Employee Privacy

Employee Privacy: Monitoring of Telephones, Pagers and E-mail

December 7, 2000

Ready or not . . . we have entered the technology age. This means new technology to make your life easier . . . or not?

With advancements in technology come new issues for employers. Many workplaces now have voice mail, e-mail, Internet access, and pagers. While this technology may make access to information and people easier and quicker, it also creates the potential for employees to abuse and/or misuse the systems. It also raises new concerns about employee privacy. This article will analyze some of the laws which may be implicated by these issues.

1. Federal Wiretapping Act

The Federal Wire and Electronic Communications Act, 18 U.S.C. §2510, et seq. (commonly referred to as the "federal wiretapping act"), prohibits intentional interceptions of wire, oral or electronic communications. "Intercept" is defined as "the aural or other acquisition of the contents of any wire, electronic or oral communication through the use of any electronic, mechanical or other device." 18 U.S.C. §2510(4). An exception exists, however, for any "telephone or telegraph instrument, equipment or facility" furnished to a subscriber or user of wire or electronic communication services by the provider of such services and "being used by the subscriber or user in the ordinary course of its business." 18 U.S.C. §2510(5)(a). There have been several cases applying this statute, and in particular the ordinary course of business exception.

In Arias v. Mutual Central Alarm Service, 202 F.3d 553 (2nd Cir. 2000) the plaintiff claimed that his employer violated the federal wiretapping act by recording all conversations on company telephones. Despite a factual dispute as to whether the employee had consented to the recordings, the Court held that legitimate business reasons justified the recording of all incoming and outgoing telephone calls. The business reasons which justified the recording included protecting sensitive security information and maintaining accurate records of emergency calls. The practice was also standard in the industry.

Other courts have agreed that consent of the employee is not required for the ordinary course of business exception to apply. See, e.g., Adams v. City of Battle Creek, 15 IER Cases 254 (W.D.Mich. 1999) (holding that interception of police officer's pages did not violate the federal wiretapping act). With respect to the covert nature of the recording, the Adams court stated:

Covert monitoring is generally deemed to be undertaken in the ordinary course of business only if it is "undertaken normally" or is "justified by a valid business purpose." Berry v. Funk, 146 F.3d 1003, 1009 (D.C. Cir. 1998).

Id. at 256. The Court concluded that the temporary monitoring of the police officer's pager, based on a particularized suspicion that the officer was leaking drug raid information, was justified by a valid business purpose. Although the statute does not require any balancing of interest, the court noted that the employer's interest in maintaining a confidentiality of its investigation was significant and the intrusion on the employee was minimal. In particular, the court commented that, with one exception, there was no monitoring of conversations, only a monitoring of incoming telephone numbers.

Monitoring of telephone calls based on less serious suspected wrongdoing has also been found to be within the business exception. See, e.g. Deal v. Spears, 980 F.2d 1153, (8th Cir. 1992) (suspicion of employee's involvement in store burglary and excessive use of store telephone) and Watkins v. L.M. Berry & Co., 704 F. 2d 577 (11th Cir. 1983) (Monitoring allowed to extent necessary to guard against unauthorized use of telephone or to determine if call is personal).

Thus, although any monitoring of employee telephone calls or pagers does potentially implicate the federal wiretapping act, as long as such communications are either routinely monitored in the ordinary course of the employer's business or, in the case of individual monitoring, the monitoring is based on a legitimate business purpose such as suspicion of wrongdoing by the employee, it is unlikely that a violation of the statute would be found.

While the recording of telephone calls in the workplace is not a new issue, the monitoring of e-mails is. If the employer creates a back-up of all data in its computer system on a daily basis, then any e-mails sent that day, unless previously deleted, may be stored on that back-up disc. Whether e-mail will be protected under the federal wiretapping statute is yet to be seen. However, in a 1996 decision the U.S. District Court for the District of Nevada ruled that a computer's storage of electronic communications sent through a paging system was governed by 18 U.S.C. §2701, et seq., rather than 18 U.S.C. §2501 et seq. Bohach v. The City of Reno, 932 F.Supp. 1232 (D.Nev. 1996). Section 2701(c)(1) allows the providers of the electronic communication service to access and use the communications in its electronic storage. Thus, the Bohach court found that the statute was not violated when the employer who provided the communication service accessed the stored communications. Since an employer's retrieval of employee e-mail communications is achieved through access to stored data rather than by intercepting the communication as it is made, such access appears to be permitted under 18 U.S.C. §2701(c)(1).

2. New Hampshire Law

New Hampshire has adopted its own version of the wiretapping law. Similar to the federal law, N.H. R.S.A. 570-A prohibits the interception of communications but recognizes an exception for recording or monitoring done in the "ordinary course of business." N.H. R.S.A. 570-A:2, IV. While there are no New Hampshire cases applying N.H. R.S.A. 570-A in the workplace, it can be assumed that our courts would reach conclusions similar to those reached by the federal courts applying the federal statute.

Unlike the federal wiretapping law, the New Hampshire statute does not contain a provision relating to storage of and access to electronic communications. Nonetheless, the analysis applied in Bohach, supra, seems applicable here. Where e-mails are retrieved after they have been stored on the system's back-up, there has been no "interception" and hence no violation of the statute.

