Government proposal on employers´ rights to employee e-mail information sparks controversy
A number of legal experts interviewed by Helsingin Sanomat have sharply denounced a government proposal for an amendment to the electronic communications data protection law.
The proposed law, which has been dubbed Lex Nokia by some of its detractors, would give companies the right to monitor the addresses of e-mails sent and received by employees, as well as the type of attachments linked with the message, but not the content of the message itself.
At the University of Turku, Veli-Pekka Viljanen, a Professor of Constitutional Law, says that the bill puts far too great an emphasis on the rights of employers.
"The protection of corporate secrets has been given a significant emphasis compared with confidential communications linked with the protection of privacy", Viljanen says.
Tuomas Ojanen, Professor of Constitutional Law at the University of Helsinki, agrees with Viljanen.
"It is a classical situation of weighing options: is the confidentiality of communications, which is a part of fundamental rights, more weighty than a company's protection of property and freedom of enterprise, which are also mentioned in the constitution, and which are only distantly linked with corporate secrets?"
Minister of Communications Suvi Lindén (Nat. Coalition Party) defended the proposed legislation. In her view, the bill needs to be examined as a whole. Individual parts taken out of context can look bad.
The legal experts interviewed by Helsingin Sanomat agreed that the proposed law has been prepared largely with the needs of companies in mind, and under corporate pressure.
The benefits of the information for an employer are also seen as questionable. "From the point of view of criminal law, information gleaned might not be valid evidence to show violation of the protection of corporate secrets", Viljanen says.
Asko Lehtonen, Professor of Law at the University of Vaasa, feels that the entire proposal is unnecessary, because it cannot really prevent the leaking of corporate secrets.
"There is an attempt to reduce human rights and fundamental rights without a reason. In reality, company secrets are not passed on by e-mail", he notes.
At the data security company F-Secure, CEO Mikko Hyppönen feels that a greater threat to companies than employee e-mail is spyware that can be spread through flash drives and attachment files, which copy and spread company secrets without the knowledge of the user.
The proposal would also allow employers to forbid employees from using a company's data network or server for purposes which hurt the employer's data network.
Employees would continue to be allowed to use the Internet and pay bills on an online banking service, using the employer's computer.
Tuomas Ojanen notes that in European law, the protection of privacy and the confidentiality of communications are dealt with in much the same way as they are in the Finnish constitution.
"Electronic communications and address information are confidential, even if they originate from an employer's computer or network", Ojanen says.
Under the proposal, an employer would not need to get special permission to monitor employees' e-mail traffic, or investigate possible unauthorised use of a data network.
The employers would be allowed to engage in the surveillance, even if there is no actual suspicion of leaks of corporate secrets
Legal experts say that the proposed law would give employers greater authority than the police have. To gain access to similar information, the police need to get a warrant from a court if it has reason to suspect that a crime has been committed.
At the University of Helsinki, Olli Mäenpää, Professor of Administrative Law, is seriously worried at what he sees as the privatisation of surveillance outside the realm of official activities.
"This legislative proposal is probably motivated purely by the economic interests and their protection. They are to be given a clear advantage over the protection of privacy."
In the preparation of the legislation, the information that employers would have access to was seen to be similar to the addresses and return address on an envelope, which can be seen by those handling a company's ordinary mail.
Professor Asko Lehtonen disputes the analogy:
"A company is also not allowed to keep tabs on whom employees send envelopes to. If the collection of such information were systematic, this would constitute an illegal personal register", Lehtonen says.
The proposal was dubbed Lex Nokia, because it was sparked by the announcement by prosecutor Jukka Haavisto in the spring of 2006 that Nokia had been illegally monitoring contact information of its employees' e-mail in 2000 to 2001.
The prosecutor felt that Nokia's actions were in violation of the law on communications privacy. The matter never came to trial, because the two-year statute of limitations had passed.
Minister of Employment Tarja Cronberg (Green) submitted a dissenting opinion to the government's decision, saying that the possibility of filing a criminal complaint in a case of suspected information leaks should be enough of a safeguard.