What do I include in an internet and email policy for my business?  


Use of the Internet & Email

The internet has become an extremely valuable tool for the modern business. Many businesses use it to find out market information, details on various companies or competitors and to run many of the systems which are integral to the running of the business.

Introducing your own website is an integral part of any business and consequently many of the employees are required to be online to perform their employment duties.

Email is integral to every single business and each employee within that business will be provided with an email account in order to carry out their duties.

Dangers in abuse of the Internet & Email

Employees are all provided with email accounts and often provided with access to the internet during the course of their employment and in many cases with unrestricted access which can result in the following problems if this is abused:

  • If files containing viruses are downloaded through the employers server then this can result in problems for the companies server
  • Often employees may illegally download material which is copyrighted meaning that the employer would likely be held liable for the secondary copyright infringement in not putting a stop to this happening
  • Valuable or sensitive information to be the business may be transmitted without encryption
  • Distributing or relaying offensive material via email
  • If an employee were to accept a file from someone in an online chat room this could bypass the firewalls and email filters causing a virus
  • Offensive material such as pornography may be able to be downloaded
  • Illegal acts such as fraud can be committed over the internet and it is not unheard of for employees to use their access to the internet at work to do this

In order to avoid this happening employers should introduce two policies dealing with the requisite issues:

  1. Internet Acceptable Use Policy
  2. Email Acceptable Use Policy

Internet Acceptable Use Policy

Many staff are provided with access to the internet as an integral part of their job, others are provided with full access as a good will gesture between employer and employee and in some cases staff are able to access the internet during specified hours. Nevertheless it is important to put in place an Internet Usage Policy detailing the following terms and conditions:

  • Definition of what is meant by personal use – this should be anything which is not directly relating to work
  • If access is limited to certain times of the day for certain lengths of time this should be fully described within the terms and conditions
  • Warnings to abide by all copyright and licensing restrictions in relation to material sourced over the internet
  • Information in relation to downloads – whether the staff are allowed to download anything and if so full instructions on what to do before downloading. Often it will be the case that the IT department should be the only staff to download software
  • Warning in relation to viruses
  • Whether certain websites are unable to be visited – for example social networking sites
  • What sanctions will be imposed on staff if they fail to adhere to any of the terms and conditions set out in the policy.

Can I dismiss staff for abuse of the internet?

What kinds of abuse will be considered to be a sackable offence by that employer must explicitly be stated in the policy as being so. If this is not explicitly stated then an employer could be the subject of an unfair dismissal claim.

Can I monitor my employee’s use of the Internet?

If an employer intends to monitor their employee’s usage of the internet they must explicitly state to all employees that this is the case.

Email Acceptable Use Policy

Email is a professional form of correspondence and so should be treated as so by staff. Nevertheless it is necessary for most employers to provide employees with an email acceptable use policy covering the following aspects:

  • What can be circulated on the business email system. Particular concern should be made to offensive or indecent material or any material which is likely to cause offence on grounds of sex, sexual orientation, race, disability, age, religion or belief. This must be explicitly stated to all employees
  • The particular rules in relation to sending confidential information by email
  • Whether any personal use is acceptable and if so how much personal use is acceptable
  • What is the company procedure in relation to attachments – bulk attachments can cause problems with the internal systems and so should be avoided
  • Full information in relation to Data Protection and e-commerce rules


Both policies should contain warnings in relation to any breach of the policies and should specify the consequences of any breach along the following lines:

  • That access to email and the internet can be withdrawn at any time
  • If any of the individuals have broken the law in relation to their email use that they may be liable to prosecution and liable to pay damages
  • If a user is accused of harassment or causing offence stating that they did not intend to harass or cause offence will not be an adequate excuse
  • If the employees are using the work computer system to store or circulate images of child pornography they will face criminal charges.