It was brought to my attention recently that our webmaster is regularly reading our Pastors email. Is this an ethical concern for a webmaster? The webmaster works for a private firm hired by the Church to design and run our website. The web company is well known and is growing quickly. The webmaster is also a member of our Church, thus they know every little thing that is going on with everyone that communicates via email on any of the 6 Church staff email accounts they manage as part of the contract. Is this a concern that the Church Council should address, or am I being a paranoid web nave?

Is this a concern that the Church Council should address, ...I would say it is a big concern.

Webmasters shouldn't be reading anyone's email other than their own. This is a matter of privacy.

It also could become a liability for the church should someone email the pastor about some private sin, trouble, or health problem, and the webmaster read the email and happened to blab about it to someone.

Now, that's not the whole story. Corporations typically have email policies that give them the right to monitor all email received and sent from company computers. I mention this because it would be an example of a situation where computer users can't expect their emails to remain private.

But I don't think that applies to the situation of the church webmaster reading the pastor's email.

I'm assuming the church webmaster is not a staff member of the church, nor even a ministry leader. Such individuals might have more of excuse to read the pastor's (or any co-worker's) emails.

Is it possible the webmaster is reading the pastor's email with the pastor's permission or foreknowledge? If so, the pastor might want to consider the legal implications of this.

Those are my thoughts. Other members may very well express different opinions.

Your webmaster should not be accessing your email for any reason without your permission. It is highly unethical for anyone to access someone else’s files without permission. It honestly is the same as if he broke into your office and read your journal or computer files.

No webmaster needs to know your password for any extended period of time.

If it was me, I would contact the private firm first. Have them change all your passwords. Most importantly, you and your staff should be able to change your passwords individually.

Let the firm deal with their employee. They need to address this internally so that this doesn't happen in the future with any of their staff. If you don't tell them, others down the road could be hurt and they could be liable legally.

You are correct that this poses a different situation since he is a member, but I would address this with his employer first.

Now if he has used or distributed any information to anyone or depending on your own discernment of his intentions (being nosy or duplicitous) then I would probably address this with him as believer also and confront the situation. Matthew 18:15-17

I'm sorry you have had this experience.

In Christ,

Just want to add that I thoroughly agree with David & Charles.

No way should a third party have access to be able to read someone else's mail. The policies David mentioned do happen in business but not manually via human intervention, but with a computer. So if mail matches a rule then it gets allowed or rejected accordingly.