by Elijah Yip
It’s difficult to imagine doing business today without electronic communications. E-mails, faxes, and text messages at work are commonplace, and newer technologies like social networking have increasingly gained acceptance. Monitoring your employees’ electronic communications can yield valuable information―such as employee morale or unlawful or dishonest conduct―but you need to be aware of the legal pitfalls of doing so.
Invasion of privacy
Most states recognize invasion of privacy as a legal claim. Employees who sue their employer as a result of electronic monitoring often state their privacy claims in terms of “intrusion into seclusion,” which occurs when there is an unauthorized intrusion into an employee’s private matters that a reasonable person would find highly offensive and that caused the employee anguish and suffering. “Intrusion” can occur even when the employer doesn’t gain access to an employee’s communications using forcible means.
For instance, the practice of “shoulder surfing” can be an invasion of privacy. In a New Jersey case, a hospital’s management learned of harsh comments posted by a nurse, Deborah Ehling, on her personal Facebook account. A supervisor asked an employee who was “Facebook friends” with Ehling to pull up her profile and posts while the supervisor looked on. Ehling sued the hospital for “intrusion into seclusion.” The court recognized that the law as it pertains to the expectation of privacy for social networking is still developing, but it nevertheless allowed Ehling’s invasion of privacy claim to move forward. Ehling v. Monmouth Ocean Hospital, D.N.J., May 30, 2012.
Stored Communications Act
The Stored Communications Act (SCA) is another notable pitfall. The SCA prohibits “intentionally access[ing] without authorization a facility through which an electronic communication service is provided . . . and thereby obtain[ing] . . . access to a wire or electronic communication while it is in electronic storage in such system.” Passed before the rise of the Internet, the SCA is a highly technical statute that requires employers to confront issues like the physical location where electronic communications are stored, the purpose for storing electronic communications, and whether an employee implicitly consented to the company accessing the communications.
One case involving a company’s liability under the SCA for monitoring BlackBerry® text messages sent by an employee turned on whether the fact that the messages were synchronized with the company’s server authorized it to access the messages. Shefts v. Petrakis (C.D. Ill., Sept. 13, 2012).
You should be mindful of how you shape your employees’ expectations of privacy. For example, if you intend to implement a formal monitoring program, you should notify employees of your plans. You also need to be wary about accessing electronic communications that employees keep hidden from public view―for example, through password protection or restriction to a select network of individuals. It’s advisable to consult with an attorney to deal with the more technical aspects of complying with the laws governing access to electronic communications.