The Computer Society of Kenya

Since 1986


Thursday March 18,2021

Any discussions on the impact of digital technologies cannot end without mentioning how e-mail, for example, has changed our communication landscape and our lives. The use of email has enabled us to conveniently talk to relatives, friends and colleagues no matter how far they live and enhanced productivity.

But as they say, nothing worth having comes easy. And this essential tool is not foolproof. Scammers have been able to hack it to swindle unsuspecting users; employers use it to monitor employees and spies too use it in their trade. Not all unauthorised intrusions are an infringement on your privacy. Nonetheless, this calls for us to protect our data privacy.

Studies by American Management Association (AMA) indicate that between 70 and 80 percent of major organisations globally monitor employees’ emails. And virtually all the court cases on infringement of privacy in monitoring workplace emails have been in favour of the organisations. These kinds of decisions are a wake-up call to all employees.Time has come for them to start learning how to separate private emails from workplace emails. Since technology has made it possible to monitor almost all communications into and out of the organisation, it has impacted on privacy. There are cases where we have some tracking devices which have Artificial Intelligence capability to even isolate emails with adverse messages about the organisation. Most organisations are now becoming more apprehensive about the possibility of employees using digital communication inappropriately and, in the end, not taking privacy right into consideration.

Another AMA study shows that at least 70 percent of major organisations have acknowledged that they have fired employees simply for misusing their email. And a majority (64 percent) of those fired, were linked to violating the company’s policy. A significant number (62 percent) of employees were fired for writing offensive emails. A small percentage were fired for excessive personal use of email while others were fired for breaching confidentiality rules.

Most employers act tough on email misuse because some data breaches do not absolve them from liability. For example, in the UK where Kenya borrows much of its legal precedence, a recent case, WM Morrison Supermarkets versus Andrew Skelton, shows why organisations have to be vigilant with the use of email as well as employee and customer data.

In this landmark case, the employee had posted a file containing personal information, including payroll data relating to 99,998 employees of the company on a file-sharing website. In spite the fact that the High Court had found Skelton guilty and sentenced him to eight years in jail, the appeal court ruled that the company was veraciously liable for the misuse of private information by its employee.

Anjarwalla & Khanna partners Sonal Sejpal and Rosa Nduati-Mutero, in their Africa Legal Network News, noted that the Kenya Data Protection Bill in 2018 (now Act) contains similar provisions to the UK Data Protection Act. It does not exclude the vicarious liability of an employer in the event of misuse of private information. And also, for the breach of confidence by an employee, irrespective of whether the employee was the data controller or not.

In the event of a data breach and misuse of private information by an employee, it is highly likely that a Kenyan court will hold a similar view to that of the UK Court of Appeal and find an employer vicariously liable for the misdeeds of its employee.

Whilst big organisations can invest in expensive software to track the misuse of email at individual level, there are several sites explaining how to detect and stop email tracking. These methods range from manual to automatic detection. Although not completely foolproof, they minimise the possibility of someone taking advantage of your unfamiliarity to steal your data and possibly using it to study your consumption behaviour, which is a critical cog of new business models.

There is need today to protect our data more than ever before.

Share this page