Thus, the notion of what constituted the workplace was extended to cyberspace, thereby also suggesting that an employer may have a duty to monitor such computer bulletin boards to prevent sexual harassment and offensive conduct. Because of the expanding definition of what constitutes the workplace and the enormous extent to which businesses rely upon electronic mail, the employer must be concerned with issues surrounding the monitoring of electronic communications and balancing such monitoring against the employee's right to privacy with respect to those electronic communications, often used to transmit off-color jokes, offensive comments and non-work related material.

The Federal Wiretapping Act bars the intentional interception of any electronic or oral communications. The Electronic Communications Protection Act extends federal privacy protection to computer communications, including electronic mail. The New Jersey Wiretapping and Electronic Surveillance Control Act extends privacy protection to electronic mail communications specifically. Two important workplace exceptions exist to this prohibition, known as the business extension and consent exceptions.

The business extension exception applies where the interception of the oral or electronic communication occurs through equipment furnished to the employer by a communication services provider used in the ordinary course of business. The obvious permissible interceptions include an employer's monitoring of employees' telephone calls or electronic communications to oversee employee productivity and maintain quality control. Generally, however, any rational business basis should be sufficient to justify monitoring such communications.

Under the second exception to statutory privacy rights, the employer may obtain the employee's consent to monitor his oral and electronic communications. Obtaining consent avoids disputes over what constitutes a legitimate business purpose for monitoring and whether the interception was intentional or inadvertent, particularly with respect to personal telephone calls and electronic communications that the employer either knows, assumes or should assume the employee makes during the course of a workday.

There are a number of preventive measures that an employer may take to regulate appropriately workplace and cyberspace activities without violating employees' privacy rights:

2.The policy should provide that the employee does not have a right to privacy with respect to any oral or electronic communications received or sent and that the telephonic and electronic equipment provided by the employer or used in the workplace or in connection with the employment is intended for the business of the employer and not for personal use. The statement should further provide that the employer may monitor and access any and all communications originating from or received in the workplace or relating to the work.

3. The written policy should articulate a clear statement of the type of conduct that is prohibited generally and through the use of electronic and telephonic equipment. The policy should prohibit the following:

a) conduct or communication that is offensive, disruptive, annoying, harassing, abusive, derogatory; defamatory, obscene, vulgar, sexual, sexist, gender based, sexual preference or orientation based, disability based, racial, ethnic/national origin based, or ageist with respect to customers, clients, co-workers, vendors, visitors or anyone else. It should prohibit accessing, forwarding, transmitting or using such material.

b) solicitations for political, charitable, religious and non-employment related matters.

c) use of telephonic or electronic means to send or receive material that violates the proprietary and intellectual property rights of the employer or anyone else, including trade secrets, customer lists, patents, copyrights and reproduction of licensed software.

d) use of private passwords unless registered with or issued by the company or based on a system known to the company (such as social security numbers). All passwords should be deemed the property of the employer. (This would reduce or eliminate the employee's expectation of privacy even without his/her consent to monitoring communications. Moreover, if a disgruntled employee were terminated or resigned, it would be more difficult for the person to freeze proprietary or important information in his computer).

e) use of telephonic and electronic equipment in a way that hides or alters one's identity or for illegal purposes.

4. The policy can be incorporated into an employment handbook or manual (for which each employee should sign an acknowledgment of receipt to avoid later disputes as to whether the employee actually received notice of those policies and procedures). The policy can be the subject of a separate writing, which should be signed by the employee to acknowledge receipt and agreement to comply therewith. The statement should also advise the employee that a violation of the policy may lead to discipline, including termination of employment.

5. An employer may purchase software that blocks access to certain Internet sites or purchase computer programs that track Internet access so that the employer can monitor and ascertain which websites are visited by specific employees. If an employer uses such a program, it should advise its employees so that they do not have an expectation of privacy. One caveat, however, is appropriate. If the employer has the ability to limit or monitor Internet access, but fails to do so, a creative lawyer can argue that the employer should be liable for offensive conduct that could have been prevented (i.e., a negligent supervision claim).