04:28 PM

The Privacy Lawyer: Monitoring Employees' Internet Communications: Big Brother Or Responsible Business?

Balancing employees' privacy rights with the responsibilities of the employer is becoming increasingly tricky for both sides Parry Aftab says.

The two prime exceptions to the ECPA afford employers broad rights to monitor their employees: An employer may monitor an employee's conversations if the monitoring occurs in the ordinary course of business or with the employee's implied consent.

Most of the cases developed under the ECPA involve criminal justice and investigatory wiretaps of telephone and E-mail communications. Until recently, most of the case law in the civil application of the ECPA involved monitoring telephone communication.

The ECPA also contains a "business exclusion exemption" that exempts interceptions made by equipment "furnished to the subscriber or user by [a communications carrier] in the ordinary course of its business [and being used by the subscriber or user] in the ordinary course of its business." Under this exception, an employer may monitor phone calls made on an employer-supplied telephone system by attaching a device supplied by the employer. The courts look to whether a reasonable business justification exists for the monitoring, whether the employee was informed about the employer's right to monitor, and whether the employer acted consistently in connection therewith.

Additional federal and state legislation has been introduced to afford employees more rights and weapons in the battle for more privacy.

So far, there's no federal law that requires employers to notify employees that their communications are being monitored. Legislation was introduced in Congress in 1991 by Sen. Paul Simon, D-Ill., that would have required advance notification to both employees and customers of electronic monitoring. The bill, known as The Privacy for Consumers and Workers Act, prohibited undisclosed monitoring of rest rooms and dressing-room and locker-room facilities, except when the employer suspected illegal conduct. The bill, which was never passed, would have provided for fines for violations and permitted injured employees to sue for compensatory and punitive damages and attorneys' fees.

Without federal protection, plaintiffs sought protection in state courts. This was similarly unsuccessful in overruling the employer's right to monitor the workplace, including intercepting communications. Many states have adopted their own version of the ECPA, and some require the consent of both parties for non-exempt interceptions (as opposed to the one-consent ECPA rule). In addition to the state versions of the ECPA, state laws include constitutional provisions, statutes and common law (law that has been developed through case-by-case review and, in the United States and under the United Kingdom's judicial systems, is as much part of the law as a statute).

Common Law And Invasion Of Privacy
Given the lack of protection afforded by the ECPA against employee monitoring, the few state-adopted privacy statutes, and the failure of states to adopt legislation protecting employee privacy rights, many employees are seeking recourse under common-law rights of action. Typically, they seek relief under the common-law tort of invasion of privacy. Invasion of privacy laws don't exist in all states, and in some cases, statutes labeled as "privacy invasion" laws don't deal with privacy matters at all. In New York, for example, the privacy statute deals with protection of celebrities and others rights against the commercial exploitation of their images.

In the states that recognize the tort of invasion of privacy, a violation generally requires an intentional intrusion, "physical or otherwise, upon the solitude or seclusion of another upon his private affairs, or concerns if the intrusion would be highly offensive to a reasonable person."

One of the key conditions to successfully prosecuting an action for invasion of privacy is whether the person has a "reasonable expectation of privacy." Courts across the country are finding with more and more frequency that no reasonable expectation of privacy exists with E-mail or employee online communications.

One of the most talked about E-mail invasion of privacy cases--Smith v. The Pillsbury Company, No. 95-5712 (E.D. Pa. 1996)--demonstrates the lack of patience of the judiciary with the claim of common-law privacy torts. In ruling against the plaintiff/employee, a Pennsylvania court held that there was no reasonable expectation of privacy in E-mail communications, even though Pennsylvania recognizes a common-law right of privacy.

The courts are also holding regularly that when the employer is also the system provider, no restrictions exist on interception of information on the system. Under current circumstances, there's little recourse available to employees who feel their privacy has been invaded by their employers.

2 of 3
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
1/4/2012 | 6:01:44 AM
re: The Privacy Lawyer: Monitoring Employees' Internet Communications: Big Brother Or Responsible Business?
There are different tools and devices that can help you monitoring employeeG«÷s internet communication and in my opinion it is legal. Under US law, companies can monitor employeesG«÷ computer usage with impunity, because workplace computers and their data are the property of the employers, and also because employees do not have a reasonable expectation of privacy in the workplace. Using these tools it can help you manage your employees effectively and help employees to stay focus at work. However, it is depends on how you use these tools to monitor employees. There are times that instead of helping employees to improve productivity it does the opposite and it is because of misuses of these tools. The reason is it invades employee privacy. Here is an article that can serve you as your guide in monitoring employees, it discusses what is ethical monitoring?
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.