Employees should realize that they should not use the company’s e-mail account for personal, private matters, yet most continue to do so – everyone seems to assume that e-mail is private, no matter who owns the account. This may not be true, however, and anyone using a company e-mail account for his or her private messages could be in for a rude awakening – disclosure of the contents – if not careful.
Much has been written and said about an employer’s right to regulate and monitor its employees’ use of e-mail and the internet. Most of the discussion involves the clash between an employee’s privacy rights and the employer’s right to control and its ownership of the tools of the workplace and the employee’s time while at work. Nobody questions the right of the employer to ban personal telephone calls, the use of the company e-mail facility for personal purposes and personal internet surfing or social networking during working hours. But questions exist, however, about the extent of the employer’s right to monitor its systems for compliance with those policies.
The answer largely depends on the quality of the employer’s written policies, the practice of the employer in enforcing the policies, the unique privacy laws of the locale, and what exactly is meant by “monitoring” – merely monitoring an employee’s e-mail and history of internet use, or, on the other hand, accessing otherwise private internet sites restricted to authorized friends and guests? Often the issues hinge on whether the employee had a legitimate expectation of privacy in the personal activities, even though conducted at work. But that question does not the end of the analysis, and does not necessarily answer the ultimate question.
The rapid expansion of social networking and blogging, and the inevitable use of “company time” by employees of social media like Facebook or Twitter to engage in personal networking, including posting gossip and commentary about life at work, have likewise expanded the issues surrounding regulating and monitoring this behavior. With the ever-present concern about negative commentary and inappropriate disclosure of workplace information, employers are inclined to explore and investigate their employees’ personal social networking activities more deeply. This goes beyond merely ascertaining whether the employee was networking Facebook while at work – it may include attempts to gain access to restricted groups or sites to review content that may have been created exclusively on personal time. This may lead not only to a privacy dispute with that employee, but also to violations of federal laws that regulate access to stored information on the internet. A recent jury verdict in New Jersey provided one employer with a harsh lesson.
In the New Jersey case, Pietrylo v. Hillstone Restaurant Group, the jury found that the employer had wrongfully and without consent gained access to an employee’s MySpace site that was critical of work, and awarded statutory and punitive damages. The facts are not uncommon: the employer discovered that an employee had established a MySpace group where people could gossip and complain about work without anyone knowing (an erroneous assumption, but that’s another story). Unfortunately for the employee, one of the authorized members of the group showed the site to her manager, and after some level of coercion, she gave the employer the password to the site. The managers’ investigation of the contents of the group site led to the termination of the responsible employee, who then sued under a variety of legal theories, including violations of the federal Stored Communications Act. The liability resulted from the employer’s direct access to the site by use of the password coerced from the other member – i.e., unauthorized access.
Whether those employees were using company computers on company time was irrelevant – the unauthorized or coerced access to the private site violated federal law in this case.
Enforcement and investigation of electronic and social media abuse should be pursued carefully; employers must consider all of the legal restrictions on access to private data, including personal privacy rights and federal and state statutes that restrict unauthorized access to data maintained by internet service providers and websites. In California, employers also need to be aware that disciplining an employee for engaging in lawful conduct during non-working hours away from the workplace is prohibited by statute (Labor Code section 96(k)) and can lead to a claim before the state’s Labor Commissioner.
Stephen C. Gerrish, Employment Group
Employers now must comply with a new equal opportunity law; GINA, short for Genetic Information Non-Discrimination Act of 2008, in addition to sex, race, age and a dozen other categories. All employers with at least 15 employees are subject to GINA. This post gives a quick overview of GINA and a checklist of action items. Further details are found on the EEOC website, including a new mandatory poster.
At first blush, GINA has a “futuristic” and limited sense about it. After all, how many employers gather genetic information? But the law was passed due to quick-moving advances in genetics and the development of genomic medicine, which could lead to insurability problems and job discrimination based on the availability of individuals’ genetic information and family histories. GINA has two parts. Title I deals with the use of genetic information in health insurance, and amends portions of ERISA, the Public Health Service Act, and the Internal Revenue Code. More relevant to employers is Title II, which prohibits the use of genetic information in employment decisions and the intentional acquisition of genetic information about applicants and employees, and imposes strict confidentiality requirements. “Genetic information” is defined as information about an individual’s genetic tests, genetic tests of a family member, and family medical histories. The term “family member” includes the employee’s dependents and certain relatives of the employee, or of the employee’s dependents. The reason for including so many family members is to prevent employers from inferring that an employee is predisposed to a similar disease or disorder as a family member. Prohibited employment practices under GINA include: (1) the use of genetic information to make decisions concerning any terms, conditions or privileges of employment; (2) intentional acquisition of genetic information; (3) violation of confidentiality; and (4) retaliation against an employee who opposes genetic discrimination.
What Should Employers Do Now?
1. Post the EEOC’s new “EEO is the Law” poster in the workplace;
2. Revise equal employment opportunity (EEO) statements in employee handbooks, to include a policy of non-discrimination on the basis of genetic information;
3. Do not request that applicants and employees provide family medical histories;
4. Do not request information about disorders or diseases of an employee’s family members to process leave requests unless directly related to a FMLA or CFRA request;
5. Consider whether any changes are necessary in the administration of employer or sponsored health benefit plans;
6. Abide by GINA’s confidentiality rules and separately file all medical information;
7. Enact service-of-process intake policies to prevent the inadvertent disclosure of genetic information in response to a civil discovery request that is not accompanied by a court order compelling production.
GINA was enacted based on recognition of developments in the field of genetics, the decoding of the human genome, and advances in genomic medicine. Genetic tests now exist that can inform people whether they may be at risk for developing a specific disease or disorder. But as the number of genetic tests and availability of data increase, so do concerns about whether people are at risk of losing health coverage or job opportunities if insurers and employers can access their genetic information. Given the scientific advances, it is likely that GINA will become increasingly important. To read more about GINA, go to the Thoits.com Resources page.
Jeffrey A. Snyder, Employment Group