WORKPLACE PRIVACY ISSUES
Technology Brings With It Some Interesting Problems
It is difficult to imagine a workplace or administrative office these days without a computer or, more likely, a computer system. The first thing I do upon arriving at my office each day is turn on my computer. I’m not sure I would know how to get my day started without it. Like most employers, our system is the primary way information is exchanged and continuity is maintained throughout the department and City. Electronic mail, or “E-mail” as it is usually called, has greatly enhanced communications between employees. However, with the advent of workplace computers and computer systems, a whole new group of new workplace privacy issues have arisen.
ISSUE: What can public employers and employees expect with regards to workplace privacy, computer systems and E-mail?
Consider the following scenario:
A employer has installed an E-mail system for the use of its employees in accomplishing the day-to-day business of the agency. The system hardware and software are owned and housed on the employer’s property. One day a supervisor discovers a printout in the conference room printer. Its E-mail message contains a joke, the subject of which is racial in nature. The message was sent from one employee to another within the department. What privacy rights do the employees have and what obligations does the employer have with regards to the E- mail and its content?
Public employers have the legal duty to monitor and control workplace conduct pursuant to federal and state laws, most importantly those concerning workplace discrimination and harassment under Title VII of the Federal Civil Rights Act and the State of California Fair Employment and Housing Act. This necessarily includes workplace conduct with regards to computer systems, internet access, and E-mail messages. These various laws and the resultant case decisions impose an affirmative duty of employers to know what activities are taking place in their workplace and to take appropriate action when necessary to ensure employees are not being harassed or discriminated against.
The federal and state laws regarding workplace privacy permit public employers to review the content of employees’ E-mail messages on employer- owned systems without a need for an articulable interest in doing so. Where there are facts that alert the employer to potential wrongdoing which the employer is required by law to prevent from occurring, the employer’s interest in the content of the messages would outweigh any privacy interest the employee might have, thus permitting an unrestricted review of the messages. Although I have not yet seen any case law, this probably also extends to activity and information on an employee’s private computer when used within the workplace. An example would be an employee using a laptop computer in the workplace for after hours internet access.
The employer is legally able to access the employee’s stored E-mail messages to ensure that no workplace misconduct or harassment has taken place. In addition, the employer should be able to use those E-mail messages that are inappropriate, harassing, lewd, and/or sexually explicit as a basis for disciplinary action of the offending employee. Federal and state laws strongly suggest that public employees do not have a “reasonable expectation of privacy” in the use of employer-owned electronic communications systems. Moreover, the employer has a legitimate and compelling interest to access the employee’s E-mail messages to ensure that no harassment occurs in the workplace.
Public employers must take steps to put their employees on notice that E- mail messages generated or received at the place of employment and on employer-owned equipment are not private. In other words, public employers must be proactive to reduce or eliminate their employees’ expectations of privacy in the use of employer-owned computer systems.
Essential in every employer’s program should be an E-mail policy statement that employees must read and acknowledge by signature as a condition of employment.
E-MAIL POLICY STATEMENT
Public employers should have an E-mail policy statement that employees must read and acknowledge by signature. The statement should include, but is not limited to, the following:
(1) Definitions of the terminology used in the policy to ensure that employees understand its contents.
(2) A warning to employees that the electronic communication systems in the office are to be used for official business only, not personal use, and that employees will be subject to disciplinary action, including dismissal, for private use of the system. Employees also should be advised that the electronic equipment and systems in the office are the property of the employer.
(3) A notice that the public agency may periodically monitor and/or access stored electronic communications of employees to ensure that the electronic communication system is being used properly and for reasons associated with the maintenance of the electronic communications of employees. The notice should make employees aware that no electronic communications transmitted on the system are private and confidential.
(4) A statement that security features provided by the electronic communication system (like passwords, access codes, or delete functions) will not prevent the public employer from accessing stored electronic communications.
(5) An admonition that the system shall not be used to transmit messages that are sexually explicit, lewd, derogatory, or in any other way inappropriate or unrelated to the public agency’s legitimate business activities. This warning also should state that the public agency may retrieve all messages sent to and received by an employee if the employee’s supervisor and personnel officer have a reasonable suspicion that the employee’s use of the electronic communication system has violated federal or state law, provisions of this policy, or any other office policy, rule, regulation, or ordinance.
(6) Clarification to employees that any violation of this policy and/or any other related rule or regulation may result in disciplinary action, including termination.
(7) An employee acknowledgment form summarizing the public employer’s right to access the employee’s electronic communication and detailing the kinds of communications not to be sent on the employer’s systems.
It should be obvious by now that, with regards to the scenario above, the employer has an obligation to take action when such activities are known or discovered. The employer has the right, and in fact, obligation, to know the content of its computer system. It has a legitimate and compelling interest to the content of E-mail messages to ensure no harassment is occurring in the workplace. When improper use of the system is discovered, this evidence can be used to discipline the responsible employee. And, finally, employees should understand that they do not have a “reasonable expectation of privacy” in using or storing data in department computers.