"What would you do if an employee came to you and told you she was being cyber-stalked and cyber-harassed at work?" wrote Internet lawyer Parry Aftab of wiredsafety.org recently in Information Week. "Who within the company would you inform? What would you tell the employee? What actions would you instruct the IT department to take? Like all online risks in the workplace, the time to think about this is before something like this happens, not after."
Some expert guidance:
- What it looks like. By "cyber-stalking" or "cyber-harassment," we're not just talking about hostile or threatening e-mail messages sent to the victim. A perpetrator may also masquerade as the victim, and in that guise carry on damaging or dangerous activities, designed to hurt and embarrass not just individuals but the whole enterprise, or to falsely implicate the victim in wrongdoing. Your people may become victims (or, heaven forbid, stalkers) as a consequence of events and relationships in their private lives, or cyber-stalking may occur as a response to a workplace issue or dynamic.
- Who does it. Typically, a cyber-stalker has had some real-time contact with the victim, and is trying to take advantage of the anonymity of the Internet to lash out — for whatever reason — in ways that would be difficult or impossible in person. In the workplace context, that often means needing to watch out for ex-employees, or failed job applicants, or others who might bear a grudge against your enterprise or individual employees. There are also cases of cyber-harassment conducted by unscrupulous competitors.
- What to do. Make sure your Internet acceptable-use policy makes specific reference to stalking, threats, or harassment — and, conversely, that your safe-workplace and anti-harassment policies make specific reference to Internet communications. That will help give you grounds for discipline or termination if you're unlucky enough to have cyber-stalkers in your midst. What if your people are the victims? Internet monitoring systems can be useful not only for tracking outgoing messages, but incoming ones as well — or for verifying that a stalker's faked e-mail did not actually come from your employees.