[scrollaway]

AFAIK the legality of it is not consistent.

I had an employer who insisted that after I leave, every email I receive to my corporate address be forwarded to him. I remember asking a lawyer how legal this is and not receiving a conclusive answer. (Still interested in an answer for CA+NY if someone knows)

[dekhn]

Just so I understand what you're complaining about: 1) you worked for a company 2) the company provided you with an email address via their corporate email system 3) you left the company 4) the company wants to read email sent to your work email address in their corporate email system

Yes, it is totally legal for them to do that, there is no question, and it wouldn't make sense for it to be any other way.

[e12e]

Consider this: your former employer receive a closed envelope addressed to you, c/o workplace, from a medical clinic. Would you assume the employer could open and read this mail?

I'm sure jurisdictions vary, but in Norway, excepting any written concent, your employer may not read mail addressed to you by name.

Personally addressed work email likely (but not certainly) fall in a similar category.

[mikepurvis]

I get the analogy, but I'm really not sure it applies in practice.

Like, who would use their work mailing address with a medical clinic? The only physical mail I've ever had sent to my workplace is maybe the occasional December parcel that I need to conceal from its ultimate recipient. We're long past the days where anyone's work email address is their only (or even primary) email address.

[Symbiote]

Someone working somewhere "temporarily" (however long that may be) and living in company-provided accommodation, or where that is more secure than private accommodation.

- A politician with a state-provided residence in the capital city.

- A soldier living in a barracks

- A teacher living at a boarding school during the term, or someone very senior at a university with an on-campus house/apartment. Or a PhD student.

- A vicar or priest living at the vicarage

- A diplomat or embassy staff posted abroad

[mikepurvis]

Those are good examples, though in most of them it's still clearly a residence, not a workplace. So I would expect there to be protocols in place for securely forwarding items which are personal in nature— particularly since this is not a tech problem, it's something people in these kinds of roles would have been dealing with decades ago.

Certainly for myself many years ago as a university student, I acknowledged that my lodgings were temporary and had anything of any importance at all sent to my parents' address.

[pwg]

> We're long past the days where anyone's work email address is their only (or even primary) email address.

You'd be surprised. For those of us here on HN, your statement has been true for decades (for some of us).

But for the average 'worker', there are still way too many who's only computer is the 'work laptop' and who's only email address is 'the work email address'. This tends to be the tech-unsavy and/or tech-fearful crowd that falls into this bucket (who also don't browse HN, so we never interact with them here), but they are still present, and there are far more in this bucket than most tech-savy folks realize.

[goatinaboat]

But for the average 'worker', there are still way too many who's only computer is the 'work laptop' and who's only email address is 'the work email address'

As recently as 10 years ago I would have agreed but now smartphones and tablets are so common I think more people have an email-capable personal device, and probably a “free” email address.

[pwg]

Sadly, no...

Just about a month or so ago the union at $job emailed around to again warn members that, yes, management does monitor your work machines, and indicated that just recently several employees were targeted for using their work laptop at home, after hours, for personal purposes, and one of the personal purposes was one of the specific 'uses' (porn) that management keeps a close watch out for and goes after users for accessing on their work machines.

[saagarjha]

Perhaps an on-campus or company-affiliated clinic?

[e12e]

> Like, who would use their work mailing address with a medical clinic?

Someone hiding their visit from a spouse?

[dvtrn]

https://about.usps.com/who-we-are/judicial/admin-decisions/2...

[aklyw]

If there is no question, why is this dehumanizing practice completely illegal in many European countries?

The productive part of the population is treated like children in the US. Daddy gives you health insurance and reads you diary. If daddy no longer likes you, daddy cancels you health insurance but still reads your mail.

[Symbiote]

I think the UN Convention on the Rights of the Child, which includes a right to privacy, should restrict "daddy" from reading his child's diary, although it's not clear to me if there are limitations to this.

[zelon88]

I've had experiences where I've emailed people who left and received nothing in response, only to find out days/weeks later via other means that person left the company.

I've also experienced where I've emailed people who left and received immediate automated replies informing me of the change and providing me with a new contact person.

I've never, ever experienced a time where I've emailed person@company[dot]com and received a casual reply like "Hey man, I quit that place. Hit me up and we can grab beers!"

And I think anybody would be shocked if that were the case. Especially if you kept getting those emails as a former employee and no other current employees were getting them also. Nevermind mailboxes cost money or physical resources most of the time. To expend those resources to all former employees indefinitely is not practical. And I don't want to keep my mailboxes at former employers anyway. I have enough notifications on my phone to be batting away vendors and suppliers from previous employers.

