Well ... it depends.

In the case where an employer is a public authority, probably, UNLESS 
you provide an alternative (can they access GMail, for example).

(In fac we don't allow access to hotmail etc, for security reasons, but 
we provide an alternative personal mailbox instead)

Check out the Lawful Business Practice Regulations or whatever they are 
called in England.

We developed the following policy (Caveat: Guernsey law is EXTREMELY 
similar to the UK in DP and Humanr Rights, but self-evidently is NOT the 
UK) which may be of interest.


Policy

On use of computers,  networks, email, telephone systems and the Internet.

The provisions of this policy apply to all members of staff and 
contractors, and references to ‘employee’ should be construed accordingly.

Summary

Computer, telephone and internet facilties (including email) are made 
available by the company to staff and contractors so they can can 
effectively carry out their responsibilities in furthering the 
objectives of the Company’s business.

In order to comply with the law, and for the benefit both of employees, 
and the company as employer, we recognise that we should provide you 
with guidance about what is (and what is not) appropriate use of these 
faciltiies net in order to safeguard the interests both of you  as 
employees, and of the company.

Although access to these facilities does not form part of your employe 
benefits, we do understand that occasionally there are times when you 
might legitimately make private use of company  facilities. For example, 
to make or receive calls, to use a computer to send and receive personal 
email or use the Internet for personal reasons. This policy is intended 
to make clear what constitutes legitimate use in order that employees 
can use these facilities to their full potential on company business and 
understand what does and does not constitute acceptable use.

The policy is not intended to be restrictive.

Instead its aim is to give you a high measure of security and confidence 
about your use of computers, email, telephones and the Internet whilst 
you are at work.

It has been designed to safeguard the legal rights of employees under 
the terms of both the Bailiwick’s Data Protection legislation (the Data 
Protection (Bailiwick of Guernsey) Law 2000) and the Lawful Business 
Practice Regulations issued by the Home Department (Guernsey Statutory 
Instrument 28 of. 2004) as well as to protect the interests of the company.

Use of Computer Systems

Appropriate Use of Computers

Employees are encouraged to use the computer facilities and the Internet 
in order  to further the goals and objectives of their work

Examples of such activities would include, but not be limited to:
·	Communicating with fellow employees, business colleagues, clients or 
customers of the company within the context of  your responsibilities.

·	Acquiring or sharing information necessary or related to the 
performance of your responsibilities.

·	General use for the purpose of extending or expanding an individual's 
personal knowledge or expertise in relation to their function within the 
company.

·	Reasonable use for communication purposes, independent learning, 
access to public services etc.


Inappropriate Use

Computer and Internet use must not interfere with others’ use of the 
network (i.e. the company’s internal network(s) and the public 
Internet). At all times you must comply with the law in your use of 
computer facilities and the Internet.

Examples of inappropriate activities might include, but not be limited to:

·	Acting in a way that is not consistent with the professional status of 
the company, which misrepresents the compahy, or would be likely to 
bring the company  into disrepute.

·	Any illegal or unlawful purposes such as copyright infringement, 
obscenity, libel, slander, fraud, defamation,  harassment, intimidation, 
forgery, or impersonation,

·	Creation, transmition, storage, downloading or displaying of any 
offensive, obscene, indecent or menacing images, data or other material 
capable of being resolved into such material.

·	Unreasonable or extensive personal use or use which does not enhance 
or conflicts with an employee’s role within the company. For example 
conducting commercial activities unrelated to company business (whether 
competitive to the company’s business or not), dissemination of 
unsolicited mass mailings or chain letters, providing access to 
computing and network resources for non-employees etc.

·	Inappropriately viewing, copying, altering, or destroying data, 
software, documentation, or data communications belonging to the company 
or another without permission.

·	Sharing computer accounts or loaning accounts or passwords to other 
people.


·	Installation, distribution and use of illegally copied software

·	Use of company systems to gain unauthorised access or attempt to gain 
unauthorised access to any other computer systems, whether external or 
internal.

·	Deliberate computer tampering such as introducing malicious programs 
into company comptuers or the  network eg, computer viruses or worms.

·	Deliberately attempting security breaches or attempting to bypass 
legitimate security devices such as firewalls. Attempting to access or 
circumvent authorised access to servers or network attached equipment 
the user does not have authority to access is strictly prohibited.

