: workplace privacy : Employer Law Report

Home > workplace privacy >

SHOCKING NEWS!! We Are Spending Too Much Time Surfing The Web For Personal Reasons at Work. What To Do About These Cyberloafers??

Posted on February 7, 2013 by Brian Hall

According to a news release issued by the university, a Kansas State University study to be published in the journal Computers in Human Behavior concludes that between 60 and 80% of the time spent by people on the internet at work has "nothing to do with work." The study, which was profiled this morning on The Today Show, suggests that "cyberloafers" come in all ages. According to one of the researchers, "Older people are doing things like managing their finances, while young people found it much more acceptable to spend time on social networking sites like Facebook."

Certainly, while the estimated percentage might be unexpectedly high to some, there is no doubt that workers are spending more time on the internet for personal reasons. The study goes on to note that employer electronic monitoring policies do little to change behaviors unless the policies are enforced. According to the news release announcing the study, "Researchers discovered that the only way to change people's attitudes is to provide them with information about other employees who were reprimanded."

The question I have is whether enforcement of these policies really discourages employees from surfing the web or whether it merely drives the behavior underground. My bet is that many – I won't say most – employees who fear discipline as a result of electronic monitoring at work will simply resort to using their personal electronic devices, which the employer will not be able to monitor. In my mind, the best way for an employer to ensure that workers are actually working is to monitor their actual work performance, both quantity and quality, and in the process it will catch most, if not all of its cyberloafers.

I'm not suggesting that electronic monitoring policies are bad or even ineffective; just don't ask them to cure more problems than they are capable of doing. Indeed, such policies are invaluable in making sure that employees are not accessing pornography or other material at work that may subject an employer to liability. These policies also can help prevent trade secret leakage or outright misappropriation. But to think that enforcing these policies, without more, will deter most employees from shopping on Amazon.com or checking Espn.com for the latest trade rumor in my opinion is a bit naïve and maybe even somewhat counterproductive.

Even the researchers noted that the strategy can have negative consequences in the workplace and can lower morale. Indeed, in many work environments where employees are one dinner time cell phone call away from being back on the clock, it is not entirely unreasonable to think that some employees will conduct some personal business while at work. In addition, some studies have suggested that occasional personal use of the internet while at work might help recharge employees' batteries and keep them more focused on their jobs.

I'm all for enforcing electronic monitoring policies at work; let's just not ask them to do too much. Now, if you don't mind, there is this set of golf clubs that I saw on the internet last night….

Tags: Workforce Strategies, Workplace Privacy, Traps for the Unwary, cyberloafers, internet usage, workplace privacy

U.S. Supreme Court to Hear Arguments in NASA v. Nelson

Posted on October 4, 2010 by Brian Hall

No, this is not – for those of you old enough to remember I Dream Of Jeannie – Major Anthony Nelson suing NASA after all these years. Instead, a group of Caltech employees assigned to work at NASA’s Jet Propulsion Lab (“JPL”) in California sued NASA when the federal agency insisted that they submit to background checks after, in many cases, having worked there for 20+ years or resign their employment. The Supreme Court will address the question whether NASA violated the plaintiffs’ constitutional right to informational privacy by (1) requiring the contract employee to answer whether he or she had received counseling or treatment for illegal drug use in the prior year and/or (2) asking the contract employees’ designated references for any adverse information bearing on their suitability to work at a federal facility.

The case is before the Supreme Court on NASA’s petition for review of the Ninth Circuit’s decision granting a preliminary injunction barring the government from implementing its background checks at JPL. Oral argument is scheduled for October 5, 2010.

NASA contends that its collection of employment-related information through routine background checks does not violate the contract employee’s constitutional right to informational privacy. It argues that it has legitimate concerns about its workers’ illegal drug use and the steps that they have taken to address those issues. Likewise, NASA argues that it is “plainly reasonable” for the government to ask an individual’s designated references whether he or she should be employed by the government. NASA also notes that none of the information that it receives through its background questioning would be publicly disclosed or used for non-employment purposes. To the contrary, NASA argues that the form it uses to obtain information about illegal drug use promises that the information would not be used for criminal prosecution purposes and that all of the information collected would be protected from further disclosure under the federal Privacy Act.

The plaintiffs respond by noting that they are neither federal government employees or job applicants and that they do not work on any projects at JPL that are classified or related to national security. In addition, they all submitted to standard background checks when they became employed at Caltech, the sufficiency of which the government has never challenged. Further, according to the plaintiffs, NASA is not required by law to conduct background investigations of its contract employees. Keeping all of this in mind, the plaintiffs argue that the government has shown insufficient justification for intruding into their medical, financial, sexual and other highly sensitive personal information and making determinations of their “suitability” to work at JPL based on those factors.

