Guarantor guidelines for e-mail and internet: company rules, double e-mail address, trustee, non-accessible sites.
Public and private employers cannot check employees' e-mail and Internet browsing, except in exceptional cases. It is up to the employer to define the methods of use of these tools but taking into account the rights of the workers and the discipline in terms of trade union relations.
The Privacy Guarantor, with a general provision that will be published in the "Official Gazette", provides concrete indications regarding the use of computers in the workplace. “The question is particularly delicate – affirms the rapporteur Mauro Paissan – because even sensitive information on employees can be obtained from the analysis of the websites visited and e-mail messages can contain contents of a private nature. It is necessary to prevent arbitrary use of company IT tools and the infringement of workers' privacy".
First of all, the Authority requires employers to inform workers clearly and in detail on how to use the Internet and e-mail and on the possibility of carrying out checks. The Guarantor then prohibits the systematic reading and recording of e-mails as well as the systematic monitoring of the web pages viewed by the worker, because this would carry out a remote control of the work activity prohibited by the Workers' Statute. Furthermore, a whole series of technological and organizational measures is indicated to prevent the possibility, foreseen only in very limited cases, of analyzing the content of Internet browsing and of opening some e-mail messages containing data necessary for the company.
The provision recommends that companies adopt an internal regulation, defined also involving the trade union representatives, in which the rules for the use of the Internet and e-mail are clearly indicated.
The employer is also required to adopt all measures capable of preventing the risk of improper use, so as to reduce subsequent checks on workers. As for the Internet it is appropriate to examples
identify in advance the sites considered correlated or not with the work performance;
use filters that prevent certain operations, such as accessing sites included in a sort of black list or downloading music or multimedia files.
With regard to e-mail, the company should:
also makes available addresses shared among several workers (info@ente.it; urp@ente.it; ufficioreclami@ente.it), thus making clear the non-private nature of the correspondence;
evaluate the possibility of assigning the worker another address (in addition to the work address), intended for personal use;
provides, in the event of the worker's absence, automatic response messages with the coordinates of other workers to contact;
enables the employee to delegate another worker (fiduciary) to check the content of the messages addressed to him and to forward to the holder those deemed relevant for the office, this in the event of prolonged or unplanned absence of the worker concerned and urgent needs related to work.
If these preventive measures are not sufficient to avoid anomalous behaviour, any checks by the employer must be carried out