Code of Conduct—Email sent to home address

Disclaimer: The following summary illustrates how the Merit Protection Commissioner has reviewed a particular case and should not be relied on as legal advice.

Key words: EL1 employee—emails—sanction of fine and reprimand—confirmed.

Application

The applicant was informed by the employing organisation of having breached subsections 13(5) and 13(8) of the Public Service Act 1999 (the Act). The applicant was informed that a 1% deduction from salary by way of a fine and a reprimand had been imposed.

The applicant sought a review by the Merit Protection Commissioner under Public Service Regulation 5.24(2)(b) of the sanction imposed.

The applicant is employed as an Executive Level (EL) 1. The breach of the Code of Conduct involved 'instigating, receiving, distributing and storing inappropriate material'. Eight emails and 28 images were involved.

The sanction recommendation report observed:

...although the seriousness of the sent emails is low, the volume of documentation stored is large. Furthermore, the applicant has received a Warning letter for a previous inappropriate email.

In the application for review, the applicant stated:

…I am appealing to the Merit Protection Commissioner on the grounds that the sanction decision has been based on a previous alleged offence which was withdrawn by the [organisation] and the fact that no weight has been given to the guidelines of what is acceptable to a reasonable person.

As such, the applicant sought that the fine be overturned and the reprimand withdrawn.

The applicant told the Merit Protection Commissioner that in view of the fact that the agency admits the seriousness of the emails is low, 'a fine is too harsh and should be withdrawn along with the reprimand'. The applicant considered a 'don't let this happen again' letter would suffice.

Review

As the threshold issues had been met, the focus of the review was whether, in all the circumstances of the case, including any mitigating factors, the sanction imposed on the applicant was appropriate.

Relevance of previous incident

As indicated above, the applicant took issue with the weight given to alleged previous misconduct. The applicant said that it involved an email which was ultimately considered not to have been offensive under the guidelines at that time. The applicant stated that the warning was 'overturned', and that 'the only concern was that I had sent a private email to my home address'.

In this regard, the applicant referred to an email received by the applicant from agency management which finalised the previous matter. The email stated that subsequent to the issue of a warning letter about an inappropriate image having been identified from a routine sweep, there had been 'much discussion' about whether the image was inappropriate or offensive. It states the image was reviewed by a senior executive, who 'was of the opinion that the image would not be considered offensive by either an independent assessment or under the definition of what a reasonable person would see as offensive'.

The email then refers to further discussions where 'the consensus was that the main issue was the referral of an image to an external email address'. A meeting was then held with the applicant, where agency management:

...explained to the applicant that the email could cause a reputational risk to the Agency in that it was sent outside the Agency. [The applicant] explained that [the email had only been sent to the applicant's] personal address. I explained that if [the applicant] had either forwarded it on or printed it…there was evidence of Agency's addresses, that it could be construed that the material had originated from within the Agency and then draw questions as to the Agency's position on the creation and circulation of non work related images.
The applicant now understands the sensitivity of any images being sent to addresses outside the Agency".

The email concluded:

The view of the Senior Executive is that this matter should be brought to a close with a note on the applicant's file that a discussion has taken place where [the applicant] was reminded not to send material to the applicant's  personal email address from [the applicant's]Agency email.

The recommendation to the sanction delegate stated with respect to a number of emails that were sent by the applicant:

The sending of the unacceptable emails was not related to the employee's duties. The potential for embarrassment to the Agency and harm to its reputation is substantial, as they were sent to email addresses external to the Agency. The emails carry an automatically generated post script which identifies Agency as the source. The danger for [the] Agency is heightened when emails are sent to organisational addresses, rather than personal ones. The applicant's emails were sent to personal addresses and government departments.

Regardless of the nature of the image, it was made clear to the applicant on the earlier occasion, that emails sent outside the Agency were problematic. Reputational risk was identified and explained, including where the email identified the agency's addresses. It was reasonable to have regard to the heightened nature of the risk, as articulated by the sanction recommendation, where the email is sent to an organisational address. As such, to that extent the Merit Protection Commissioner was satisfied that the previous incident was a relevant consideration in setting a sanction.

Nature and seriousness of the breach

In response to the breach the applicant said 'I believe most of the emails would not be considered offensive to a reasonable person with common sense, an open mind and able to balance personal opinion with generally accepted community standards.' The applicant made reference to classification guidelines which were a background document to an earlier version of the agency's IT user policy. In the applicant's response to the sanction recommendation, it was noted that the applicant had not realised there was now an updated policy with zero tolerance of the types of images that had been forwarded. In the application for review the applicant considered that the material in question would be acceptable to 'reasonable adults'.

Whilst this review did not look at whether or not there was a breach, the nature of the breach itself was relevant to the sanction imposed. The relevant images and emails included images of animals copulating, a topless sunbather and other material containing words which could reasonably be considered offensive. The material was not appropriate in a work environment covered by the agency's IT user policy.

It is acknowledged that not all of this material was sent externally by the applicant, but it was all stored (including unopened emails) by the applicant on the system.

Outcome

As indicated, the current agency IT guide contained a zero tolerance policy with respect to instigating, receiving, distributing and storing inappropriate material. The applicant had a responsibility to not only be aware of relevant policies (and in that regard the determination report made reference to various initiatives and practices to bring the IT policy to the attention of employees), but also to ensure that what is stored and disseminated complies with those policies. The classification of the employee (Executive Level) and their leadership role meant this was an important consideration.

The Merit Protection Commissioner considered that a fine and a reprimand were warranted. The circumstances did not warrant a more severe sanction, notwithstanding a zero tolerance policy. A fine that is half the maximum permitted appeared to strike a reasonable balance between the need to impress upon the applicant the level of adherence to the IT policy required, modify subsequent behaviour, and the circumstances of the breach itself.

For the reasons set out above the Merit Protection Commissioner recommended that the decision be confirmed.

Lessons learnt: that sending private emails and images using work computers may breach the agency policy relating to private use and thus the Code of Conduct. The more senior the employee the more significant is the requirement to uphold the Code of Conduct.