Because NASA is a federal agency, the Supreme Court’s decision is going to turn on the constitutionality of the government’s background inquiries, which will only directly impact public sector employers. When the Court issues its decision, however, we will analyze it and report back on whether there are any lessons to be learned for private employers as well.

Tags: Workplace Privacy, Caltech, NASA, Supreme Court, background checks, workplace privacy

Endorsement Guides Create Concerns for Employers

Posted on May 14, 2010 by Brian Hall

While many human resources managers spend sleepless nights worrying about the negative things employees may be posting on the Internet about them, this post from our sister blog technologylawsource.com reminds us that the nice things they have to say can get employers into trouble as well. Lesson for employers: Make sure your social media policy makes clear that employees who endorse their employer's products or services on-line must disclose their employment relationship so that consumers are not misled into believing that the endorsement is free from bias.

Tags: Workplace Privacy, Privacy, endorsement, workplace privacy

Employers Court Danger When Using Technology to Investigate Employee Misconduct or Gather Evidence Without Prior Legal Advice

Posted on May 18, 2009 by Brian Hall

Perhaps it's the economy. Perhaps it's the lure of trying to catch someone in the act. Perhaps it's something else entirely, but we’re starting to see more instances of employers getting themselves in trouble because they’re monitoring employee use of employer technological resources to investigate possible employee misconduct without first seeking legal advice. Two fairly recent examples: Hay v. Burns Cascade Co., Inc. out of the Northern District of New York and Van Alstyne v. Electronic Scriptorium, Ltd. out of the Fourth Circuit.

In Hay, the employer, concerned that the plaintiff, one its customer service employees, was bad-mouthing it to customers, began monitoring her telephone calls. While listening to one telephone call, the president of the company determined that the conversation was between plaintiff and a male customer and overheard her saying that she "can't believe these guys are managers" and that she had "lost all respect" for the company's CEO. The president testified that he knew it was a customer because it was during work hours, and “there was nothing to indicate that it was anything other than a business call.” The president did not ascertain, however, which company the customer was affiliated with or whether the company was an existing or prospective customer. According to the court's decision, the president listened to the conversation for 30-40 seconds before he stopped monitoring. Based apparently on this one telephone call, the company decided to terminate the plaintiff's employment due to "poor performance."

Problem: According to the plaintiff, the conversation the president monitored was with her husband. As a result, the plaintiff filed suit, alleging that her employer had illegally intercepted, disclosed and used her private and personal telephone communications and that she was wrongfully terminated from her employment due to the unlawful use of information derived from illegal wiretapping and eavesdropping. The employer filed a summary judgment motion, which the court denied in all significant respects. Specifically, the court held that the plaintiff had produced sufficient evidence to obtain a jury trial on the issue of whether the employer's conduct violated Title III of the Omnibus Crime Control and Safe Streets Act of 1968, also known as the Federal Wiretapping Act, which prohibits the intentional interception of wire communications, including telephone conversations, in the absence of a court order.

There are two exceptions to that statute, which unfortunately the employer could not make fit to avoid a jury trial. First, there is an exception if the subject of the telephone monitoring consents either explicitly or impliedly. Here, however, the court found that the employer had not sufficiently established the plaintiff's consent to monitoring. Although the plaintiff may have been aware through conversations with co-workers that the employer may be or was capable of monitoring phone calls, there was no evidence that plaintiff was actually informed that her conversations were being monitored. In addition, there were no tones or other signals that would indicate to the plaintiff that her calls were being monitored. Finally, the company's code of conduct did not clearly state that telephone calls were being monitored.

The second possible exception to the Wiretapping Act is the business exception, which applies to monitoring conducted in the ordinary course of business. The court skirted the question of whether the interception of plaintiff's telephone calls to determine if she was making derogatory statements about the company to customers was in the ordinary course of business because there was an issue of fact as to whether the call that got her fired was with a customer or her husband. Finally, because the evidence used to terminate the plaintiff's employment was potentially obtained in violation of the Wiretapping Act, the court permitted her wrongful termination case to go to the jury.

