.. ilter Co. [630 F.2d 414 (5th Cir. 1980).
], the courts decided that if the employer had difficulty controlling personal use of business equipment, then a personal call could be intercepted in the ordinary course of business to determine its nature, but not its contents. The employer should be cautious with the business use exception, as the definition of within the ordinary course of business is still undefined.3.
System Providers Where employers provide their own company e-mail system there are two additional thoughts to support the non-relevance of the ECPA to them. The first theory is only available for employers with a system whose messages remain entirely intrastate, and is based on the ECPA’s applicability being limited to interstate communications. Under this theory, an intracompany e-mail system, whose messages do not cross state lines and which is not connected to an interstate network, fails to fall under the definition of electronic communications service, [18 U.S.C. 2510(15) (1994).
] and falls outside the protection of the ECPA.The definition of electronic communications under the law only pertains to such communication that affects interstate or foreign commerce. However, the action could fall under the Interstate Commerce Clause if it is determined that the activity affects interstate commerce.
In Perez v. United States [402 U.S. 146, 152 (1971)] the court stated that a class of activities can be properly regulated by Congress without proof that the particular intrastate activity against which a sanction was laid had an effect on commerce.Also, in Wickard v. Filburn [317 U.S. 111, 125 (1942)], the observation was made that local activity may be reached by Congress if it exerts a substantial economic effect on interstate commerce, irrespective of whether such effect is indirect.
Because the Interstate Commerce Clause could pre-empt this theory, the theory appears to have no basis and would be a shaky defense in a court of law. The second theory for exclusion rests upon the ECPA’s clear exemption of system providers from its prohibition against access and disclosure of stored electronic communications. [18 U.S.C. 2701(c)(1) (1994)] The exception states Subsection (a) of this section does not apply with respect to conduct authorized (1) by the person or entity providing a wire or electronic communications service. Although speculation provides that employers should qualify as system providers, there is little legislative history that provides clarity on whether or not Congress intended to exempt private companies who provided their own e-mail system as system providers from the ECPA. Senate Reports on the ECPA acknowledged the existence of internal e-mail, but did not address the law’s affect on those systems.
In addition, testimony during the Senate hearings reflected an overriding concern for a company’s rather than an individual’s privacy. Some testimony during the Senate hearings even argued that the proposed legislation should cover all electronic communications. Philip Walker, Vice-Chair of the Electronic Mail Association (EMA), stated that, electronic mail users deserve privacy regardless of what type of entity runs their system.[S. Rep. No. 99-541 (1986) Hearing on S. 1667 Before the Subcommittee on Patents, Copyrights and Trademarks of the Senate Committee on the Judiciary, 99th Congress 42 (1986)(statement of Senator Patrick Leahy (D-Vermont)).
] This uncertainty of Congress has left the door open has left the door open for courts to create a narrow definition of system providers, which could only include public, commercial providers such as America On-line, Prodigy, and Compuserve. Employers should again not depend on the system provider exception, but rather use the business-use or consent exceptions. IV.Case Discussion In examining case law concerning e-mail privacy, there are a few standard benchmark cases. Most of these cases come from California and it is no coincidence that this law should develop in what is considered a technological center of the United States.
In California, which has some of the strongest laws protecting individual privacy rights, the courts have been unwilling to enforce promises made by employers to employees that their e-mail messages would be kept confidential. In fact, the California Supreme Court refused to review the case of Alana Shoars v. Epson America Incorporated.In that case Ms.
Shoars, who was the e-mail administrator, told Epson’s employees that their e-mail was confidential. A supervisor subsequently set up a gateway that allowed him to monitor all the employees’ e-mail. When Ms. Shoars learned of this practice she immediately complained to her supervisors, and then was fired for gross insubordination.The judges in Ms.
Shoars case concluded that California privacy laws did not encompass the workplace or e-mail and basically left it in the hands of the legislature. The same result was found in Flanagan v. Epson. [Sup. Ct. Cal., Jan. 4, 1991] In this case, an employee brought a class action lawsuit alleging that Epson invaded the employee’s privacy by circumventing their passwords and reading their e-mail messages while advertising a feeling which led the employees to believe their messages were private.
