I came accross a very interesting article examining two court cases about corporate and military rights to access personal e-mail on company property. Despite the fact that the military and firm had privacy policies that clearly stated that they may monitor at any time, both of the defendents defeated the investigation on the right to privacy. What does your privacy policy state? And what do you actually do?

The end recommendation:
"The better approach is to give yourself the right to monitor, have employees consent to monitor, and state that your failure to monitor in particular situations is not a waiver of your right to monitor."

Get the full story at: http://www.securityfocus.com/columnists/421 by Mark Rasch.