The interest of every employer and employee in Bermuda should have been aroused by the recent e-mail nightmare suffered by London law firm Norton Rose.

As has been widely reported, one of the firm's aspiring young lawyers, Bradley Chait, received a sometime intimate and explicit e-mail from his girlfriend, Claire Swire.

Ms Swire no doubt expected Mr. Chait to keep the e-mail to himself, and to delete it from his system as soon as it had been read.

But Mr. Chait instead forwarded the e-mail on to six of his colleagues, who in turn copied it and sent it outside the Norton Rose offices. Within hours, it had been sent worldwide (including to Bermuda), and read by at least a million people by the end of the day.

Now, it is likely that Norton Rose prohibited its employees from sending any messages containing offensive language or material, sexually explicit comments or other unacceptable messages.

It is also likely that Norton Rose had in place a strict policy on the use of the corporate e-mail system for personal use.

Those are wise policies, as employers who allow their corporate e-mail system to be used by employees without regard to what the employee is doing with this perk risk a very uncertain future.

Viruses, for example, can easily be transmitted by e-mail.

Once a virus enters an organisation with multiple users, it can cause chaos and perhaps even catastrophe to the ability of the employer to continue to conduct its business with the outside world.

An employer can install firewalls and filtering services, but cannot prevent an employee from installing software on to his desktop system and infecting other users with any virus it may contain.

The introduction of an e-mail policy that prohibits the installation of software and the receipt of personal e-mails plus the installation of an appropriate filtering system would easily solve this problem.

However, no filtering system will catch everything.

Aside from the danger that viruses pose, employers should also fear e-mails that contain offensive language or material, pornographic images or sexually explicit comments.

An employer can easily find itself on the wrong end of proceedings brought by offended employees who receive such e-mails or who are exposed to these e-mails in the office environment.

Any such policies must be accompanied by adequate consequences for any employee who breaches the policies.

In the Norton Rose case the firm's policy provided that any employee found in breach would be disciplined and such disciplinary action could presumably lead to summary dismissal.

An Employment Appeals Tribunal in England recently dismissed an appeal by two employees of a company who claimed they were unfairly dismissed for forwarding smutty e-mail messages on to colleagues.

The company drew a distinction between those employees who had received the e-mails and deleted them but did not report them, and those that did not report them and forwarded them on.

The two who were dismissed were found to have sent the most, and most offensive, e-mails.

In the Norton Rose case, the firm disciplined five of its employees rather than terminate their employment.

The nature of the discipline has not been disclosed, but such discipline could include the loss of Internet access or e-mail rights (which could make it impossible for the employee to perform his/her job), loss of promotion prospects, demotion, or loss of bonus payments.

Perhaps the Norton Rose employees were lucky to retain their jobs.

In 1999, 40 employees at the New York Times were sacked for passing "inappropriate'' e-mails.

And earlier this month, Royal Sun Alliance in Liverpool fired ten employees and disciplined another 77 for the distribution of "lewd'' e-mails which included images of cartoon characters in sexual positions.

Royal Sun had issued guidelines in June regarding the acceptable use of e-mail, with warnings that offenders would be dealt with rigorously. No one was disciplined for simply receiving the e-mails. The Norton Rose debacle also underscores the potential damage to the reputation of any organisation that is associated with the sending and receipt of dubious e-mails. In Bermuda there is no legislation in place that monitors the ability of organisations to intercept and read personal e-mail.

A person has a constitutional right to basic privacy.

However, if an organisations's e-mail policies and procedures are appropriately drafted, an organisation can reserve all systems used by employees to itself thus giving it the power and authority to view anything that is on the system.

An employer must advise employees either in the organisation's policy and procedures manual, or at the commencement of employment, that it will randomly view individual desktop systems. That should serve as a warning to employees not to be a party to lewd or offensive material coming in to the business and being circulated.

To be effective, any e-mail policy should address the manner in which the system is used, what type of e-mail is permitted into and out of the organisation, what content is unacceptable and how issues of confidentiality are to be dealt with.

There must also be proper disciplinary procedures in place. And high-ranking employees should not be dealt with any differently than any other employee.

*** Attorney Kelvin Hastings-Smith is Manager of the Litigation Department at Appleby Spurling & Kempe. Copies of Mr. Hastings-Smith's columns can be obtained on the Appleby Spurling & Kempe web site at www.ask.bm.

*** This column should not be used as a substitute for professional legal advice.

Before proceeding with any matters discussed here, persons are advised to consult with a lawyer.

LAWYERS LEG