The comments below are from my own experiences in the security field. I agree with most of this in principle though.
California Senate passes e-mail privacy bill http://zdnet.com.com/2110-1105_2-5220883.html
I agree that employees should be notified on corporate monitoring activities and know in advance the privacy expectations of Internet, email, and other resources. We did this as a courtesy in our workplace from day one when we implemented our Internet connection in 1997. It made a difference in preventing a lot of unfortunate and unpleasant situations (e.g., having to fire someone for misusing the Internet at work).
When I helped formulate our corporate security policies at work, we had "banner messages" on all systems, telling our professionals that "monitoring was in place for security purposes" and "information resources are primarily for business use only". I even helped back in 1985 with ACF2 implementation on our IBM mainframe and we had this type of banner message present.
Security monitoring was also highlighted in corporate policies that employees signed annually and even emphasized in a letter by our company president and on our Intranet security site containing all corporate policies.
Finally, it's very important to keep logged information secure and private, as it can be misused by uninformed individuals. Only managers working through HR could get information for a specific employee. The security team should work with their corporate legal team in ADVANCE of having to use this, so that all the i's are dotted on the right way to handle violations.
I think this type of notification protects the employers (from legal action, where an employee might say "you didn't tell me" - even though it might be assumed) and employees (so they know they'd better conduct themselves appropriately in the workplace). Still, it's ashamed that a law is needed for something that should be standard operating procedures for any business.