Employer Law Report

Tag Archives: workplace privacy

Don’t wannacry? Help your IT staff prevent ransomware

I have frequently blogged about human resources departments’ role in preventing data breaches in their organizations and to date have largely focused on training employees to recognize and respond phishing exploits designed to encourage employees to click on email links or attachments that contain malware. See for example here, here and here. But, in what some have been calling the biggest cyberattack ever, the recent “Wannacry” ransomware apparently seeks out computers containing a vulnerability in the Microsoft Windows operating system, which permitted the ransomware to  infect approximately 200,000 computers in 150 countries across the globe. No clicking required.…

NLRB panel majority upholds employer right to justify “no recording” policy; denies general counsel summary judgment motion

In a follow up to its Whole Foods Market, Inc. decision, which found unlawful an employer policy prohibiting workplace recordings by employees without prior management approval, an NLRB panel majority in Mercedes Benz U.S. International, Inc. denied the General Counsel’s motion for summary judgment on a similar “no recording” policy. According to the majority, Mercedes was entitled to a hearing, which would provide an opportunity to present evidence regarding its business justifications for the policy, and about whether the policy was communicated or applied in a manner that clearly conveyed an intent to permit protected activity.

Member Pearce dissented, arguing …

Ohio Appellate Court dismisses privacy breach lawsuit against employer

A recently published decision of an Ohio Court of Appeals reminds us that, particularly in this electronic age, employers need to be very careful in the handling of confidential medical information. The decision is also a reminder that sometimes the outcome of a case can depend on the precedent in a particular appellate district.

In Templeton v. Fred. W. Albrecht Grocery Co. the 9th District Court of Appeals (for Summit County, Ohio) the employee responsible for managing workers’ compensation claims for the employer inadvertently sent a psychological report regarding the plaintiff to other employees rather than to the plaintiff’s …

Employers can learn from recent cases involving the Federal Trade Commission

Two recent decisions – one from the federal district court in New Jersey and one from a federal Administrative Law Judge – potentially will have significant impact on the Federal Trade Commission’s (“FTC”) enforcement of business’s data security obligations.

FTC v. Wyndam Worldwide

In FTC v. Wyndham Worldwide Corporation, the New Jersey federal district court upheld the FTC’s authority to find that a business that has sustained a data breach has committed an “unfair trade practice” in violation of Section 5(a) of the Federal Trade Commission Act, 15 U.S.C. §45(a) when its privacy controls are found to be inadequate.  …

Court Holds That Employer Did Not Have “Possession, Custody or Control” of Text Messages Sent or Received on its Employees’ Personal Cell Phones

In an employment race discrimination case, a federal court recently held that the defendant-employer did not have “possession, custody, or control” over text messages sent or received by its employees on their personal cell phones. The court denied the plaintiff’s motion to compel the production of these text messages because there was no evidence that:

  • the employer issued the cell phones to the employees;
  • the employees used the cell phones for any work-related purpose; or
  • the employer otherwise had any legal right to obtain employee text messages on demand.

Cotton v. Costco Wholesale Corp., Case No. 12-2731, slip op. …

Ohio Federal Court Permits Case Alleging Employer’s Accessing Of Former Employee’s Personal Emails To Proceed

When we think about the issues that employers have been struggling with relating to employee use of personal mobile devices for work, thoughts of data security, trade secret protection, record retention, and even FLSA compliance immediately come to mind – or at least my mind. But, I bet you wouldn’t anticipate what allegedly happened in Lazette v. Kulmatycki, a case decided by the federal court in the Northern District of Ohio on June 5, 2013. In Lazette, the plaintiff alleged that, after plaintiff left her employment, she returned her company-issued blackberry (which she used and refers to in her …

Pick Your Poison – Violate State or Federal Law? Court Finds That Complying with State Law On Employee Criminal Background Checks Is Not a Defense to a Title VII Disparate Impact Claim

I present on the topic of background checks often, and when it comes to Q&A time, I almost always get the question (or some variation of it): "How does Title VII come into play when an employer has state law requirements regarding criminal background checks?" In Waldon v. Cincinnati Public Schools, No. 1:12-CV-00677 (S.D. Ohio Apr. 23, 2013), the Southern District of Ohio shed some light on this particular employer predicament and demonstrates the potential for employment discrimination liability for employers who have overly broad exclusionary hiring policies based on past criminal conduct, even when those policies are required …

Technology Law Source 2.0

We wanted to take a moment to share the redesigned Porter Wright Technology Law Source blog with you.

Technology Law Source is designed for readers to quickly and easily learn about concepts that cut across the traditional lines of intellectual property and extend to evolving technologies, as well as concerns with privacy and data security.