In Van Alstyne, the plaintiff pursued a sexual harassment case against her employer after being terminated from her employment at Electronic Scriptorium, Ltd., which filed a counterclaim against her alleging several business torts. During the course of the litigation, ESL's president admitted that he had accessed emails from the plaintiff’s personal AOL account. The plaintiff then filed suit alleging that the president's access of her personal emails violated the federal Stored Communications Act as well as Virginia law. The Court's statement that the president admitted accessing the plaintiff's AOL account at all hours of the day, from home and Internet cafes, and from locales as diverse as London, Paris and Hong Kong suggests that the employer accessed the plaintiff's AOL account directly from a third-party service provider, making a finding that the SCA was violated a near certainty . At the conclusion of trial, the jury awarded the plaintiff a total of $200,000 in damages and approximately $136,000 in attorney fees. On appeal, the Fourth Circuit overturned $100,000 of the damages, which were allocated to damages under the statute, because the plaintiff had not shown that she sustained actual damage as a result of access to her email account. The court upheld the award of $100,000 in punitive damages and the attorney fees.

Hay and Van Alstyne demonstrate the kinds of trouble employers can cause themselves when they use their technology resources to either monitor or obtain evidence from their employees without their knowledge or consent and without first seeking legal advice. The employer in Hay has little to demonstrate that it obtained the plaintiff's consent to monitoring, particularly because its code of conduct was quite vague on the issue. (As an aside, many state laws – but not Ohio's – require that both parties to a telephone conversation be advised that their call is being monitored). Also, if the plaintiff can establish that the intercepted call indeed was with her husband, there will be slim chance for the employer to claim the business exception to the wiretapping act. As far as Van Alstyne is concerned, the employer was courting danger once it started tapping into the employee's private email account.

Another case to watch: Pietrylo v. Hillstone Restaurant Group, a New Jersey federal court case that is scheduled for trial in June. In Pietrylo, the employer terminated two employees for disparaging comments made about the company and supervisors on a private password-protected MySpace site after obtaining the password from a third employee. The primary issue likely will be whether the employee voluntarily gave the employer the password or whether she was coerced into doing so. If the case in fact goes to trial, we will let you know the outcome.

In the meantime, it is critical that employers seek legal advice before undertaking employee monitoring programs. Although employers certainly may reserve the right to monitor their employees’ use of company technology resources, there are limits to what employers can do without risking liability. Legal counsel can help employers avoid a world of headaches.

Tags: Workplace Privacy, employee misconduct, employee monitoring, workplace privacy

Google Latitude Launch Creates Potential Employee Privacy Issues

Posted on February 9, 2009 by Brian Hall

On Wednesday, February 4, 2009, Google launched a new feature called Latitude. Latitude apparently will enable users of smartphones, including most Blackberries, most phones using Microsoft Windows Mobile and, eventually, iPhones, to transmit their locations to another smartphone or desktop computer.

Much like most social networking conventions, Latitude operates on an opt-in basis, which enables smartphone users to share their locations with only certain chosen recipients. Teenagers will undoubtedly find this application "cool" as will the parents of many of those teenagers who may use Latitude to keep tabs on their kids. In addition, many smaller businesses may use the feature to efficiently dispatch delivery and repair crews.

And therein lies the potential privacy problem. Although Latitude is designed to be used only by those who choose to do so, some employers may seek to require their workers to use Latitude so that work activities can be monitored and directed. Requiring employees to put Latitude on their personal cell phones is rife with potential invasions of privacy during nonworking hours. Therefore, employers that choose to use Latitude should plan on issuing company phones to monitored employees and should obtain written employee acknowledgment of and consent to the use of this technology. Furthermore, although Latitude requires an affirmative opt-in, smartphone users must disable the service when they do not wish to be monitored, such as when employees are off the clock. As a result, employers will need to create policies to ensure that appropriate worker privacy is maintained during non-work hours.

Employers should also understand the limitations of location-monitoring services. For instance, Latitude's accuracy is dependent on multiple factors such as whether Google is able to rely on smartphone GPS capabilities or whether Google must rely on cell phone tower triangulation to place the user. Employers must also understand that Latitude and other location-monitoring technology is capable only of identifying a person's location, not what that person is doing. Therefore, employers should be careful about coming to any rush to judgment based on the results of location monitoring.

