Prohibited downloading and access‐granting o family and friends justified dismissal

An arbitration board has upheld the dismissal of an IT “infrastructure analyst” with Sheridan College who breached system security.

For ten years, Steve Rowe had used his work computer to download pornography, videos, music and games and engage in sexually explicit online chats with his girlfriend. Rowe also gave family, friends and co‐workers access to his Sheridan computer and distributed downloaded materials to them.

His role at the College included responsibility for network security so he had a high level of access to college computers which were linked to the college’s network servers. Shortly after he was dismissed, Rowe posted on Facebook a picture of the backside of a mountain climber with a caption telling his manager to “kiss this.” He removed the picture and apologized when the union advised him to do so.

The arbitration board found that Rowe had occupied a position of trust and had violated that trust. He had signed the College’s handbook, which contained rules for computer use, and he was well aware of the rules. Further, during the College’s investigation, Rowe had attempted to delete the offending material and lied about the extent of his personal use of the computer. In addition, his “kiss this” Facebook post demonstrated a lack of remorse for his conduct.

The decision illustrates that adjudicators are increasingly understanding of the importance of computer security in a networked world. Employers will be justified in imposing strong discipline against employees– particularly IT employees – who violate security.

Sheridan College Institute of Technology and Advanced Learning v. Ontario Public Service Employees Union (Ontario Labour Arbitrator)

(http://www.canlii.org/en/on/onla/doc/2010/2010canlii72611/2010canlii72611.pdf)