The availability of e-mail and Internet access in the workplace also can lead to employee misuse of such technology, resulting in decreased productivity and potentially inappropriate material (i.e., e-mail jokes, etc.) being circulated through the workplace. Fortunately, employers do have the right to adopt and enforce policies which limit employee use of e-mail and the Internet. Just as with the use of telephone and other office resources, employers may limit the use of e-mail and the Internet to business purposes. The real challenge is in enforcing such policies. Not only is it difficult to monitor such use, but employers often do allow use of the e-mail system for non-business purposes. The key to a valid and effective policy is clear and consistent enforcement.⁽¹⁾

There is also a New Hampshire statute which prohibits the use of a "pen register," which is defined as a device which identifies the telephone number dialed on the telephone line to which the device is attached. N.H. R.S.A. 570-B:1, III. However, there is an exception for devices used by a "customer of telecommunication service for cost accounting or other like purposes in the ordinary course of its business." Id. Although there are no New Hampshire cases interpreting this statute, it can be assumed that employers who have such devices installed on all telephone lines for purposes of tracking telephone use by employees would fall within this exception.

3. Employee Privacy Rights

In addition to the statutory provisions discussed above, an employer's ability to monitor employee telephone calls and retrieve employee e-mail raises the possibility of a common law invasion of privacy claim. The New Hampshire Supreme Court has recognized four distinct interests which are protected under the general right to privacy:

	Protection from intrusion upon one's physical and mental solitude or seclusion;
	Protection from public disclosure of private facts;
	Protection from publicity which places one in a false light in the public's eyes; and
	Protection from appropriation of one's name or likeness for the benefit or advantage of another.

Hamburger v. Eastman, 106 N.H. 107, 112 (1964). The only New Hampshire case to deal with an employee's right to privacy in the employment context has been O'Brien v. Papa Gino's of America, Inc., 780 F.2d 1067 (1st Cir. 1986). That case concerned the employer's requirement that an employee submit to a polygraph test during which he was asked about matters unrelated to his employment. Following his termination for lying on the polygraph, the employee sued for wrongful discharge, invasion of privacy and defamation. The jury found for the employer on the wrongful discharge claim but awarded the employee $448,200 on his invasion of privacy and defamation claims. The judgment was upheld by the U.S. Court of Appeals for the First Circuit.

Although the Papa Gino's case demonstrates the risks associated with taking actions in the workplace which might be reasonably regarded as invasive of privacy, if implemented correctly, employer monitoring of telephone calls and e-mails should not give rise to such liability. Employers ought to adopt policies advising employees of the permitted and prohibited uses of such technology. In addition, the best way to defend an invasion of privacy claim with respect to e-mail would be to advise employees in such policies that e-mails are stored on the back-up system. If provided such warning, employees would have no reasonable expectation of privacy in their e-mail communications. Also, although neither the federal nor the state wiretapping statutes require consent under the exception for business use, if all telephone calls are recorded, it would advisable to so notify employees. Again, if so informed, employees would have no reasonable expectation of privacy in any of their telephone conversations. Obviously, if an employer is recording only the telephone conversations of a particular employee on the basis of suspicion of wrongdoing, notice to the employee would not be appropriate. However, in those cases, the employer's purpose ought to be scrutinized closely to be sure that it is a valid business purpose.

In an interesting case entitled Intel Corp. v. Hamidi, Intel Corp. brought suit in the Sacramento, California, Superior Court to enjoin Hamidi, a former employee, from accessing its e-mail system to send negative messages about Intel to thousands of its employees. Hamidi argued that he had a constitutional right to access the company's internal e-mail system and that any efforts to limit his access would violate his rights. The court disagreed and issued a preliminary injunction against Hamidi on November 24, 1998. Final judgment was issued in favor of Intel on June 23, 1999. At this writing, the case is wending its way through the California appellate court system.

Although not directly addressing the issue of employee privacy, Hamidi does indicate that employers may have some proprietary rights which are paramount to employee rights. Accordingly, an employer may prohibit use of its e-mail system to broadcast messages contrary to the company's best interest. In addition, an employer may prohibit employees from receiving outside e-mail. Employers wishing to limit use of their e-mail systems in such fashions ought to adopt policies which clearly state the restrictions.

4. Conclusion

As the above discussion ought to make clear, technology has advanced more rapidly than the law in these areas. Thus, we can expect to continue seeing cases which further refine the limits of an employer's ability to monitor employee communications and which further define employee rights in these areas. Employers are advised to adopt and enforce clear policies which set forth the employer's expectations on these issues. However, since this is a developing area of law, employers must also keep abreast of changes in the law which might affect the enforceability of their policies.

Notes:

^1. Employers are cautioned that enforcement of policies which restrict employee communications or access to employees may become an issue if the employer is ever faced with a unionization campaign. The National Labor Relations Board will likely find that the employer has committed an unfair labor practice if such a policy is implemented or enforced in order to restrict or prohibit communications relating to the union, where other non-business communications are or have been permitted. On the other hand, as long as it is consistently enforced, a business-only policy for use of the e-mail system should not result in the finding of an unfair labor practice.