must not substitute its own decision as to the right course to adopt for that of the employer.
The tribunal held that the respondents had overcome the first hurdle, as they had a prima facie genuine belief because during the investigation the claimants had admitted using the internet outwith working hours. However they failed to overcome the second hurdle because the tribunal decided that the decision to dismiss fell outside the range of reasonable responses available to a reasonable employer.
One of the reasons given for dismissing the claimants was that the misconduct in question was similar to one of the examples of gross misconduct given in the disciplinary policy. However the tribunal decided that simply because an example of misconduct had been listed as an example of gross misconduct did not mean that the misconduct was sufficient for dismissal, otherwise employers could list trivial misconduct to avoid unfair dismissal claims. Notably, there was no specific example of personal use of the internet within working hours constituting gross misconduct in the respondents’ disciplinary policy.
The tribunal also observed that mere use of the internet is not a serious offence. However if the websites visited had been illegal or had sexual content, such use would have been classed as gross misconduct, as established in Thompson v London Borough of Hillingdon (EAT/1317/01). In addition, both claimants had long periods of service with the respondents, and in light of the long service they should have been given a warning as a first disciplinary offence rather than dismissal. Moreover, the claimants’ conduct had not been detrimental to the respondents, who failed to show that the claimants had failed to carry out work while using the internet for personal use. Furthermore the IT report was found to be inaccurate in places and could not state the length of time the claimants had been on each site. There had also been a reported falling out between the claimants and their manager prior to the dismissal. Taking account of all the aforementioned circumstances, the tribunal decided that dismissal as a sanction fell outside the band of reasonable responses.
What should employers do to prevent a similar situation? First, employers should ensure they have a robust IT policy on acceptable internet use that establishes the boundaries of the uses that may be made. If the policy allows “reasonable” personal use, it should be made clear what amounts to “reasonable”. A strong well-defined policy will also enable employers to utilise the disciplinary measures if an employee falls foul of the policy. However the policy should seek to achieve a balance between business and personal use.
In addition to bolstering the IT policy, software can be installed in the PCs to limit the number of sites that may be viewed. However employers should consult employees in advance of installing the software to ensure it is not too restrictive, which could damage existing employment relations.
Monitoring employees by opening emails and checking websites visited is potentially a breach of the first data principle in the Data Protection Act 1998 (“the DPA”). It could also amount to a breach of article 8 of the ECHR relating to right to respect for private and family life. Employees have no absolute right to privacy. However where employers wish to undertake monitoring, they should always obtain consent prior to monitoring as that will help reduce that expectation of privacy that employees may have. The Halford and Copland cases confirm that employees are entitled to expect a degree of privacy even while at work. Providing some means of making personal communications that is not subject to monitoring will also mean that the monitoring of other communications is more likely to be considered a proportionate measure.
Employers should always weigh up the business need for the monitoring against the undesirable impact of monitoring. It should also be borne in mind that covert monitoring of employees should only be undertaken in very exceptional circumstances. An employee could in theory raise an action for damages in the sheriff court for a breach of the DPA, although awards have thus far only been made where the breach has led to serious harm.
If difficulties do arise and an employee is found to be misusing the internet then employers should ensure a thorough investigation has been carried out and there is adequate evidence of misconduct. In addition, any disciplinary action must be reasonable in the circumstances and an employee should not be dismissed for a first disciplinary offence unless it is a clear case of gross misconduct such as viewing websites with sexual content.
Employers should take heed of the following points. First, always think twice before summarily dismissing an employee who has had no previous disciplinary action and has a long period of service. Secondly, take note of the explanations given by the employee and take their comments into account when deciding whether the misconduct merits disciplinary action. Finally, a disciplinary hearing should be arranged and if the employee is found guilty, a letter in writing should be sent to him or her setting out the nature of the conduct and the change in behaviour required. The employer should maintain a repeated emphasis on improvement and providing the employee with clear, consistent notification of changes to the IT policy without resorting to needless alarmism. If the employer takes the necessary steps outlined above, the likelihood of the internet causing dilemmas in the workplace will be greatly reduced.
Neil Morrison is a solicitor at Wright, Johnston & Mackenzie LLP