Monitoring Employee Social Networking

By January 8, 2010Blog, Employment Law

Much has been written and said about an employer’s right to regulate and monitor its employees’ use of e-mail and the internet.  Most of the discussion involves the clash between an employee’s privacy rights and the employer’s right to control and its ownership of the tools of the workplace and the employee’s time while at work.  Nobody questions the right of the employer to ban personal telephone calls, the use of the company e-mail facility for personal purposes and personal internet surfing or social networking during working hours.  But questions exist, however, about the extent of the employer’s right to monitor its systems for compliance with those policies.
The answer largely depends on the quality of the employer’s written policies, the practice of the employer in enforcing the policies, the unique privacy laws of the locale, and what exactly is meant by “monitoring” – merely monitoring an employee’s e-mail and history of internet use, or, on the other hand, accessing otherwise private internet sites restricted to authorized friends and guests?  Often the issues hinge on whether the employee had a legitimate expectation of privacy in the personal activities, even though conducted at work.  But that question does not the end of the analysis, and does not necessarily answer the ultimate question.
The rapid expansion of social networking and blogging, and the inevitable use of “company time” by employees of social media like Facebook or Twitter to engage in personal networking, including posting gossip and commentary about life at work, have likewise expanded the issues surrounding regulating and monitoring this behavior.  With the ever-present concern about negative commentary and inappropriate disclosure of workplace information, employers are inclined to explore and investigate their employees’ personal social networking activities more deeply.  This goes beyond merely ascertaining whether the employee was networking Facebook while at work – it may include attempts to gain access to restricted groups or sites to review content that may have been created exclusively on personal time.  This may lead not only to a privacy dispute with that employee, but also to violations of federal laws that regulate access to stored information on the internet.  A recent jury verdict in New Jersey provided one employer with a harsh lesson.
In the New Jersey case, Pietrylo v. Hillstone Restaurant Group, the jury found that the employer had wrongfully and without consent gained access to an employee’s MySpace site that was critical of work, and awarded statutory and punitive damages.  The facts are not uncommon:  the employer discovered that an employee had established a MySpace group where people could gossip and complain about work without anyone knowing (an erroneous assumption, but that’s another story).  Unfortunately for the employee, one of the authorized members of the group showed the site to her manager, and after some level of coercion, she gave the employer the password to the site.  The managers’ investigation of the contents of the group site led to the termination of the responsible employee, who then sued under a variety of legal theories, including violations of the federal Stored Communications Act.  The liability resulted from the employer’s direct access to the site by use of the password coerced from the other member – i.e., unauthorized access.
Whether those employees were using company computers on company time was irrelevant – the unauthorized or coerced access to the private site violated federal law in this case.
Enforcement and investigation of electronic and social media abuse should be pursued carefully; employers must consider all of the legal restrictions on access to private data, including personal privacy rights and federal and state statutes that restrict unauthorized access to data maintained by internet service providers and websites.  In California, employers also need to be aware that disciplining an employee for engaging in lawful conduct during non-working hours away from the workplace is prohibited by statute (Labor Code section 96(k)) and can lead to a claim before the state’s Labor Commissioner.
Stephen C. Gerrish, Employment Group

Thoits Law

Author Thoits Law

More posts by Thoits Law

Join the discussion One Comment

  • Gabby Suarez says:

    Great Post! Very informative.
    I do understand that monitoring employees while they’re working is a must now. But I disagree on monitoring employees outside of work and on their social media page. It’s bad enough to spy your employee’s internet usage, why go to the extent of digging deep into their personal account.
    This article might give you an additional idea on the subject:
    http://www.timedoctor.com/blog/2011/04/14/compare-screen-monitoring-software
    Personally, putting a monitoring device on anything without the consent of the employee is a violation of their privacy.