Our authors routinely update the blog to provide the latest news and information about a range of areas relating to the industry, including:

  • Copyright
  • Data breach
  • Data security
  • Database management
  • Electronic commerce
  • Electronic discovery
  • Electronic medical records
  • Enforcements, disputes, and litigation
  • HIPAA and HITECH Act

Twitter’s Vine Video App Is the Latest App to Sprout Social Media Risks for Employers

There is no doubt you know what YouTube is, but do you know about Vine? Well, Vine is a video app released by Twitter earlier this year that allows users to capture and share short looping six-second videos to Twitter and allows the user to tag people in the post. The app is easy to use and works a lot like Instagram (many call it the Instagram of video). When you tweet from Vine, it embeds your looped video — or what looks like an animated GIF — in your tweet and includes sound. Videos from Vine’s Make-a-Scene app appear …

Court Rules Employer Cannot Force a Former Employee to Update LinkedIn Profile

In today’s world of social media, we know that employees live online. With LinkedIn, this includes having a living resume for anyone with a LinkedIn account to see. The up-to-date part, or rather how up-to-date someone’s LinkedIn profile (or resume) is, has become somewhat of a concern.  The recent case of Jefferson Audio Video Sys. Inc. v. Light (W.D. Ky. May 8, 2013) demonstrates how the updating of a LinkedIn profile can become a concern for employers, particularly as it pertains to an employer’s former employees. 

Here is the situation: An employee leaves a company for whatever reason yet fails to update …

Facebook Account Deactivation Leads To “Spoliation Instruction”

Our colleagues over at Technology Law Source advise today of an interesting case in which a New Jersey federal court held that a plaintiff in a personal injury lawsuit failed to preserve relevant evidence when he deactivated his Facebook account and failed to reactivate it within fourteen (14) days – which according to Facebook’s terms and conditions renders the account’s contents irretrievable. As a result, the court found that the defendant was entitled to a jury instruction that permits the jury to infer that “the fact that a document was not produced or destroyed is ‘evidence that the party that …

Court Decides LinkedIn Ownership Case and Finds for Plaintiff But Refuses to Show Her the Money

The infamous LinkedIn ownership case, Eagle v. Edcomm, is over, and for the plaintiff, Dr. Linda Eagle, it was a win and a loss. We told you about this case in the post: "In the Social Media Battle Over Who Owns a LinkedIn Account, the Greatest Threat is State Law Claims – How Employers Can Protect Themselves in Light of Eagle v. Morgan as 11 State Law Claims Proceed to Trial." The case did go to trial, and the Eastern District of Pennsylvania decided that while Dr. Eagle proved three claims against her former employer, Edcomm, she was …

Facebook Posts Not “Solicitation” Under Former Employee’s Restrictive Covenant Agreement

Describing it as a “rather novel issue,” a federal court recently held that a former employee’s public posts on his personal Facebook page did not constitute solicitation of his former co-workers under the terms of his non-solicitation agreement with his former employer. [See Pre-Paid Legal Services, Inc. v. Cahill, No. 12-CV-346, Doc. 31 (Jan. 22, 2013), Report and Recommendation affirmed and adopted, Doc. 32 (Feb. 12, 2013)] The court further noted that invitations sent to former co-workers to join Twitter were not solicitations under the agreement because the invitations did not request the co-workers to “follow” the former employee, …

Social Media Privacy Makes Its Way to Capitol Hill

Editors’ Note: Colleen Marshall, a Senior Attorney in Porter Wright’s Litigation Department, is also a widely-recognized, award-winning news anchor for Columbus’ NBC-affiliate, WCMH – 4. In a detailed interview with Porter Wright’s Sara Jodka last week, Colleen reports on the use of social media by employers: "You Can’t Delete Your Way Out Of Social Media."

As noted in a recent blog and in the news report mentioned above, 21 states have social media privacy legislation pending. But, social media privacy could soon be governed by an act of Congress.

Representative Elliot Engel (D-N.Y.) just introduced H. R. 537, the "Social Networking

Why You Can’t Delete Your Way Out of Your Social Media Mess

Naked pictures? Drunken celebrations? Sexist comments? A click of a button and all evidence of your "Weekend at Bernie’s" can disappear. Job seekers know to scrub clean their Facebook pages before they connect with potential employers, to remove all trace of their off-color on-line life. But here in Ohio you can’t delete your way out of the mess you created through social media. Employers can legally ask employees and recruits to surrender their social media passwords, and thanks to Facebook’s newly expanded access program, the result is a stunningly deep portal into private messages, deleted posts, photographs and everything you …

SHOCKING NEWS!! We Are Spending Too Much Time Surfing The Web For Personal Reasons at Work. What To Do About These Cyberloafers??

According to a news release issued by the university, a Kansas State University study to be published in the journal Computers in Human Behavior concludes that between 60 and 80% of the time spent by people on the internet at work has "nothing to do with work." The study, which was profiled this morning on The Today Show, suggests that "cyberloafers" come in all ages. According to one of the researchers, "Older people are doing things like managing their finances, while young people found it much more acceptable to spend time on social networking sites like Facebook."

