I ran across the article "IRS employee uses Outlook rules to intercept boss's e-mails, convicted of wiretapping" irs employee uses outlook rules to intercept boss's e-mails. Essentially the former IRS worker setup a rule on the server to forward copies of his boss' email to his email so he could monitor the emails to see if anything was said about him.
The question from the article was do you charge him under the Wiretap act for intercepting messages or Stored Communications Act for copying them. Apparently he got hit with an 18 month sentence under the wiretap act.
I wonder how common this is? Clearly the rule implementation is in place for corporate and government owners of email systems to meet all kinds of monitoring and compliance regulations. But I've run across this same situation a couple of times. I have no idea what the motivation was, but in the situations I've seen, a manager (both cases were managers) sets up or has someone with admin access setup a rule to copy messages sent/received by another manager to his email account.
In each case, I ended up disabling (but did not delete) the rule and strongly suggesting to my immediate supervisor that they audit the email and firewall rules as there were signs that the system may have been compromised - it was not really clear what other action I should take and I hadn't actually thought about this in terms of legal/criminal activity (unethical, yes) until I saw this article.
Unlike the government action these cases occurred at companies small enough (fewer than a thousand employees) that they didn't even have a formal HR department so there was not a whole lot of formal policies in place for IT systems or anything else although they did have the standard login boilerplate "systems belongs to the company and only to be used for company business e.t.c".
Of course the government case might have ocurred at a small regional/branch office, large enough to warrant its own email server and managed more or less locally,
which is why the employee thought he could get away with it so the IT
situation there may be very similar to a smaller company.
Update
Just to clear up/respond to some questions that I've received. The above has nothing to do with the fact that employers can and should have monitoring and policies in
place to protect both themselves and their employees. What appeared to be occurring both above and in the IRS case was one employee literally spying on another
employees emails - whether for business or a personal advantage was not clear.