·	Disruption of network communication or integrity (including activities 
such as network monitoring, packet spoofing, forging, flooding, port 
scanning or attempting denial of service attacks).
·	Physically moving, damaging or tampering with any compahy owned IT 
system.

·	Abuse of email facilities. Sending forged email, unsolicited or junk 
email, harassing people via email etc. (Please also see the email policy 
guidelines, below.)

You should be aware that your use of company computers may be monitored 
and/or recorded for one or more of the lawful purposes which set out in 
Statutory Instrument 2004/28 (The Guernsey Lawful Business Practice 
Regulations). For example, for training and quality control, or the 
prevention or detection of crime. A copy of these Regulations is 
available on request.


Telephony

It is recognised that there will be occasions when you might need to 
make short, personal telephone calls using company facilities in order 
to deal with both urgent and occasional routine domestic matters. This 
is entirely acceptable.

However, under no circumstances are ‘09’ or other premium-rate numbers 
to be called. It should also be emphasised that calls to mobile 
telephone numbers and the ‘087’ numbers used by some company’s call 
centres can be much more expensive than to ‘geographical’ numbers and 
you are expected to use your judgement so that the duration of such 
calls is kept to the minimum necessary.

Where this is possible, you should try to make non-urgent personal calls 
during breaks or outside of the normal working day so that they do not 
interfere with your normal work. If your employment is for part of the 
day only, such routine calls should normally be made outside work-time 
if this is possible.

We also consider that it is legitimate for you to receive short calls 
about personal and domestic matters or arrangements, providing the 
number and/or duration of such calls does not interfere adversely with 
your work.

Use of company telephone facilities (regardless of whether it is for 
private or company purposes) which is in any way excessive (i.e. outside 
of the guide defined above), defamatory, obscene or otherwise 
inappropriate, will be regarded as misconduct.  In serious cases this 
may amount to gross misconduct and could lead to dismissal.

Information about calls made on any company telephone or line (such as 
duration or destination) or the content of such calls may be recorded 
for any of the legitimate purposes set out in the Lawful Business 
Practice Regulations.


Email

As with telephones it is recognised that employees can use email for 
personal means in certain circumstances.

However, please note that it is company policy that you are not 
permitted under any circumstances to use a company email address (such 
as [log in to unmask] or [log in to unmask] to send or receive personal 
email. If you wish to send or receive personal email, a personal email 
box will be provided upon request (e.g. [log in to unmask]) for that purpose.

For security reasons, it is company policy that external webmail 
facilties (such as Hotmail, etc) must not be used from the company 
network under any circimstances and that you are not allowed to use the 
HTML setting on any email reader. (Please note: If you prefer to use an 
existing external personal email address to send and receive personal 
email, please ask for guidance as to whether this is possible, and how 
it should be set up).

Email should be treated like any other form of written communication 
and, as such, what is normally regarded as unacceptable in a letter or 
memorandum is equally unacceptable in an email communication.
It is legitimate for employees to make use of email outside of normal 
working time for personal reasons to send messages over the company 
network provided they are not indecent, defamatory or otherwise 
inappropriate.  Personal email use should not interfere, either because 
of its timing or extent, with the performance of your normal duties.
You must never open any email attachments (irrespective of whether they 
are addressed to your work or to a personal address) except with 
specific permission.

Please note that there is no longer any need to send or receive emails 
with attachments except in exceptional circumstances (such as a failure 
of private networking links), and you should be extremely wary of 
unexpected email with an attachment which arrives from outside the 
company as it is very highly likely to contain a virus.
If you receive an indecent or defamatory email, whether unwittingly or 
otherwise,from whatever source, you must not forward the email to any 
other address, and should report the matter immediately.

The use of email (regardless of whether it is in the course of the use 
of company or personal email) to send or forward messages or attachments 
which are in any way defamatory, indecent or otherwise inappropriate 
will be treated as misconduct under the appropriate disciplinary 
procedure. In serious cases this could be regarded as gross misconduct 
and lead to dismissal.

The company may monitor the destination, source and content of all email 
for any of the legitimate purposes set out in the Lawful Business 
Practice Regulations. .The company also reserves the right to access 
your email account in case of your unexpected or prolonged absence (e.g. 
due to sickness) in order to allow it to continue to undertake the 
employee's normal role.


