page 1
page 2
page 3
Monitoring Employee E-mail, Voice Mail and
Computer Files
Without Violating Employees' Privacy Rights
...continued - pg 3.
Plaintiff argued that the employer's interception of his personal e-mails
and his subsequent termination was in violation of his right to privacy as
embodied in Pennsylvania common law regarding tortious invasion of privacy.
Specifically, the plaintiff argued that the employer violated the privacy
tort of "intrusion on seclusion" which, according to the court,
"prohibits the intentional intrusion on another's private affairs where
such intrusion would be highly offensive to the reasonable person." The
court stated that the test for determining whether an alleged invasion of
privacy is "highly offensive" was a balancing one in which the
employee's privacy interest would be weighed against the employer's business
interest. Id. at 100.
Applying this test, the court rejected the plaintiff's privacy tort
claim. First, the court found that the plaintiff had no reasonable
expectation of privacy in e-mail communications voluntarily made over the
company e-mail system, notwithstanding the assurances by his employer that
such communications would not be intercepted and used against him. The court
reasoned that once plaintiff "voluntarily" communicated the
alleged unprofessional comments to a second person in the company, over an
e-mail system which was utilized by the entire company, "any reasonable
expectation of privacy was lost." According to the court, these
circumstances were far different from other employee privacy cases where the
employee was required to disclose personal information about himself or was
subject to an invasion of his person or personal effects. The court also
found that the employer's business interest in preventing inappropriate
comments over its e-mail system outweighed any privacy interest plaintiff
may have in those comments. Thus, the court dismissed plaintiff's claims. Id.
at 100-01.
The court in Restuccia v. Burk Technology, Inc., 5 Mass. L. Rptr.
712 (1996), reached a different result, finding that an issue of fact
existed as to whether employees had a reasonable expectation of privacy in
their e-mail messages. In Restuccia, an employer who suspected
employees had been using the e-mail system for private communications,
despite the company policy against "excessive chatting," used his
supervisory password to access his employees' e-mail messages which had been
saved onto back-up files. The employer discovered several employee e-mail
messages that referred to him by "nicknames," and also alluded to
his extramarital affair with another employee. The employer terminated the
employees for excessive use of the e-mail system in violation of company
policy, and the employees sued based upon a Massachusetts' law which
protects an individual "against unreasonable, substantial, or serious
interference with his privacy." Id.
The Massachusetts Superior Court denied the defendants' motion for
summary judgment without explaining its reasoning. However, certain facts of
the case suggest the rationale for the court's decision. For example,
employees were permitted to use the e-mail system to send personal
communications. In addition, employees had their own passwords to the
computer system and the employer never informed employees that management
could access employee e-mail messages through supervisory passwords.
According to the court, under the circumstances a jury could rationally
conclude that the employer "unreasonably" interfered with their
privacy. Id.
V. Workplace Searches
Although New York does not recognize a common law right to privacy,
employers should be aware that workplace searches may give rise to other
claims under New York common law, such as a claim for defamation or one for
intentional infliction of emotional distress. See Philip M.
Berkowitz, Employee Privacy in the Age of Electronic Communication,
N.Y.L.J., October 14, 1999, at 5 (citing Kelleher v. Corinthian Media
Inc., 208 A.D.2d 477 (1st Dep't 1994); Vasashelyi v. New School for
Social Research, 203 A.D.2d 658 (1st Dep't 1996)). These torts address
the manner in which the search is conducted as opposed to the employer's
right to conduct the search.. See Berkowitz, supra, at 5.
In order to limit an employer's liability a few rules should be
remembered. First, all workplace searches should be authorized by a
high-level manager who should, before the search is conducted, put in
writing a legitimate reason for the search. Second, all information
regarding the reason for the search should be confined to management
personnel with a legitimate reason to know. Third, the search should be
conducted in a private manner. Finally the search should not be more
intrusive than is reasonably necessary to achieve its legitimate business
purpose. See Berkowitz, supra, at 5.
VI. Conclusion
Although it appears from the discussion above that employer's business
interests outweigh employee privacy interests with respect to monitoring
communications in the workplace, companies seeking to put themselves in the
best legal position should implement an electronic communication policy
carefully tailored to reduce an employee's expectation of privacy. Although
policies should vary depending on the company and its business, all policies
should, at a minimum:
- inform employees that workplace searches may be conducted from time to
time, consistent with the employer's legitimate business interest;
- include e-mail, voice mail and computer files stored on the employer's
computer systems;
- inform employees that the computer files employer's e-mail and voice
mail systems and the communications stored on these systems are company
property;
- insure that all e-mail messages are automatically stored on the
computer's backup system, and that the message delete function does not
restrict or eliminate the employer's ability to receive and review
e-mail correspondence and inform employees that is the case;
- state that the employer reserves the right to review, at any time,
e-mail messages, voice mail messages, computer files and to monitor
Internet use for legitimate business reasons, including retrieving data
in an employee's absence, preventing excessive personal use of business
equipment, and preventing violations of company rules and policies;
- detail the scope of the employer's monitoring;
- state that the employer prohibits discriminatory e-mail messages as a
matter of policy and prohibits obscene, derogatory, defamatory, or other
inappropriate messages including any sexually-explicit material, ethnic
or racial slurs, or anything that could be interpreted as disparaging of
others based on race, national origin, gender, sexual orientation, age,
disability, religious or political beliefs;
- explain that any password protection provided to the employee with
respect to e-mail or voice mail does not provide a special right of
privacy to the employee. Password protection is provided only to prevent
other employees and third parties from accessing the employee's
communications and does not provide the employee with any protection
from access by the employer; and
- inform employees that a violation of the e-mail policy may lead to
disciplinary action, up to and including termination.
These provisions provide a solid foundation for an electronic
communication policy which should shield an employer from liability for any
alleged invasion of its employee's privacy rights. Each employee should be
given a copy of the policy and periodically reminded that the policy exists.
An employer should require its employers to acknowledge in writing receipt
of the policy, either separately or as part of the employer's employee
manual.
|
