That's probably true in the USA, but it's not the case in many other places. Here, for example, since the pages you visit can disclose your personal, private, tastes/religion/political affiliation, are considered as personal data and the employer cannot control them if he doesn't tell you beforehand.
Of course it's good advice to know and read company policies (if they're in place, if not you're free to do as you will).
In the case of Smyth v. Pillsbury Co., an employee was terminated for sending inappropriate email over the company's computer system. Despite the fact that the company had informed its employees repeatedly that the system was not being monitored, not only was it being checked but it could actually provide basis for being terminated. These electronic messages proved to be the basis for the termination of Smyth who sued the company for wrongful discharge and invasion of privacy. This case was dismissed, because the court determined that Smyth did not have a reasonable expectation of privacy for the actual contents of his electronic messages despite the fact that the company had assured its employees that these messages were secure and could not provide the basis for a termination. The court determined that there could be no reasonable expectation of privacy because these messages were being communicated to a secondary person as well as the fact that the company had an overriding public interest in preventing inappropriate or unprofessional communications over the company's intranet system.