By Dolores Kong
The Boston Globe

Your boss could be watching you, even when you're not
at work.

Corporate charge cards and cell phones authorized for
personal use - even company-sponsored computer
purchase programs - have made it increasingly easy for
employers to keep an eye on worker activities outside
of working hours.

These seemingly innocent company benefits, the
outgrowth of a tight labor market and the increasing
role of technology in the workplace, also carry the
potential for the invasion of an employee's privacy
while he is online at home, shopping with a credit
card, or making a personal phone call on the road.

Privacy specialists say the potential for surveillance
outside the workplace exists now that technology is
available to track what purchases an employee makes,
what phone numbers he calls and what Web sites he
visits, even if there's no improper personal use of
company- owned or -provided equipment.

"It sounds to me almost like an extension of the
workplace, as tentacles that reach into people's
personal lives," said William G. Staples, a University
of Kansas sociologist and author of a new book,
"Everyday Surveillance: Vigilance and Visibility in
Post modern Life."

"I don't mean to sound sinister when I say tentacles,
but these are connections that go beyond the workplace

With surveys showing more corporations offering perks
with the potential to invade privacy at the same time
that more firms are conducting workplace surveillance,
the need for vigilance has never been greater, privacy
specialists say.

"Today, employers are anxious to get as much
information on employees as possible," said David F.
Linowes, professor emeritus of political economy and
public policy at the University of Illinois at

"Once it gets into a computer, once it gets a
technical aspect, then anybody can get that
information. This is what you have to be alert to, to
guard against," said Linowes, who was chairman of the
1977 Presidential Privacy Protection Commission and
codirected a 1996 research survey of privacy in the
workplace among selected Fortune 500 companies.

But human resources professionals say employers who
approve the personal use of company charge cards and
cell phones don't care what purchases or calls
employees make on their personal time. They also say
if an employee buys a home computer through a
company-sponsored discount purchase program, that
equipment is the employee's private property.

"The concept of privacy revolves a great deal around
what a person's expectation of privacy is," said
Michael Lotito, an attorney with Jackson Lewis, a
national employment and benefits law firm.

"The further you move away from the workplace, the
more likely the person has an expectation of privacy,"
said Lotito, who is also the chairman of the Society
for Human Resource Management.

Nevertheless, "If you have a company credit card -
even if you're authorized to use it for some personal
use - it would be wise to consider what personal use
you put it to," said Ellen Bayer, a human resource
management specialist with the American Management
Association, an executive education and management
development organization based in New York.

American Express, the largest corporate card issuer by
far, with 8.6 million cards as of last year, offers a
variety of ways for corporations to provide cards to
their employees - with personal use authorized or not,
the bill sent to employees' homes or not.

But no matter how a company's program is set up, the
information about date, place and nature of charges
also gets reported to corporate headquarters, said
Melissa Abernathy, manager of public affairs for
American Express Corporate Services. "That is
standard," she said. "The whole point of a corporate
card program is to establish reporting hierarchies."

If a company allows personal spending on corporate
cards, "they're probably not reviewing those reports.
But if they don't allow personal spending, they're
probably looking pretty closely," Abernathy said.

Privacy specialists say that even if corporate
administrators generally wouldn't bother to monitor
credit card or cell phone bills when personal use is
authorized, that could all change once a firm wants to
get rid of an employee.

"If someone wants to make the case for firing the guy,
you could pull all his American Express records" in
the hunt for evidence, said University of Kansas
sociologist Staples.

But human resource specialists say that's not unique
to employers or corporate-issued charge cards.

"Forget Big Brother," said Lotito. "Say I'm a
plaintiff's lawyer and I'm looking for any kind of
documentary evidence or pattern of behavior," to prove
that someone had sexually harassed a client.

"I would subpoena every record the individual would
have," he said, including any corporate or personal
charge card records that would support, say, his
client's claim that the accused sent her flowers and
cards with highly suggestive and offensive comments.

But that doesn't make the potential for an employer to
invade an employee's privacy any less of a concern,
say privacy experts.
Perhaps one of the biggest areas of worry is employee
use of home computers, whether the employee purchased
the PC on his own or through the increasingly popular
company-subsidized computer purchase programs.

PeoplePC of San Francisco has agreements with major
companies such as Ford Motor, Delta Airlines, and The
New York Times (which owns the Globe) to sell
computers and provide Internet service to employees at
a discount.

PeoplePC founder Nick Grouf has said publicly that his
company will not divulge information about what Web
sites a client's employees visit or the e-mails they
send or receive. And corporations signing up with the
start-up have said they will not invade the privacy of
employees enrolled in the program.

But a notice on what PeoplePC calls the "legal
mumbo-jumbo" page of its Web site informs people who
sign up that "PeoplePC may be required to disclose
information regarding me and the use of my Membership
and Internet account (including data and e-mail) to
the government or regulatory agencies or to third
parties if legally compelled to do so and I consent to
such disclosure."

Even employees who buy home computers on their own,
and not through such corporate-sponsored programs as
PeoplePC's, may not be safe from an employer's
intrusive reach.

In a highly publicized case earlier this year,
Northwest Airlines got a subpoena to copy the home
hard drives of some employees suspected of being
involved in an illegal sickout campaign during
contract negotiations.

"We think they came in and engaged in misconduct,"
said Paul Levy, an attorney with Ralph Nader's Public
Citizen Research Group, who represented some of the
employees. "My two clients were not union officials.
They were not involved in a sickout."

The case was dismissed after the contract was settled
and the legality of Northwest copying his clients'
home hard drives was not ruled upon, Levy said. A US
Supreme Court-appointed civil rules advisory committee
is now "looking at the whole issue of electronic
discovery and computer-based discovery," Levy said.

But five months after the case was dismissed and a
consulting firm working with Northwest was told to
certify that all copies of the hard drives were
destroyed, "we still don't have certification under
oath that they've gotten rid of everything," Levy said
last week. He said he plans to go back to court and
hold them in contempt.

"It's pretty outrageous," he said. "In theory, my
clients ought to be worried."