Use of Internet

The primary reason for the provision of Internet access is for the easy 
retrieval of information in order to enhance your ability to undertake 
your role in the company..
However, as with email, we consider it legitimate for you to make use of 
the company’s access to Internet in its various forms outside of normal 
working hours for personal purposes as long as it is not used to view or 
distribute improper material (such as text, messages or images which are 
derogatory, defamatory or obscene). We also recognise that there can be 
occasions where it is sensible for the employee to make occasional use 
of the Internet for personal reasons such as a private transaction, 
rather than having to spend considerably more time out of the office. 
(Examples of this might include a bank transaction or the booking of a 
holiday.)

Wherever such personal use is in non-working hours (such as during a 
break), then it is always permissible.  Where it is is within working 
hours, there should be a good reason for the particular use (e.g. urgent 
booking of a flight). In any event personal Internet use must not 
interfere, either by its timing or extent, with the performance of your 
duties.

Use of the Internet outside of these policy guidelines will be treated 
as misconduct and in serious cases it could be treated as gross 
misconduct and may lead to dismissal.

The Company reserves the right to monitor the use of the Internet from 
particular computers or accounts where it suspects misuse of the 
facility. The company may record or monitor any use of the Internet for 
training, quality control and any of the legitimate purposes set out in 
the Lawful Business Practice Regulations.

Tim Turner wrote:
> I'm possibly wearing my Devil's Advocate Hat - why should they (we) be
> allowed to do send personal emails at work? It might be nice, it might be
> useful, it might be more conducive to good employer / employee relations,
> but is it so terrible to refuse to allow staff to send personal emails? Is
> it in any way illegal to do so?
> 
> Tim Turner
> Data Protection / FOI Officer
> Legal and Property Services
> Wigan Council
> 
> 
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]] On Behalf Of Roland Perry
> Sent: Wed 11 April 2007 14:16
> To: [log in to unmask]
> Subject: Re: [data-protection] European Court of Human Rights: Personal
> calls and Internet usage from work are (maybe) protected
> 
> In message <[log in to unmask]>, at
> 12:06:10 on Wed, 11 Apr 2007, Ian Welton <[log in to unmask]> writes
>> Individual levels of freedom as an element of privacy and the potential 
>> contrast/conflict with organisational control/management generally 
>> appears clearly in these types of cases.
> 
> The aspect I'm most interested in is the ability of the (desk bound)
> employee to be able to send/receive important personal emails while at work.
> Due regard needs to be given to how much that distracts from their job (I
> wouldn't expect people to be able to run an eBay auction from
> work) but they should be allowed to do it (rather than it being absolutely
> banned) and when they do send/receive such emails there should be an
> adequate and reasonable degree of privacy.
> --
> Roland Perry
> 
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>      All archives of messages are stored permanently and are
>       available to the world wide web community at large at
>       http://www.jiscmail.ac.uk/lists/data-protection.html
>      If you wish to leave this list please send the command
>        leave data-protection to [log in to unmask] All user commands
> can be found at http://www.jiscmail.ac.uk/help/commandref.htm
>  Any queries about sending or receiving messages please send to the list
> owner
>               [log in to unmask]
>   Full help Desk - please email [log in to unmask] describing your
> needs
>         To receive these emails in HTML format send the command:
>          SET data-protection HTML to [log in to unmask]
>    (all commands go to [log in to unmask] not the list please)
>     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> 
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager.
> 
> This footnote also confirms that this email message has been swept by
> MIMEsweeper for the presence of computer viruses using Sophos 
> anti-virus software.
> 
> www.mimesweeper.com
> www.sophos.com
> **********************************************************************
> 
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>      All archives of messages are stored permanently and are
>       available to the world wide web community at large at
>       http://www.jiscmail.ac.uk/lists/data-protection.html
>      If you wish to leave this list please send the command
>        leave data-protection to [log in to unmask]
> All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
>  Any queries about sending or receiving messages please send to the list owner
>               [log in to unmask]
>   Full help Desk - please email [log in to unmask] describing your needs
>         To receive these emails in HTML format send the command:
>          SET data-protection HTML to [log in to unmask]
>    (all commands go to [log in to unmask] not the list please)
>     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^