Many employers have banned employees from accessing social networking sites during work hours, or place themselves at risk of dismissal. Employers monitoring employee Internet and email use in the UK must do so in accordance with the Regulation of Investigatory Powers Act 2000 and the Data Protection Act 1998 (DPA). They should also have in place clear and well communicated policies. This latter point was reaffirmed by the European Court of Human Rights (ECHR) this summer in Copland v UK, in which it ruled that a Welsh College infringed Ms Copland’s right to privacy by secretly monitoring her work telephone calls, emails and Internet use, contrary to Article 8 of the European Convention on Human Rights. Ms Copland had a reasonable expectation of privacy as she was not warned her communications and Internet usage would be monitored. Perhaps more worryingly for employers, the ECHR also ruled that the College infringed Ms. Copland’s right to privacy by merely storing data relating to her telephone, email and Internet use without her knowledge. Businesses that routinely store emails or retain detailed telephone bills would be advised to review whether such storage is necessary and if so in accordance with the law or otherwise be at risk of claims.