PC E MAIL ADDRESSES

Question

Can the use of PC E mail addresses be mandated?

Does the Clerk have access to your account and able to read all your Council correspondence?  Is there any password facility?

I understand the reasons why these addresses are  preferred but surely your Council correspondence is private and not Council property ? (or is it) .

Answer 1

The Parish Council email addresses come under the same regulations as a business.
More and more Councils are moving to this form of communication as it is easier to manage for foi requests

Answer 2

It all depends on where the emails are operated from and who is designated to manage the email boxes. If the clerk manages and updates the website then it is fair to assume that the web servers have a designated number of email boxes allotted to the website. Whoever manages will have full access to ALL of the email addresses and their contents for such things as replacing lost log in details and removing councillors who leave etc.

The council must have in place a robust policy for use and management of the mailboxes taking into account privacy issues and security of the email contents and their storage and publishing and distribution.

 A bit of a minefield you tread at your peril. For instance do you specify that the PC automatically takes ownership of anything a councillor puts into an email? and can dictate what happens to it?

Answer 3

It can be mandated by application of 2018 GDPR.  If a Cllr chooses to use their private E mail address, they must provide assurance to the council that they are complying with the act with respect to the way they process personal data and protect it etc.  For many they may not be able to give that assurance due to lack of understanding about the act, and inability to apply control measures or set the security of the devices they use.

The ability of the clerk to read  Council E mails will depend on the set up of their mail servers.  If they are located remotely and managed by an external service provider, the clerk would have to stipulate remote access and permisions being given to them.  If it came as part of a package with the Internet Service provider, the Clerk may be able to nominate themself as an administrator to gain access. If it was provided by the Principal Authority, that would be the most likely to be secure, and least open to unrequested access.

Answer 4

The Information Commissioner's Office recently (literally days ago) issued further guidance on what counts as council correspondence and were very clear that any correspondence which relates to council business (and their definition is really quite broad) sent by a councillor and/or the clerk or staff member, whether sent from a council email address or a private email address is classed as council business and must be released on receipt of a legitimate Freedom of Information Request.  They used an example whereby a councillor might send a personal email arranging to meet a colleague for coffee and the second paragraph might include reference to an agenda item for a meeting and concluded that this would make the email discoverable following a FOI.
With regard to the Clerk's access to emails sent/received through an official council email account, I agree it would depend upon the arrangement with the email host/provider but I've yet to meet a system which doesn't permit the account holder from changing the password so I find it hard to believe the Clerk or anyone else would routinely have access to the content unless there was a really good reason for the email hosting service to release the content (not that I've ever asked).

Comments

I broadly agree with this answer I work on the assumption that at Parish level third parties will read all of my emails whether there’s any entitlement or not
Plus it only takes one click for an email to go viral or into the press
You can’t have privacy if the emails are covered by the FOI
That doesn’t mean Councillors can’t discuss / consider matters between themselves it just means that you don’t use emails or in theory letters

Answer 5

You should, in theory, know whether the Clerk (or anyone else such as your IT support) has access to your emails. This is because, under the UK GDPR, the Parish Council must be transparent about such matters. This means that your privacy notice or information security policies must explain whether correspondence is monitored and the Parish Council must have a lawful basis for such monitoring.
If your Clerk were to read messages without good cause they may find themselves in hot water. The Information Commissioner's Office has prosecuted a number of employees who have accessed information without a business need to do so. For example, doctor's receptionist or police civilian staff accessing information about people they know out of curiosity.