Certainly, while …

Social Media Firing of the Week. (Final Score: God 10 – Waitress 0)

The Internet is burning up this morning with the story of an Applebee’s waitress who was fired for posting on Reddit, a social news and entertainment site, the receipt from a customer who gave her no tip on a $35.00 check, writing "I give God 10% why do you get 18?" Unfortunately, the waitress did not obscure the customer’s signature when she posted a picture of the receipt, which naturally set off a firestorm of Reddit users and others on the Internet attempting to identify the customer. The customer apparently then contacted Applebee’s and demanded the waitress’s termination.

While there …

Ohio Federal District Court Rejects Public Policy Wrongful Termination Claim Against Private Employer Based On First Amendment

The summary judgment decision issued on October 31st by Ohio federal district court judge David Dowd in Barnett v. Aultman Hospital contains important reminders for both private employers and their employees. For employers, there is the reminder that they are not bound by the First Amendment’s protections for free speech. And for employees: Always remember to confirm that your supervisor actually has been fired before going to Facebook to celebrate.

In January 2011, after receiving the erroneous information that her supervisor had been fired, the plaintiff, Wendy Barnett, a registered nurse at Aultman Hospital sent an email through Facebook to …

Not So Fast … CFPB Issues Revised Forms for FCRA Compliance by January 1, 2013, First Ones Contained Typos and Other Errors

As we reminded you last month here, the Consumer Financial Protection Bureau ("CFPB"), the agency that has enforcement responsibility over the Fair Credit Report Act ("Act"), revised the forms which employers must use to comply with the FCRA, effective January 1, 2013. There was only one little problem with the forms the CFPB provided for use: They contained various typos and technical errors that the CFPB now has recognized in its Supplementary Information in the November 14, Federal Register Notice.

The forms at issue:

  • The Summary of Consumer Identity Theft Rights;
  • Summary of Your Rights Under the

Complying with the FCRA Amendments Before January 1, 2013 – a Step-By-Step Guide

By now, you should know that the Equal Employment Opportunity Commission ("EEOC") has issued “Guidance on the Consideration of Arrest and Conviction Records in Employment Decisions”, which is designed to restrict criminal background checks by employers, but you may not know that enforcement responsibility for the Fair Credit Reporting Act ("FCRA") has been transferred from the Federal Trade Commission to the recently created Consumer Financial Protection Bureau ("CFPB").

The FCRA, of course, is the federal law that imposes requirements on employers who use third party Consumer Reporting Agencies ("CRA’s") to obtain “consumer reports" (i.e., background check, reference check, …

In the Social Media Battle Over Who Owns a LinkedIn Account, the Greatest Threat is State Law Claims – How Employers Can Protect Themselves in Light of Eagle v. Morgan as 11 State Law Claims Proceed to Trial

Who owns a social media account that an employee sets up for the purpose of promoting her employer’s business? In Eagle v. Morgan, the federal district court for the Eastern District of Pennsylvania became one of the first courts to address the issue of ownership of employer social media accounts. Now, 11 state-law claims related to this issue are slated for trial next month. Here’s what employers need to know about what claims didn’t make it, which ones did, and how they can protect their online presence.

The Factual Background. In Eagle, the employee, Dr. Linda Eagle, …

State Tort and CFAA Claims Survive Motion to Dismiss In Ohio Employee Cyberhacking Case.

In a case that vividly demonstrates how employers are vulnerable to insider cyber attacks, a recent federal court decision out of the Southern District of Ohio addressed the scope of federal statutes designed to address such activity. In Freedom Banc Mortgage Services, Inc. v. O’Harra, the plaintiff’s complaint alleged that an employee began remotely downloading software programs on 27 of the employer’s computers and five servers. Through these programs, O’Harra, with the assistance of others, allegedly was able to access the employer’s employees’ email accounts, deleted hundreds of email from these accounts, uninstalled the employer’s security camera, deleted pictures …

Bill Introduced In Ohio Legislature To Restrict Employer Social Media Password Inquiries

On Thursday May 24, 2012, State Senator Charleta Tavares of Columbus introduced a bill that would prohibit employers from asking applicants or employees for their social media password. The bill follows a trend started in Maryland and followed by at least 11 other states (plus Congress) that would prohibit this employer practice.

Is this legislation necessary? Well, I was asked this question on 10TV in Columbus last Thursday night and my answer was an emphatic "No!" Though this type of legislation seems to be "trending" nationwide, the examples of employers that actually require their applicants or employees to turn over their …

Federal Court: FCRA Does Not Apply To Independent Contractor Relationships

Here is one more potential advantage of using independent contractors rather than employers that so far has flown below the radar screen.  According to a federal district court in Wisconsin, the Fair Credit Reporting Act’s disclosure obligations do not apply to independent contractor relationships.

When EMS Energy Marketing Service, Inc., terminated Phillip Lamson based on the results of a background check, it failed to provide him with a copy of the report or the written description of his rights under the FCRA as required by the Federal Trade Commission.  Lamson sued, alleging that his termination violated FCRA.  The Court concluded, …

LexBlog