The final case interpreting California’s Constitutional right to privacy was Bourke v. Nissan Motor Company. [California Superior Court, Los Angeles County (1991)] In determining whether the right to privacy has been violated, the court said you must first determine whether the individual had a personal and objectively reasonable expectation of privacy. Nissan argued that there was no reasonable expectation because the employees had signed a Computer User Registration Form, which stated, it is company policy that employees and contractors restrict their use of company-owned computer hardware and software to company business.
Bourke and Hall countered that they had a privacy expectation because they were given passwords to access the computer system and were told to safeguard these passwords. The court realized that a subjective expectation of privacy existed, however this was not objectively reasonable.As a result, since there was no reasonable expectation of privacy, there was no violation of the right to privacy. The federal courts seem to have taken the same position. In Smyth v. Pillsbury Corporation, [914 F. Supp.
97 (E.D.Pa. 1996).] a federal court in Pennsylvania ruled this year that Pillsbury Corporation was entitled to fire a manager who had sent e-mail critical of a supervisor, even though the company had explicitly promised it would not monitor e-mail messages. The court reasoned that an employer may not be prevented from firing an employee based upon a promise, even when reliance is demonstrated.
The court also quickly dismissed plaintiff’s claims of a tortious invasion of privacy under common and statutory law. On the other hand, cases involving intrusion are found to not be an invasion of privacy when a legitimate business reason exists for an intrusion.In Vernars v. Young [539 F.2d 966 (3d Cir.
1976).] an employee’s e-mail was opened and read by a fellow employee. A cause of action for invasion of privacy was found in this case.
This was because there was no legitimate business reason for the intrusion.V. Preventive Policy Measures The ECPA signals that the most favorable method for employers to protect against liability is to gain prior consent from employees before monitoring or accessing their business e-mail accounts. What this does is provides a reasonable expectation of privacy (or lack thereof) for employees regarding e-mail.
The following issues should be considered when creating policies concerning e-mail practices: Consult a lawyer or other employment specialist with expertise in employment and privacy issues in your state. Prepare a written policy. Include a clear description of the permissible uses of e-mail. Receive verification that the employees have reviewed and agree to the policies. Update the policies to change with technology. Emphasize and impermissible content for e-mails.
Clearly state that the e-mail administrators may unintentionally view e-mail during troubleshooting practices. Inform employees and independent contractors of any intent to monitor e-mails. State the consequences of misuse of the e-mail system. Show flexibility by allowing limited personal use of the e-mail system but clearly define acceptable personal uses.
Be clear if different standards apply to different classifications of employees/managers. Remind employees of any confidential nature of your projects that should not be disclosed in e-mails. Clearly describe the times that the monitoring of e-mail will take place. Create policies regarding the retention time of e-mails and backups of e-mail systems. Do not bury the policy in pages and pages of policies in a company handbook. Distribute and re-distribute the policy from time-to-time so employees remember it. Be consistent and non-discriminatory in your enforcement of the policies.Most companies are flexible and allow for employee’s limited personal use of the e-mail system.
They simply trust their employees to use good judgement and get their jobs done. Others either have written policies in place or are planning them. Whether or not you decide to have a policy for your company, let the employees and independent contractors know if you do or do not have a policy. Clear communication is the best way to avoid disputes.It also provides for a more positive working environment. VI.
Future Privacy Legislation Several attempts have been made to make the current laws regarding privacy in e-mail more clear and more in line with the technological advances of the late 20th century. In 1993, a bill was introduced by Senator Paul Simon (D-Ill.) to restrict employer monitoring of e-mail. The bill never came up for a vote.The Privacy for Consumers and Workers Act has not been voted on either. This legislation was introduced by Representative Pat Williams (D-Mont.). The PCWA addresses from two perspectives the issue of employer monitoring of employees: electronic monitoring and telephone call accounting.