Tags: Workplace Privacy, Traps for the Unwary, location monitoring, workplace privacy

HR Files Vulnerable to Misuse by Insiders

Posted on December 16, 2008 by Brian Hall

On December 1, 2008, we blogged about the risks of insiders improperly accessing personal data belonging to customers and the general public. Last Thursday's Washington Post highlighted the vulnerability of human resources files to misuse by insiders. The Post reported that a human resources worker at the Library of Congress was charged with, and likely entered into a plea arrangement regarding, conspiracy to commit wire fraud. The worker allegedly accessed a Library of Congress database and obtained personal information, including Social Security numbers, of at least 10 Library employees. The information was then passed on to a third person who opened retail charge accounts in the names of the victims. In a separate matter, the Post also reported the sentencing of a former D.C. public schools employee for stealing the identities of 65 job applicants and co-workers to make retail purchases. According to the article, prosecutors stated that the employee's job gave her access to documents containing the names, birthdates and Social Security numbers of employees and job applicants.

These types of incidents are not isolated events. What are you doing to protect the personal information belonging to your applicants and employees?

Tags: Workplace Privacy, Workplace Privacy, workplace privacy

Employees In the Headlines for Violating Privacy of both President-Elect Obama and "Joe the Plumber"

Posted on December 1, 2008 by Brian Hall

This past week's national and local news have both included accounts of employees being disciplined for allowing their curiosity to get the best of them. According to CNN.com, Verizon Wireless has fired an undisclosed number of its employees for accessing cell phone records of President-Elect Obama without authorization. In addition, on November 22nd, the Columbus Dispatch reported that four senior managers at the Ohio Department of Job and Family Services have been disciplined for improperly mining state computers for confidential information on "Joe the Plumber." Previously, Governor Strickland had suspended the OJFS director for her role in the incident.

These incidents demonstrate the privacy and confidentiality risks posed by a company’s own employees. Coincidentally, this week Cisco Systems, Inc. released the third in a series of white papers arising out of its global study of data leakage. Cisco's findings suggest that data losses caused by employee behavior -- whether malicious or inadvertent -- have the potential to cause greater financial losses than attacks that originate outside the company. Employee behaviors not only put customer (e.g. Obama) and general public ("Joe the Plumber") data at risk but also corporate trade secret information. The Cisco data suggests that, although it remains important to plug any holes in computer systems to protect against outside intrusions, employers should be spending more time addressing employee behaviors that are putting data at risk. For those who are interested, the Cisco papers can be found at http://cisco.com/en/US/netsol/ns895/index.html.

Tags: Workplace Privacy, workplace privacy

Sixth Circuit Applies Balancing Test In Retaliation Case Involving an Employee's Disclosure of Confidential Documents

Posted on July 1, 2008 by Rob Stalter

A recent Sixth Circuit decision addressed the issue of whether the disclosure of confidential, proprietary documents by an employee to her attorneys constitutes a protected activity for which the employee cannot be terminated or otherwise disciplined. In 2000, numerous individuals filed a class action against the Cincinnati Insurance Company (CIC), alleging that CIC had discriminated against women in violation of the Equal Pay Act (EPA). Kathy Niswander, a claims manager at CIC, was one of the plaintiffs in the class action.

In order to respond to CIC’s discovery requests, the plaintiffs’ attorneys asked each of the plaintiffs, including Ms. Niswander, to send them any documents in their possession that related to the case or that might support their discrimination claims. In response, Ms. Niswander sent the attorneys any documents she had that could potentially be relevant, but she also submitted confidential claim-file documents that did not contain any information relevant to the alleged discrimination.

The plaintiffs’ lawyers produced the documents submitted by Ms. Niswander to CIC’s attorneys. CIC believed that Ms. Niswander’s conduct in delivering the documents to her attorneys violated the company’s Privacy Policy and its Code of Conduct, each of which prohibited the disclosure of confidential information, including personal information about policyholders. CIC decided to terminate Ms. Niswander because of her disclosure of the documents to her attorneys.

Ms. Niswander then filed a separate suit against CIC, alleging retaliation under the EPA and Title VII. She argued that she could not be terminated for delivering the documents to her attorneys in the class action because the documents were requested by her attorneys, who needed them in order to respond to CIC’s discovery requests. CIC argued that because the confidential documents were not relevant to the EPA claims at issue in the class action, her breach of the company’s policies was a legitimate ground for her termination.

The district court granted CIC’s motion for summary judgment. Ms. Niswander then appealed the decision to the Sixth Circuit Court of Appeals, which recently affirmed the judgment. The court noted that the anti-retaliation provisions of Title VII prohibit an employer from discriminating against an employee because the employee engaged in a protected activity. Thus, in order to prove a claim of retaliation, a plaintiff must first show that he or she engaged in a protected activity.

