I am not aware of any statutory requirement for consent but it is highly advisable. The case linked above concerned a company that terminated an employee (too much porno viewing at work) and the company wanted employee to return a computer that had been proveded to him for home use. The company also wanted it returned with no data on the hard drive deleted so they could show the guy used that computer to accesss porno also. The court discussed the employee's "reasonable expectation of privacy" and modern "community norm" for computer monitoring and used a good quote discussing the value of signed consents:
"We are concerned in this case with the "community norm" within 21st Century computer-dependent businesses. In 2001, the 700,000 member American Management Association (AMA) reported that more than three-quarters of this country's major firms monitor, record, and review employee communications and activities on the job, including their telephone calls, e-mails, Internet connections, and computer files. Companies that engage in these practices do so for several reasons, including legal compliance (in regulated industries, such as telemarketing, to show compliance, and in other industries to satisfy "due diligence" requirements), legal liability (because employees unwittingly exposed to offensive material on a colleague's computer may sue the employer for allowing a hostile workplace environment), performance review, productivity measures, and security concerns (protection of trade secrets and other confidential information). (American Management Assn., 2001 AMA Survey, Workplace Monitoring & Surveillance, Summary of Key Findings (April 2001) (hereafter "AMA Findings") < > [as of Feb. 13, 2002]; and see McIntosh, E-Monitoring@Workplace.com: The Future of Communication Privacy in the Minnesota Private-Sector Workplace , 23 Hamline L.Rev. 539, 541-542, fn. 10.)
It is hardly surprising, therefore, that employers are told they "should establish a policy for the use of [e-mail and the Internet], which every employee should have to read and sign. First, employers can diminish an individual employee's expectation of privacy by clearly stating in the policy that electronic communications are to be used solely for company business, and that the company reserves the right to monitor or access all employee Internet or e-mail usage. The policy should further emphasize that the company will keep copies of Internet or e-mail passwords, and that the existence of such passwords is not an assurance of the confidentiality of the communications. An electronic communications policy should include a statement prohibiting the transmission of any discriminatory, offensive or unprofessional messages. Employers should also inform employees that access to any Internet sites that are discriminatory or offensive is not allowed, and no employee should be permitted to post personal opinions on the Internet using the company's access, particularly if the opinion is of a political or discriminatory nature." (Fernandez, Workplace Claims: Guiding Employers and Employees Safely In And Out of the Revolving Door (1999) 614 Practicing Law Institute, Litigation and Administrative Practice Course Handbook Series, Litigation 725; * * *"
My opinions are not legal advice and are worth what you paid for them.