The Australian Computer Society (ACS) has called on government to enforce rigid privacy laws on organisations which intercept employee e-mails.
Under new legislation, businesses may be given powers to intercept e-mails sent and received by staff without notification. The changes remove the need for disclosure in employee contracts, required by existing law, under the guise of counter-terrorism and national security.
ACS President Kumar Parakala said tough privacy laws are essential for interception provisions because staff often send personal e-mails from work.
"The federal government's decision to review privacy laws to protect national security raises the issue of professional conduct around new technologies and the absence of a robust system of checks and balances to ensure that privacy is protected," Parakala said.
"Any changes to powers in this area should be supported by education, guidelines and protocols, as well as technological solutions to help safeguard against invasion of privacy.
"Australia has had strong laws regulating interception of telephone communications. Now is not the time to throw those principles out the window, but thought needs to be given to how they can be adapted and the appropriate balance achieved."
Bosses should be forced to log which e-mail addresses are monitored and when, according to Parakala.
Stringent policy should detail which individuals are allowed to monitor communications, while supplemented by an alert system to warn staff if an unauthorised person gains access.
Random privacy audits would be conducted to enforce privacy requirements.
"Australia should develop and implement contemporary email policies, which are in line with a work-life balance," Parakala said.
The ACS recommended businesses create a code of conduct to discipline staff in breach of policy.
The policy would prevent staff from modifying captured e-mails or divulging content, and would give employees pause to reconsider e-mailing personal information which may be sequestered by law.