Since Google became a household name in the 1990s, companies have been implementing policies concerning their employees’ use of the Internet while at work. Today, the majority of employers large and small tell workers that they may monitor anything the employees access on their work computer. Ridgefield Park, N.J.-based home health care provider Loving Care Agency Inc. was no exception.
But when Loving Care acted in reliance on its policy and read some e-mails an ex-employee had sent to her lawyer, the Superior Court of New Jersey Appellate Division wasn’t happy. In Stengart v. Loving Care Agency Inc., the court ruled that in certain circumstances, an employer’s regulations have to yield to the employee’s privacy rights.
“The policies undergirding the attorney-client privilege substantially outweigh the employer’s interest in enforcement of its unilaterally imposed regulation,” Judge Clarkson Fisher wrote. “We reject the employer’s claimed right to rummage through and retain the
employee’s e-mails to her attorney.”
The decision has surprised employment lawyers, who have long believed that as long as an employee was on notice that the company would monitor everything they did on the Internet while at work, any document on the employee’s computer was fair game in litigation.
“Typically, having a conversation with your lawyer in a nonconfidential setting, such as a crowded lunchroom, is viewed as a waiver of privilege,” explains Jackson Lewis Partner Brett Anders. “Using your employer’s computer to talk to your lawyer, when the employer has communicated a policy of monitoring your computer use, is like having a third party in the room.”
According to the court in Stengart, that’s not always the case. Marina Stengart had been the executive director of nursing at Loving Care Agency. Shortly after she resigned from her job in January 2008, she filed a lawsuit alleging violations of the New Jersey Law Against Discrimination and Title VII. Loving Care made a forensic image of the laptop Stengart had used while she worked there. The company discovered several e-mails Stengart had sent to her lawyer from her personal Yahoo mail account regarding the upcoming lawsuit. A few months later, the company produced those e-mails to Stengart in discovery.
When her attorney, Donald Jacobs of Budd Larner, received these e-mails, he was shocked. He asked the court to order the company to return the e-mails and destroy all copies. His request was denied. The appellate court thought the issue was important enough to grant Stengart leave to appeal the decision.
In its June 26 opinion, the appellate court took Stengart’s side, holding that the employer’s policy was unreasonable under the circumstances. Jacobs saw the decision as a matter of common sense trumping technicalities.
“Everyone uses a company computer for some personal purposes–it’s a fact of life,” he says. “The employer does not have a legitimate interest in reading personal e-mails accessed through a personal, password-protected e-mail account.”
But for employers, the analysis is not so clear. “It’s easy to see how counsel for Loving Care thought they had a right to review these e-mails,” says Eric Savage, a shareholder at Littler Mendelson. “[Employers think,] ‘I own the computer, I provide the Internet access, and you accessed these e-mails on my server. Why don’t I have the right to read them?’”
Indeed, other courts have taken that exact approach to this issue. In similar scenarios, numerous courts have found the employer had a right to review an employee’s “private” communications. In the 2007 decision in Scott v. Beth Israel Medical Center, a New York state appellate court found that an employee waived the attorney-client privilege when he used his work computer to communicate with his lawyer because the employer’s electronic communications policy put him on notice that such communications would not be kept private.
Yet in other cases, the courts have been wary of employers who snoop in workers’ files without good reason. In the 2008 case Quon v. Arch Wireless, the 9th Circuit found that a police department violated an officer’s right to privacy by reviewing text messages he sent from an employer-issued pager.
Walk the Line
The upside of Stengart is that the decision does not completely bar employers from controlling the use of their computer systems. Rather, employers retain the right to monitor what their employees do on their networks and take appropriate disciplinary action on inappropriate conduct or unauthorized personal use.
“The court acknowledged that if the employer has a business reason for monitoring the employee’s activities, they are permitted to do so,” Anders says. “Employers can still place restrictions on the use of their systems and impose discipline for violation of company policy.”
Stengart also leaves room for monitoring even private communications if the employer has a very clear policy that puts the employee on notice that personal e-mail will be read.
To that end, employment lawyers recommend updating policies to include specific language indicating that electronic monitoring will include any communications that pass through the company’s servers or equipment, including communications in a personal e-mail account.
“It’s also essential to have proof that the employee received the policy,” Savage advises.
Counsel for Loving Care declined to comment other than to say that they plan to appeal to the state supreme court. At press time, the court had not decided whether to hear Loving Care’s petition for review.