The recent decision by the Liverpool branch the Royal and Sun Alliance Insurance Company to dismiss 10 employees who were involved in sending emails depicting Bart Simpson in a sexual pose may seem like an over-reaction.
The e-mails came to light when one was sent to a director, following which the company investigated the activities of up to 100 of its employees. However, a director of an Irish business who received a similar e-mail might have no choice but to take similar action.
A pornographic cartoon of Bart Simpson is child pornography, which is defined by the Child Trafficking and Pornography Act as "any visual representation that shows . . . a person who is depicted as being a child and who is engaged in or is depicted as being engaged in explicit sexual activity".
Such an interpretation may seem surprising, but the primary object of the legislation is not to protect the unfortunate children who are abused to make pornography; instead, it is to prevent those who would see such material being corrupted by it.
A particular concern about the use of pornographic cartoon characters is that they might be used to suggest to children that sexual activity is normal and right. So the Act also defines child pornography as being any visual "representation that advocates, encourages or counsels any sexual activity with children".
To "knowingly" produce, distribute, print or publish child pornography is an offence punishable by up to 14 years' imprisonment; being knowingly in possession is punishable by up to five years. Where a company commits an offence, any director or other officer of the company who has consented or connived or neglectfully permitted the offence will do the time.
Once the director had received the Bart Simpson e-mail and so acquired the necessary knowledge, he would have been unwise not to act. Arguably, the difference between the Republic and the UK is that here a director is supposed to contact gardai immediately and facilitate their investigations.
A director would also have to keep in mind that his employees were publishing pictures that breached the copyright of The Simpsons cartoon. He might also be concerned that his company could be sued for damaging the goodwill vested in Bart Simpson.
As long as a business remains unaware that its employees are sending pornographic e-mails, it can deny liability, pointing out that, as a respectable business, the creation and distribution of pornographic cartoons is not within its employees' recognised duties. However, if a director becomes aware and does nothing, it can be argued that the business has endorsed and participated in its employees' activities.
Being sued by an irate US media company for stealing and damaging its intellectual property is not as grim a prospect as 14 years in Arbour Hill Prison, but some would say the difference is only marginal.
If a business suspects that its systems are being used to send material of this type, it would be unwise not to initiate a thorough investigation. No business wants to find itself in the position of Birmingham University, one of whose employees was convicted of running a child pornography site from its mainframe.
But the right of the employer to investigate and monitor must be balanced by a respect for the rights of employees and the right to privacy in particular. Unfortunately, it is unclear in the Republic how extensive a right of privacy employees have in relation to e-mails or to material they have stored on an employer's computer.
If employees have encrypted data on an employer's system, they may object if the employer tries to access that data, citing the protections for cryptographic keys contained in The Electronic Commerce Act 2000.
In the long term, the EU or Oireachtas may have to introduce clearer legislation to identify and protect employees' rights to privacy. In the meantime, individual employers should establish standards themselves and perhaps include them in contracts of employment. Once an investigation is concluded, an employer might wish to discipline employees against whom it believes allegations of misconduct have been proven. Sanctions cannot be applied immediately; employers must follow "fair procedures" in this process.
Employees must be informed of the nature of the allegations against them and be given an opportunity to rebut them. Under the Unfair Dismissals Act 19771993, an employee can be dismissed as a result of misconduct, but in practice this has been interpreted to mean serious misconduct such as theft or physical assault. A decision on the seriousness of sending an e-mail would depend upon all the facts in any given case.
Denis Kelleher is a practising barrister and co-author of Information Technology Law in Ireland (Butterworths, 1997); deniskelleher@ireland.com