The court first had to decide whether Ms. Niswander’s delivery of the documents to her lawyers constituted either participation in the class action lawsuit or opposition to unlawful conduct by CIC. If it were either participation or opposition under Title VII, the court stated that a balancing test would then have to be applied to determine whether her disclosure was a protected activity for which she could not be fired.

The court found that her disclosure did not constitute participation in the underlying lawsuit, noting that while providing relevant documents during the discovery process might constitute participation, the provision of irrelevant, confidential information cannot be viewed as participating in the proceeding. The court then looked at whether Ms. Niswander's delivery of the documents constituted opposition to unlawful conduct by CIC. Finding that it could be viewed as opposition, the court applied a balancing test to weigh the employer’s need to protect its confidential business and client information against the employee’s need to be properly safeguarded against retaliatory actions. The court noted that the ultimate question under the balancing test is whether the employee’s dissemination of confidential documents was reasonable under the circumstances. The court looked at the following six factors:

how the documents were obtained;
to whom the documents were produced;
the content of the documents, both in terms of the need to keep the information confidential and its relevance to the employee’s claim of unlawful conduct;
why the documents were produced;
the scope of the employer’s privacy policy; and
the ability of the employee to preserve the evidence in a manner that did not violate the employer’s privacy policy.

Finding that the only two factors that even arguably weighed in Ms. Niswander’s favor were numbers 1 and 2, the court found that her delivery of the confidential documents to her attorneys did not qualify as a protected activity. The court thus held that she did not meet her burden to show that the company had retaliated against her. Therefore, the disclosure of confidential, proprietary documents by an employee to her attorneys does not constitute a protected activity where the documents are irrelevant to the claims asserted in the underlying litigation.

Tags: Workplace Privacy, sixth circuit, workplace privacy

Employer Law Report
Porter Wright Morris & Arthur LLP

Cincinnati 250 East Fifth Street
Suite 2200
Cincinnati, OH 45202-5118
Phone: 513-381-4700
Toll Free: 800-582-5813
Fax: 513-421-0991

Cleveland 925 Euclid Avenue
Suite 1700
Cleveland, OH 44115-1483
Phone: 216-443-9000
Toll Free: 800-824-1980
Fax: 216-443-9011

Columbus Huntington Center
41 South High Street
Columbus, OH 43215-6194
Phone: 614-227-2000
Toll Free: 800-533-2794
Fax: 614-227-2100

Dayton One Dayton Centre
Suite 1600
One South Main Street
Dayton, OH 45402-2028
Phone: 937-449-6810
Toll Free: 800-533-4434
Fax: 937-449-6820

Naples 9132 Strada Place
Third Floor
Naples, FL 34108-2683
Phone: 239-593-2900
Toll Free: 800-876-7962
Fax: 239-593-2990

Washington, D.C. 1919 Pennsylvania Avenue
NW, Suite 500
Washington, DC 20006-3434
Phone: 202-778-3000
Toll Free: 800-456-7962
Fax: 202-778-3063

Porter Wright Morris & Arthur LLP offers this blog for general informational purposes only. The content of this blog is not intended as legal advice for any purpose, and you should not consider it as such advice or as a legal opinion on any matters. The information provided herein is subject to change without notice, and you may not rely upon any such information with regard to a particular matter or set of facts. Further, the use of the blog does not create, and is not intended to create, any attorney-client relationship between you and Porter Wright Morris & Arthur LLP or any individual lawyer in the firm. No such relationship will be considered to have been formed until we have had an opportunity to resolve any conflict of interest issues and have advised you, in writing, of the nature and scope of the legal services to be provided. Unless we establish an attorney-client relationship with you with regard to the particular matter, we will not treat any information that you may send to us, or submit as a comment to a blog article or entry, as confidential or privileged, and any unsolicited communications may be disclosed to other persons without regard to confidentiality considerations. Use of the blog is at your own risk, and the site is provided without warranty of any kind. We make no warranties of any kind regarding the accuracy or completeness of any information on this blog, and we make no representations regarding whether such information is reliable, up-to-date, or applicable to any particular situation. Porter Wright Morris & Arthur LLP expressly disclaims all liability for actions taken or not taken based on any or all of the contents of this blog, or for any damages resulting from your viewing and use of this blog.

Employer Law Report : Employment and Labor Relations Lawyer & Attorney : Porter Wright's Employer Law Report : Employment Litigation, Non-Compete, Trade Secrets

Published By
Porter Wright

Reporting on recent legal developments and trends affecting employers