“Invasion of Email is more of a threat today just because so many more people are using Email,” says Phoenix attorney Michael Lechter, a specialist in intellectual property law at Meyer Hendricks Victor Osborn & Maledon.
“It used to be that everything was on paper and tucked away in a drawer someplace,” Lechter says. “Someone browsing through such information is much easier in its electronic form. Sure, there are passwords, but passwords can be broken.”
Another local intellectual property law expert in Phoenix is Sherman Parrett of Snell & Wilmer.
Parrett says, “There are very few Email installations that can’t be invaded by a devious computer hacker. If the system is totally internal to the company, it’s relatively easy to protect it with passwords and levels of access. If you want to interface with outside networks, however, it becomes more difficult.”
Various technological mechanisms can be built into one’s software program that tend to prevent their being copied, Lechter says in his “Intellectual Property Handbook,” published by TechPress Inc., an affiliate of the Meyer Hendricks law firm. These mechanisms can include encryption and non-standard formats.
Lechter writes, “Any physical security mechanism must be capable of reliably discriminating between authorized and unauthorized uses. The failure of a security mechanism, which prevents someone rightfully in possession of a software product from using it – or which destroys a rightful user’s database – may result in large damage claims.”
Parrett recommends changing personal Email passwords often – especially when someone else with knowledge of it is transferred, retires or resigns. “In an internal company system there should be varying degrees of access, encryption techniques used and a regular schedule for purging information,” Parrett says.
Lechter says one type of encryption – or coding – is done with a “public key/private key” system. “There’s a public key that you give out to people so they can decode messages you send to them, and there’s a private key you use to encode messages you are going to send,” he says. “The message you encode with your private key can only be decoded by those who have the public key you provided them.”
Lechter says the use of public/private keys also assures that “the message you just received from ‘George’ really is from ‘George’ because only George’s public key will decode his message. If the public key doesn’t decode the message, if it comes up gibberish, then it’s not from George.”
There are several Email issues in intellectual property law, Lechter says. Among them are employee/employer interaction; access by government, such as regulatory and investigative agencies; copyright protection; and right of privacy. “Does the employer have the right of access? Does anything you write on the employer’s system belong to the employer?”
Also, Lechter says, “If an employee uses Email improperly, such as sending obscene or threatening material to others, is the employer liable for that?”
Lechter and Parrett both strongly urge that employers have a formal written communications policy spelling out the do’s and don’ts, and that it is given to employees at the time of hire. Most importantly, that policy should say that the company Email and voice-mail systems are for business matters only. It also should state that the systems are monitored by a systems manager or other supervisor and that all messages are subject to be read.