In addressing the issue of electronic monitoring, PCWA can be analyzed in five parts: permitted monitoring, notice of monitoring, prohibited monitoring, data obtained from monitoring, and penalties. Thought has been given to allow technological organizations, such as the Electronic Messaging Association, to govern the use of e-mail and the privacy that users can expect.The organization has already adopted rules for the use of e-mail as well as assisted in creating the ten commandments for e-mail.
Those commandments (there are actually only 7) are: Respect confidentiality. Don’t flame. Don’t use anonymous remailers. Don’t look at other’s messages. Don’t misrepresent or lie. Follow EMA guidelines.
Consider presentation of a message. VII. Conclusion In today’s technologically advanced world, new ideas and inventions are around us on a daily basis. A lot of these advances create opportunities for play or even danger.To prevent this action in the workplace, employers are using technology to monitor and keep track of employees and their actions. The level of surveillance being practiced by employers is unprecedented.
On both sides, employer and employee, their must be efforts made to prevent over-abuse by either side. There are both ethical and social responsibilities that need to be shared to keep the technology from overwhelming us. I hope that I have shown that the current law in this area is inadequate and needs to be reviewed. The current law in this area, the Electronic Communications Privacy Act of 1986, does not satisfactorily address the many problems in connection with abuse of e-mail systems by employees or abuse of privacy issues by employers.
The Federal Court of Appeals for the Fifth Circuit has commented that the ECPA is simply not clear and is too broad to be effective.One of the main reasons for this is that the ECPA is simply an amended version of the 1968 federal wiretap law which was originally adopted to deal with telephone eavesdropping. Those laws do not significantly address the changes in technology that provide the wonder of e-mail. With the current legislation being ambiguous, and no new legislation yet passed, the next best solution is encouraging employers to implement a clear e-mail policy. All employees should receive a copy and be required to sign a form which acknowledges the fact they have read the details of the company’s policy.
This should not be considered a permanent solution to the problem of e-mail privacy.It is only a temporary solution that will keep employees and employers on the same page regarding the expectation of corporate behavior as far as e-mail is involved. Bibliography VII.
References ACLU. (September, 1996). SURVEILLANCE INCORPORATED: American Workers Forfeit Privacy for a Paycheck. [On-Line].
Available: http://aclu.org/library/wrrpt96.html AFTAB. Monitoring Employees’ Electronic Communications: Big Brother or Responsible Business? [On-Line]. Available: http://aftab.com/privacy.htm Angell, D. and Heslop, B.
(1994). The Elements of E-Mail Style. Addison Wesley, Reading , MA. Bacard, A. E-Mail Privacy FAQ. [On-Line].
Available: http://www.andrebacard.com/ema Casser, K. (1996).
Employers, Employees, E-mail and The Internet. [On-Line]. Available: http://cla.org/RuhBook/chp6.htm Cavanaugh, M.
Workplace Privacy in an Era of New Technologies. [On-Line]. Available: http://www.ema.org/html/pubs/mmv2n3/workpriv.htm Electronic Communications Privacy Act (1986).
[On-Line]. Available: http://www.tscm.com/ecpa.htm#s2511 Entwisle, S.M. E-mail and Privacy in the Workplace.
[On-Line] Available: http://www.acs.ucalgary.
ca/~smenwis/privacy.html Freibrun, E. (1994). E-mail Privacy in the Workplace – To What Extent?. [On-Line]. Available: http://www.cl.ais.
net/lawmsf/articl9.htm Gan, M. (1996).Employee Rights & Email. [On-Line]. Available: http://www.newsguild.
org/d6t.htm Lee, L. Watch Your E-Mail! Employee E-Mail Monitoring and Privacy Law in the Age of the Electronic Sweatshop. Morris, F. E-Mail Communications: The Next Employment Law Nightmare.
HR Advisor (July-August 1995). Oppedahl, C. (July 3, 1995). Security, Privacy, Discovery Issues Stem From E-Mail Communications. [On-Line]. Business Essays.