[scrollaway]

To be clear, this was the employer refusing to close the email account / set up an out of office, they just wanted all email redirected to them. Nobody said anything about being able to continue using the email.

[dekhn]

... this is totally reasonable for an employer to do. For example, sales person at a company. Probably sent/received many emails that are relevant to sales at the company, rather than using a mailing list (I see this a lot). After the sales person leaves the company, the company needs to maintain relationship with the people who worked with the sales person. Keeping the old email open rather than dropping them on the floor makes sense (otherwise your customers will hate you).

[vidarh]

This depends on jurisdiction, so just saying "yes" is wildly misleading.

Expectations of privacy - even for corporate e-mail - is a thing some places. To what extent it applies tends to depend on a whole range of things.

[d4mi3n]

Ownership of the email address/account is important. If you're using a corporate account, communicating on behalf of your employer, and have been informed ahead of time that all emails from said account are monitored, I don't believe many people could reasonably argue an expectation of privacy for personal correspondence in such a setting.

Additionally, if you work for a company or industry where such correspondence must be preserved and tendered on request due to applicable laws or regulations, such organizations are legally required to have access to all employee emails.

[jmuguy]

That is standard practice for literally every corporate email account I've ever encountered in 15 years of IT work. You do not own your company email address anymore than you own the extension on the phone on your desk at work.

[icedchai]

It's the company's email address, they can forward it whereever they want. Forwarding an employee's email to their supervisor upon departure is standard practice is many companies.

[saagarjha]

This is one of the reasons using your corporate email address for anything outside of work is a poor idea. I know some who chafe at using a corporate email address even while doing work for the company, not because they think it's inconvenient or an invasion of privacy, but because they lose access to it and people may contact them at the old address and not be able to find them afterwards.

[there_the_and]

This is standard practice, it's not your email address, you are just using it for work, and your employer needs access for a variety of very obvious reasons. This should not be news to any technology professional and it's mind-blowing seeing these comments on HN.

[d4mi3n]

The question is fair. Capability does not guarantee legality, and there are plenty of cases where an individual who can access an email is not legally entitled to:

1. My ISP provides me internet access, but they are not entitled to collect my bank information when I access my bank account.

2. Depending on the nature of the corporation, it may not be legal for an individual to forward emails in the manner described. Consider: what if the email account belonged to a lawyer or doctor? Client confidentiality probably trumps many other legal concerns here.

3. Is said manager part of the IT/InfoSec department within this organization? If not, they may be circumventing organizational controls, which in itself may not be legal.

Context is important.

[vidarh]

Then consider that it's mindblowing to you because you're not used to any of the many jurisdictions where there is a legal expectation of (some) privacy at work.

Under European data protection laws, for example, many countries have considered the privacy restrictions to extend to employee e-mail addresses.

This includes Norway, for example, where employees have extensive rights to prevent employers from accessing their corporate e-mail accounts without substantial safeguards to prevent them from accessing personal information, and including rights to be notified where possible, be present, be able to respond and challenge the access etc.

You can find a lengthy (in Norwegian, though Google translate ought to do a decent job) walkthrough of the rules here [1].

Not everywhere treats people as serfs at work.

[1] https://www.datatilsynet.no/personvern-pa-ulike-omrader/pers...

[ska]

The confusing thing for me here is why you would assume you would be able to receive any mail addressed to your old corporate address, in order to forward it. Or did I just misunderstand what you meant?

The corporation owns the email server, so their choice when you leave for whatever reason, is either to disable the account entirely (or give a bounce message) or keep it active.

Is your question really on the legality of the latter case, i.e. once you've left a company can they keep your email address live and perhaps even respond from it?

[scrollaway]

I never assumed that. To be clear, this was the employer refusing to close the email account / set up an out of office, the CEO just wanted all email redirected to them personally. Nobody said anything about me being able to continue using the email.

[ska]

Gotcha - it wasn't actually clear from the way you wrote it originally.

So in that case it is really jurisdictional. The US falls down pretty heavily on the corporate-owns-everything, but not everywhere does.

In my experience It's pretty common for companies to retain emails of people who have had outside contacts at least for a while, so nothing gets dropped on the floor, usually redirected to a supervisor or whomever took over the projects.

[duxup]

Did the lawyers who thought it might be illegal explain their thinking?

I would assume even just to do business fluidly they might need access.

[floatingatoll]

How many hours are willing to be billed for in research, and are you willing to go to court to seek a conclusive answer if none is found in research?