We have all witnessed the instantaneous fall from grace of General David Petraeus, which snowballed from anonymous harassing emails sent to Tampa socialite Jill Kelley to implicating Petraeus's biographer Paula Broadwell to revealing the racy details of the writer's relationship with Petraeus. One of the many interesting questions triggering this alert is how the investigators were able to link the anonymous emails to Paula Broadwell. The answer is very simple: metadata. Metadata is data about data, embedded in electronic documents such as emails. In this case, it was data about the location of the data. A forensic examination of the victim's emails traced them back to the physical location of Paula Broadwell's Gmail account. Once Broadwell's Gmail account was monitored, the juicy Petraeus emails were only a blink of an eye away.
The lesson for employees and employers alike is simple. Employees need to understand that their actions leave electronic fingerprints that are getting easier, faster, and less expensive to reveal. Employers need to evaluate their electronic communications policies, social media and mobile device policies, and privacy policies to ensure that they allow appropriate monitoring of employee communications without violating their legal rights. Do you conduct any monitoring of emails or other communications? Are you warning your employees that their communications are not private? Are you following privacy law? In monitoring employee emails and participation in social media networks, are you unintentionally running afoul of labor laws that protect certain employee communications? Keep in mind that certain labor laws apply even if you do not have a unionized workforce.
With the end of the year looming and the abundant personal communications over employer networks that the holiday season brings, it may be time to review these policies. Feel free to contact us if you have any questions about your electronic media and employment policies.