Sex, Lies and E-Mail Systems
Employees spend a significant portion of their day at work, and increasingly communicate by electronic mail, Internet or voice mail systems. Every employer, however, has heard stories about employees downloading pornography, e-mailing confidential information to competitors, or disseminating negative information through the Internet to the public. Intel recently won its battle with a disgruntled former employee who had waged a four year e-mail campaign against it. Chevron Corporation paid four plaintiffs $2.2 million after evidence of sexual harassment was found in e-mail. Morgan Stanley Group was sued by African-American workers who alleged that racist jokes were sent by e-mail. And Salomon Smith Barney dismissed two executives last year who, in the face of a written policy prohibiting improper use of electronic communications, were alleged to have transmitted sexually explicit materials via e-mail.
The potential exposure created by improper e-mail use would seem to provide ample justification for employer monitoring of company-owned e-mail systems. But many employees still believe that their use of e-mail is and will remain private. Striking a balance between the privacy interests of their employees and their company's legitimate interest in the proper use of its electronic systems has become a significant challenge for today's employers. The key to avoiding misunderstandings and setting clear guidelines may be the old-fashioned employee handbook.
With a few limited exceptions, it is unlawful in California to wiretap, eavesdrop, or record confidential communications without the consent of every party to the communication. Cal. Penal Code _ 632. Under this statute, the term "confidential communication" is defined to include "any communication carried on or in circumstances as may reasonably indicate that any party to the communication desires it to be confined to the parties thereto." In other words, the statute applies in any situation where a party would have a reasonable expectation of privacy. The statutory prohibition against surreptitious monitoring of confidential communications applies specifically to telephone, telegraph, and actual in-person communications. This statute has also been extended to include the monitoring of cellular phone calls. People v. Stevens, 34 Cal. App. 4th 56 (1995).
Although recent statutory amendments still fail to make clear whether e-mail is specifically included in the definition of "confidential communication," the Penal Code definition itself is broad enough that an argument inevitably would be made that e-mail should be included.
In Flanagan v. Epson America, employees alleged that they were told that their e-mail was private and confidential, and that no one informed them that it could be intercepted or read. They claimed that the employer stressed the privacy and security of the system, and issued secret passwords to prevent unauthorized access. However, the employer systematically intercepted, copied and read employee e-mail. The trial court ruled that the California Penal Code provision protecting confidential communications was not intended to apply to e-mail, and also rejected the plaintiffs' Federal Wire Tapping Act claims because the equipment used for interception of the messages was provided by the employer. The decision of the trial court was upheld on appeal, but is unpublished. (Case No. BC007036, Los Angeles County Superior Court (1991)).
In Shoars v. Epson, a related case, an employee protested her termination for complaining about the employer's e-mail monitoring, and sued under the same theories as the employees in Flanagan. The court was equally unresponsive to Shoars' claims. (Case No. SCW112749, Los Angeles County Superior Court (1994)).
Bourke v. Nissan Motor Corporation contained similar claims. In addition, the employees whose mail was read were fired because some of the messages included inappropriate jokes and language. The court granted summary judgment for the employer, finding that the employees had no reasonable expectation of privacy in their e-mail messages, because they had signed a form saying company policy restricted computer use to company business, and also because they were aware in advance of their terminations that their e-mail was read from time to time by individuals other than the intended recipients. The appellate court agreed in another unpublished decision. (Case No. BO68705 (1993)).
Despite these challenges, employers regularly monitor the use of voice mail and e-mail systems to ensure that employees are utilizing these systems properly and primarily for business purposes. Indeed, a recent survey showed that 45% of U.S. employers engage in some form of electronic monitoring of employee communications. Almost 30% expressly store and review e-mail. The "delete" button simply is not creating the privacy one may assume.
In California, our Constitution states that employees have a constitutional right to privacy, which protects them from unwarranted intrusion by businesses, including by their own employer. And the cases discussed above leave no doubt that many employees feel their privacy is invaded if they learn of employer monitoring. Absent a well-crafted policy by the employer governing use of electronic systems, a question may well exist as to whether an employer can legitimately monitor certain non-business related employee communications.
Indeed, the problem has now become so acute that a bill has recently been proposed in the California Senate which would, if enacted, prohibit an employer from "secretly" monitoring the electronic mail or other personal computer records generated by an employee. The bill, Senate Bill 1016, would require an employer who intends to inspect, review, or retain any personal e-mail generated by an employee to first prepare and distribute to all employees a workplace privacy and electronic monitoring policy. Employers who violate the proposed law would be guilty of a misdemeanor.
To manage expectations and to reduce the risk of invasion of privacy claims, employers can quickly and easily diminish an expectation of privacy by publishing and disseminating a written policy indicating that e-mail, voice mail, and the Internet are to be used primarily for business purposes and that all communications must be appropriate in content. Most importantly, the policy should make clear that the employer has the right to review these communications with or without the express consent of the employee. Such a policy or statement is the surest way to significantly reduce the employees' expectation of privacy and diminish the risk of exposure to the employer. Should the proposed legislation pass, employers may be all but required to have such a policy or statement in place.
These materials have been prepared by Brobeck, Phleger & Harrison LLP for information purposes only and are not legal advice. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship between the sender and receiver. Internet subscribers and online readers should not act upon this information without seeking professional counsel.