Thank you for sharing!

Your article was successfully shared with the contacts you provided.
From decreasing productivity to exposing employers to potential civil liability, employee abuse of e-mail and/or the Internet can hurt employers in a number of ways. Recognizing this, nearly three-quarters of all large employers report that they record and review employee communications and activities on the job. However, recent cases have challenged employers’ surveillance of their employees’ electronic communications based on tort theories and the Electronic Communications Privacy Act. More-over, federal legislation aimed at strengthening the Electronic Communications Privacy Act is pending and the National Labor Relations Board recently ruled that overbroad e-mail policies may violate an employee’s right to organize a union. Although none of these developments is likely to prohibit surveillance of employees’ electronic communications altogether, they may expose employers without well-drafted and consistently enforced policies to civil liability. INVASION OF PRIVACY THEORY Many state courts have considered invasion of privacy and intentional infliction of emotional distress claims brought against employers for their surveillance of employees’ electronic communications. None of them has found an employer liable. This does not foreclose the possibility of a court finding an employer liable for invasion of privacy based on the employer’s monitoring its employees’ e-mail, however. Several states, including California, have a constitutional right-to-privacy standard. When determining whether an employer has violated its employee’s right to privacy, courts generally consider three factors: the employees’ reasonable expectation of privacy, the employer’s special interests and the public’s interest in the particular setting. An employer can avoid liability for invasion of privacy by obtaining consent from its employees. Employees who consent to e-mail surveillance cannot later claim that they had a reasonable expectation of privacy. Employees who have been informed that their e-mails will be monitored also cannot reasonably expect that their e-mails are private. THE ECPA All employers must ensure that their e-mail policies comply with the Electronic Communications Privacy Act (ECPA), 18 U.S.C. � 2510, � 2511, � 2701, et. seq. Generally, the ECPA prohibits the intentional interception and disclosure of wire, oral and electronic communications. Anyone who has had a communication improperly intercepted may bring a civil action under the ECPA against the violator for actual and punitive damages, as well as attorney fees. Violators may be subject to fines and imprisonment. The ECPA has a narrow scope, however. The ECPA defines “intercept” as “the aural or other acquisition of the contents of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device.” 18 U.S.C. � 2510(4). The courts generally have interpreted the term “intercept” so as to make the review of e-mail and other electronic communications lawful unless it occurs during the actual transmission of the message from sender to recipient. Thus, reviewing an employee’s e-mail or Internet use after the transmissions have been completed cannot be viewed as “intercepting” an electronic communication within the meaning of the statute. Moreover, � 2511 expressly allows the interception of an electronic communication if: (1) one party of the communication consents to the interception in advance; (2) the employer furnishes the service and makes the interception; and (3) the employer intercepts the employee’s e-mail in the ordinary course of business. The consent that the ECPA requires to exempt employers from liability can be express or implied. Because determining whether there is implied consent is highly fact-specific, employers should attempt to obtain consent in writing to avoid potential liability under the ECPA. Either obtaining a signed authorization from the employees or distributing an e-mail policy (separately or as part of an employee handbook) will be deemed sufficient. The second factor required to exempt an employer from liability — that the employee’s e-mail service be furnished by the employer — refers to the fact that an employer cannot force an employee to consent to monitoring his e-mails if the employee is using an independent service provider such as America Online. Finally, to be exempt from ECPA liability, an employer must make the interception in the ordinary course of business. The courts have interpreted the term “ordinary course of business” quite broadly. For example, a large company monitoring calls made to its customer service department “for quality assurance” would qualify as an interception in the “ordinary course of business.” Employers also act in the ordinary course of business when they intercept employee communications to prevent theft, control employees’ personal use of business phones and prevent “the potential contamination of the working environment” through remarks about supervisors. To be acting in the ordinary course of business, an employer must be intercepting the personal e-mails or phone calls to determine whether the call or message was personal or to prevent unauthorized use. Therefore, employers should ensure that only authorized individuals are permitted to access e-mail transmissions. Thus far, the ECPA is largely untested by the courts. The few courts that have addressed ECPA claims regarding an employer’s access of its employees’ e-mail transmissions have found that the employer is not liable. It seems that, to protect themselves from liability under the ECPA, employers need only take the following steps: � Obtain express consent from employees; � Review e-mails and Internet use subsequent to the actual transmission; � Provide employees with employer-provided e-mail service; and � Draft a clear and concise e-mail/Internet policy specifying that surveillance is clearly in the employer’s “ordinary course of business.” PENDING FEDERAL LEGISLATION Proposed federal legislation could curtail an employer’s right to inspect its employees’ e-mail significantly. The pending legislation aims to amend the ECPA to require employers to give clear and conspicuous notice to their employees if they review their e-mail or Internet use. Under the Notice of Electronic Monitoring Act, employers would be required to make employees aware of the type of computer use that they will monitor, as well as how — and how often — they will accomplish the monitoring. The act would give employees the right to receive initial notices once they are hired, annually thereafter, and whenever monitoring policies change. However, the proposal would neither prohibit employers from monitoring e-mail, nor require employers to give notice each time they monitor e-mail. This bill also creates a cause of action permitting employees to sue their employers for civil damages if the employers conduct electronic monitoring without the required notice. Compensatory damages would be capped at $5,000 and total damages per person would be capped at $20,000. In cases in which many employees were affected, the bill permits per incident damages up to $500,000. The Notice of Electronic Monitoring Act is expected to become law. Accordingly, employers should be prepared to amend their e-mail/electronics communications policies to comply with it. THE NATIONAL LABOR RELATIONS ACT The National Labor Relations Board (NLRB) recently reviewed whether employers may properly restrict their employees’ use of e-mail and