Email admin ethics

jadams

2[H]4U
Joined
Mar 14, 2010
Messages
4,086
We have a project manager who has for some time claimed he hasnt gotten specific emails. Important emails that contain information about current projects and such. This has happened on multiple occasions.

The other internal employee confirms he was in his sent items with the PM copied. Still the PM denies receiving it.

Message tracker shows that the emails were delivered. Upon showing this report to the project manager he still maintains that he did not receive the emails.

From there I load up the PM's mailbox and find the email in question in his deleted items. This causes a slight uproar regarding a breach of privacy.

On one hand we could argue there is an invasion of privacy. But whos privacy? It is not his email, but rather the company's. Employees have their own personal email accounts which should be used for personal things. If there is other sensitive information being passed around between, for instance, between HR and employees such as documents I'd imagine they'd be password protected like our pay stubs and tax docs are.

Secondly. There was a matter of a user reporting an email problem. The process started as last intrusive as possible, but could not end until until this specific employee was shown that his email was indeed delivered, and for whatever reason he deleted it.

Looking back if I had to do it differently I would have searched through his email in his presence, whether it be with him physically, or via a remote session.

Your thoughts, similar experiences...?
 
Last edited:
Could be a bad mail rule in the PR's e-mail client software. I've had that happen with one of my clients, the person that receives invoices from me. I had to show her how to create proper mail rules to not delete e-mail upon receiving it.
 
I think you're right that it would have been better to do it with him, or at least tell him "hey I'm going to look for it." That being said, like you said, it's not his email. I know where I'm at we make it a point to stress to users that nothing they do on organization machines is private.
We typically don't get into user's stuff unless it's requested from higher ups though, and then make sure there's a paper trail. Can't cover your ass too much these days.
 
Any files/documents on company servers are company property and will be treated as such. As an Exchange Admin, I have had the same experience. It is what it is, that is your job.
 
Sounds like a good educational opportunity as well. If you have users who are not aware that the company email is the COMPANY's email it would be a good time to spread that knowledge.
Nothing good comes from working in the back ground and then revealing it to the users. I have made similar errors and tried to learn from them, no one likes it if thing appear or disappear from their desktops etc.
 
That kind of thing needs to be part of the company policy. If there's paperwork to state it, it's 100% in their court to know the policy

Given that, there's a certain amount of tact that needs to be used when dealing with what users perceive as "private" (even if reality is different).
 
If the user submitted a request to look into the problem. You were authorized to solve the problem. If the request came from a higher up manager or HR again you are authorized to resolve the issue. If you were asked my someone with lower authority than the receiver to investigate you can do so as long as your focus is on checking the receipt of the e-mail and not reading the receiver's e-mail.

Basically you are an Administrator and your job requires you to have the keys to the castle for whatever is your domain of responsibility. If you are responsible for e-mail...guess what you can investigate anything, as THAT is part of your job. Now you can be issued instructions contrary to this, but that should be documented and when someone (typically someone in Sr. management or HR) makes this type of request you tell them you can not investigate the issue due to " insert instruction here" Make certain that you have a chain of command to elevate those types of requests to the person that is stopping you from performing that task. If the issue stops the company from functioning...that is that's person's problem and their actions should put themselves at risk, not you.
 
There is no invasion of privacy as company email is not personal private. The fact that there might be personal info being communicated with company email (such as the example of HR) is irrelevant, it's still company email. Personal info can be protected by hr policy, but it doesn't make corporate email private.

The nicest thing would be to have gone through the emails in person, but no need.

I honestly don't see how emails are accidentally showing up deleted items unless they are deleting them. Biggest factor to investigate is if they were showing up as bring marked as read. Unless they have created a filter, the only way the messages would be marked as read is if they actually interacted with the message. Accidental deletions are unlikely to get marked as read.

I could see email from ONE person being accidentally filtered by email client f spam filtering. But from multiple people many times, much more unlikely, especially if they're all internal employees, and coincidentally on important work related topics.
 
Last edited:
Why not just say "ok PM, well we will start putting on received receipts onto these emails to show you are getting them and reading them"


No need to go right into a fight and put him in a corner about all that....I also ask users before remoting into their boxes if its ok.....it may all be company owned.....but doesn't mean I need to see everything someone's working on.


I would have done this:


1) PM states did not get e-mail
2) Contact IT dept to investigate.....send it to the network admin or exchange admin to look into
3) Verify PM doesn't have it auto deleting.....god knows I have a ton going into that.
4) Contact PM and state, we feel that we are unsure why you are not receiving them, we will ensure that there are received receipts on next e-mails.
5) Happens again, contact HR or bring in some team leads/managers to discuss this with the PM......
 
Last edited:
I don't see that you did anything wrong, OP, but it would really come down to what your policy says.

Here's my problem with letting the user know that I'm going spelunking in their inbox prior to doing so; users lie, and I want to solve the problem. As soon as a user reports a problem with mail receipt, I am authorized to go digging into any company datastore to resolve the problem. However, users will report receipt failure for any number of reasons, and rarely because they didn't actually receive a message. So were I to notify them first, they may take it upon themselves to maintain their "honest" image and remove necessary data just "to be right". I've found this to be especially true with big-ego positions like PMs ( and veeps and petty managers too, surprisingly ). I've had that happen countless times, and it's frustrating for those involved; no one knows what the problem is or if it's resolved.

I always make sure that my company policy gives me the right to access whatever company datastore in an effort to resolve issues.
 
This is simple to answer..

Email in an employees inbox is not owned by the employee and they have no guaranteed right to privacy anywhere. Therefore the company can go looking through this person's company email account whenever they want. Often HR will be involved to ensure the company is covering its bases here. Aside from that, this project manager sounds troublesome.
 
He can pound sand. Companies email. Don't use it for non-company business. I know for a fact that all my email goes through gov servers and is scanned for content (think keyword filters) etc.

A response like that is suspicious alone.
 
Do you not have a Company Email Policy that states all of this? If not, then you should be working with HR right now to draft up a that policy.
 
Do you not have a Company Email Policy that states all of this? If not, then you should be working with HR right now to draft up a that policy.

Very much this. Every employee should have signed that.
 
Company property is not his property. User indicated he had a problem, you used your admin powers to determine where the problem lies. The problem is clearly a pebkac. I would refer them to company policy and remind them that everything on their hard drives and in their mail boxes is open for any admin to see. If they have something to hide they ought to keep it out of the work place.
 
Back
Top