Employee Personal Use of Company-Owned Electronic Devices in the Wake of Stengart and Quon
In this technology age, employees increasingly make personal use of workplace electronic communications applications. The legal ramifications of such personal use – and how employers can create policies that balance the right to monitor the workplace with employees’ expectations of privacy – were examined in an informative panel discussion, “Electronic Communications Policies in the Wake of Stengart and Quon” during Gibbons P.C.’s Fourth Annual E-Discovery Conference on October 28, 2010.
Discussion regarding Stengart
The panel kicked off with a discussion of the New Jersey Supreme Court’s March 30, 2010, ruling in Stengart v. Loving Care, which presented novel questions about the extent to which an employee could expect privacy and confidentiality in personal e-mails with her attorney that she accessed on a computer belonging to her employer. The Court held that an employee did not waive the attorney-client privilege when using a company computer to communicate with her attorney via a personal password-protected e-mail account, and that attorneys for the employer who failed to turn over the attorney-client communications found on the computer were subject to sanctions.
A panel member explained that Stengart does not prevent employers from implementing and enforcing unambiguous electronic communications policies or from monitoring employee communications pursuant to such policies. Nor does it prevent employers from imaging and reviewing the contents of an employee’s computer in conjunction with a lawsuit. Employers, however should refrain from reading any communications between an employee and her attorney uncovered as part of such reviews. For further discussion of the Stengart case, see the article co-authored by Richard Zackin and Kristin Sostowski.
Discussion regarding Quon and Nelson
Next, the panel reviewed the United States Supreme Court’s opinion in City of Ontario v. Quon, rendered on June 17, 2010, which examined the Fourth Amendment privacy rights of government employees in their workplace communications. At issue in Quon was whether the Fourth Amendment’s ban on “unreasonable searches” puts any limits on searches by public employers. The Court held that a police chief did not violate the constitutional rights of an officer when he read the transcripts of sexually explicit text messages sent from the officer’s work pager. A panel member noted that in so holding, the Court effectively “punted” the constitutional issue by assuming that the police chief’s reading of the text messages was a search under the Fourth Amendment, but holding that the search was sufficiently narrow to pass constitutional muster.
The panel also noted that the case of NASA v. Nelson, which was argued before the United States Supreme Court on October 5, 2010, represents a new opportunity for the Court to make a broader statement regarding privacy rights. Nelson involves the constitutional right of employees of federal contractors to keep private personal information in conjunction with background checks.
Practical Pointers for Employers Offered
In light of the recent case law regarding employee privacy, the panel then provided practical points as to how employers can craft and execute a reasonable and enforceable electronic communications policy. The panel stressed that the best policies are clear to the intended audience and unequivocally state the employer’s position with respect to an employee’s expectation of privacy in their electronic communications. Training employees and requiring them to sign annual acknowledgements are important in this regard. Additional tips for employers on how to formulate a clear and understandable electronic systems policy are included in an April 2010 New Jersey Law Journal article authored by Kristin Sostowski.
The panel also discussed the importance of having proper monitoring mechanisms and protocols in place, such as reviewing employees’ emails, tracking the time spent by employees on personal websites, and blocking access to certain websites, password-protected email accounts and social networking sites like Facebook.
Finally, the panel addressed issues that companies – particularly national and multinational companies or those who store their data off-site – may have to confront regarding privacy protections found in the federal Stored Communications Act, which prohibits the unauthorized access of stored communications such as e-mail and Internet accounts. The panel also noted the existence of broader privacy protections afforded by the European Union Privacy Directive and other similar international protocols.
The panel fielded a wide range of questions regarding the content of electronic communications policies and the types of monitoring permitted. With regard to content, the panel noted that a policy permitting limited personal use but clearly spelling out an employer’s right to access workplace information, supported by proper monitoring, is usually the most realistic and enforceable approach.