the Internet to organize unions. Although the NLRB has not spoken directly on this issue, an employer who monitors e-mails for union activity may be in violation of the National Labor Relations Act. Generally, under the NLRB’s rules governing restrictions on employee solicitation and distribution, employers may ban distributions of literature that take place on work time and in work areas only. Moreover, employers may prohibit solicitation that takes place on work time only. Under the NLRB’s rules, an employer may exclude union-related materials regarding bulletin boards only if it similarly excludes all other nonbusiness communications. Given the seeming impracticality of applying the solicitation and distribution rules’ work time and work area distinctions to e-mail transmissions, it would seem proper for the NLRB to use either the bulletin board rules or create new rules to apply to union-related e-mails. In 1998, the NLRB’s general counsel examined whether transferring e-mail constituted distribution. The general counsel opined that at least some e-mail messages carry sufficient indicia of oral solicitation to warrant treatment as oral solicitation. In other words, an employer may not be able to prevent an e-mail conversation regarding union activity if the employee was not on work time and the conversation could not meaningfully be distinguished from any other verbal solicitation. The general counsel emphasized that since the employees in question spent most of their working time on the computer and since the computers were inextricably intertwined with the physical space the employees occupied at work, the computer network was part of the work area. Thus, the general counsel concluded, an employer’s rule prohibiting all non-business use of e-mail was overbroad. It did not take long for the NLRB to revisit this issue. This year the NLRB’s division of advice opined that an employer’s handbook provision restricting computer systems for company use was not unlawfully restrictive. The employees here generally had no access to electronic mail or computers. The Division of Advice found this distinction to be material and found that the ban was not an overbroad restriction of the work area use. The NLRB also recently issued a decision refusing to set aside a decertification election based on a union’s allegations that an employer allegedly improperly permitted employees to send mass e-mails promoting decertification. The employer’s policy permitted “occasional personal use” during non-work time if reasonable in scope. The NLRB held that since the union was permitted access to the e-mail system as well as inter-office mail and bulletin boards, the employer did not engage in conduct that interfered with its employees’ free choice. Another recent example of the NLRB’s increased scrutiny in this area involved a nonunion employer’s termination of an employee for sending a company-wide e-mail disparaging the employer’s new vacation policy. The employer claimed that the net effect of the changes to the policy benefited his employees. The employee disagreed (via e-mail) and further stated that his co-workers may not be interested in the debate because most did not care about the company. The employer requested that the employee send an apologizing e-mail for his comments. When the employee failed to produce an acceptable apology, he was terminated. The NLRB ordered the employer to reinstate the employee and provide the employee with back pay. Even though only one employee transmitted the message, the NLRB considered the employee’s e-mail to be concerted activity because it was intended to arouse support for the employee’s decision to oppose the vacation policy. The employee testified that he circulated the e-mail because he thought co-workers needed help in making an informed decision about the new policy. Although the board found the employee to be somewhat of “a wise guy,” it found that even a nonunion employer must not take immediate action against an employee based on the content of an e-mail without evaluating whether such e-mail may be perceived as “concerted activity. Although the NLRB’s position is unresolved and fact-intensive, it is clear that an employer should not prohibit union activity e-mails but allow e-mails for other personal reasons (such as selling Girl Scout cookies). Moreover, an employer must not enforce his e-mail surveillance policies selectively. For example, suppose an employer with an e-mail surveillance policy observes his employees using the system for a wide variety of personal reasons, but generally does not discipline his employees for those uses. Suppose further that the same employer enforces the policy only after discovering e-mails related to union activity. Such selective enforcement likely will be viewed by the NLRB as violating the employees’ right to organize. The board certainly would view such selective enforcement as a violation of the National Labor Relations Act. STEPS EMPLOYERS SHOULD TAKE First, employers may restrict all personal e-mail and Internet use, but such a global restriction likely will alienate those employees who spend a majority of their working time at a computer. Therefore, a sounder policy would be to restrict the types of personal e-mail and Internet use that will disrupt the workplace, such as the following: � Represent their personal views as those of the company; � Search for other jobs; � Disseminate harassing or offensive materials; � Express political views; and � Solicit or advertise matters unrelated to business. Employers could incorporate into their employee handbooks e-mail policies such as the following: “The e-mail and telephone systems are primarily for business use, but limited and reasonable personal use is permitted.” Second, employers should have well-drafted electronic communications monitoring policies stating that the employer has a right to monitor both e-mail and Internet use. The policy should be consented to and signed by the individual employees and kept in employee personnel files. Such a policy will be an employer’s best shield against lawsuits brought under an invasion of privacy theory or an alleged violation of the ECPA. Employers with unionized workforces must take extra care when they draft e-mail policies. This is of particular importance when determining whether the selective enforcement of a monitoring policy violates the National Labor Relations Act. While the law is still unclear, the NLRB is more likely to find a violation if an employer’s rules about e-mail surveillance are lax. Finally, employers must keep an eye towards Congress and be prepared to change their policies to conform with the Notice of Electronic Monitoring Act. Monitoring of employees’ e-mail and Web use is critical to the optimum performance of many work forces, but with courts and agencies tackling these electronic communication issues and federal legislation on its way, employers must ensure that the proper electronic monitoring policies are in place to avoid potentially expensive lawsuits. Daniel F. Murphy, Jr. is a partner in the Labor and Employment Department of New York’s Putney, Twombly, Hall & Hirson. He represents management exclusively in all aspects of labor relations, employment law and related litigation.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

Reprints & Licensing
Mentioned in a Law.com story?

License our industry-leading legal content to extend your thought leadership and build your brand.


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.