1 / 112

Privacy in the Workplace: Electronic Surveillance Under State and Federal Law

Privacy in the Workplace: Electronic Surveillance Under State and Federal Law. Charles Lee Mudd Jr. – Mudd Law Offices. Overview. Trends in Workplace Surveillance Highlights of Applicable Law More Common Surveillance Issues Arbitration - Lessons Learned Policy Guidelines

landers
Download Presentation

Privacy in the Workplace: Electronic Surveillance Under State and Federal Law

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Privacy in the Workplace:Electronic Surveillance Under State and Federal Law Charles Lee Mudd Jr. – Mudd Law Offices © 2010 Mudd Law Offices

  2. Overview Trends in Workplace Surveillance Highlights of Applicable Law More Common Surveillance Issues Arbitration - Lessons Learned Policy Guidelines Novel Circumstances © 2010 Mudd Law Offices

  3. Trends in Workplace Surveillance 1997 13.7% of employers monitored computer files 14.9% of employers monitored e-mail Data obtained from the American Management Association © 2010 Mudd Law Offices

  4. Trends in Workplace Surveillance (cont’d) 2007 43% of employers monitored computer files 43% of employers monitored e-mail Data obtained from the American Management Association © 2010 Mudd Law Offices

  5. Trends in Workplace Surveillance (cont’d) ADDITIONAL STATISTICS 66% of employers monitor Internet connections 12% of employers monitor blogs for comments on company 10% monitor social networking sites 8% use GPS to track company vehicles American Management Association DATA © 2010 Mudd Law Offices

  6. Trends in Workplace Surveillance (cont’d) The Privacy Foundation reports that of those employees "who regularly use e-mail or Internet access at work," fourteen million "are under 'continuous' surveillance ... for their Internet access or e-mail usage." © 2010 Mudd Law Offices

  7. Trends in Workplace Surveillance (cont’d) For a myriad of reasons… the monitoring of employee activity and conduct by employers through electronic surveillance in the workplace …will continue to increase. © 2010 Mudd Law Offices

  8. Protecting Employers … and Employees With increasing prevalence of workplace surveillance Employers Must Be Advised Properly… … in Advance of Implementation © 2010 Mudd Law Offices

  9. Highlights of Applicable Law United States Supreme Court Federal Statutes State Statutes Common Law © 2010 Mudd Law Offices

  10. O'Connor v. Ortega 480 U.S. 709, 107 S. Ct. 1492 (1987) While investigating alleged impropriety, public employers broke into employee’s office, desk, and file cabinet Court determined neither party entitled to summary judgment and affirmed in part and reversed in part ….HOWEVER…. United States Supreme Court © 2010 Mudd Law Offices

  11. Supreme Court (cont’d) Ortega helped establish: Analytical Process in Workplace Privacy: Expectation of privacy? Reasonableness of search at inception? Reasonableness of search in scope? © 2010 Mudd Law Offices

  12. Supreme Court (cont’d) For legitimate work-related, non-investigatory intrusions as well as investigations of work-related misconduct, a standard of reasonableness is used. © 2010 Mudd Law Offices

  13. Supreme Court (cont’d) City of Ontario v. Quon 177 L. Ed. 2d 216 (U.S. 2010) The review of transcripts of employee text messages held to be reasonable given that legitimate non-investigatory reasons prompted the review. (to determine whether the character limit on the city's contract was sufficient to meet the city's needs) © 2010 Mudd Law Offices

  14. Supreme Court (cont’d) Principles arising from and reaffirmed in Quon: special needs of workplace is an exception to Fourth Amendment warrant requirement “the extent of an expectation [of privacy] is relevant to assessing whether the search was too intrusive” © 2010 Mudd Law Offices

  15. Supreme Court (cont’d) Note: Utah equivalent of Fourth Amendment Utah Constitution, Art I., § 14 © 2010 Mudd Law Offices

  16. Federal Statutes Primarily…. Electronic Communications Privacy Act Stored Communications Act Computer Fraud and Abuse Act © 2010 Mudd Law Offices

  17. Electronic Communications and Privacy Act 18 U.S.C. § 2510, et seq. § 2511, criminalizes Intentional interception of oral, wire or electronic communication Discloses Uses © 2010 Mudd Law Offices

  18. Question: What is interception (……still debated…..) Question: What is electronic communication? United States v. Councilman, 418 F.3d 67 (1st Cir. Mass. 2005) United States v. Szymuszkiewicz, 2009 U.S. Dist. LEXIS 60755 (E.D. Wis. June 30, 2009) Electronic Communications and Privacy Act 18 U.S.C. § 2510, et seq. © 2010 Mudd Law Offices

  19. Civil Remedies generally any person whose wire, oral, or electronic communication is intercepted, disclosed, or intentionally used Electronic Communications and Privacy Act 18 U.S.C. § 2510, et seq. © 2010 Mudd Law Offices

  20. Relief Preliminary, declaratory and other equitable reasonable attorney’s fee and costs Damages, either (a) actual plus profits OR (b) statutory ($100/day or $10,000) 18 U.S.C. § 2520 Electronic Communications and Privacy Act 18 U.S.C. § 2510, et seq. © 2010 Mudd Law Offices

  21. Employers cannot: use any devices to intercept wire, oral, or electronic communication. Use or disclose any information obtained through these methods Disclose or obtain unauthorized access to stored communications. Three Exceptions….. Electronic Communications and Privacy Act 18 U.S.C. § 2510, et seq. © 2010 Mudd Law Offices

  22. Employers cannot: use any devices to intercept wire, oral, or electronic communication. Use or disclose any information obtained through these methods Disclose or obtain unauthorized access to stored communications. Three Exceptions….. Electronic Communications and Privacy Act 18 U.S.C. § 2510, et seq. © 2010 Mudd Law Offices

  23. THREE EXCEPTIONS If one party has given prior consent. Business extension exception – Certain interceptions are OK in the ordinary course of business. Provider exceptions – Certain interceptions OK on internal communications systems. Electronic Communications and Privacy Act 18 U.S.C. § 2510, et seq. © 2010 Mudd Law Offices

  24. Consent: requires only that one party to the communication consent to its interception and access (but be wary of stricter statutes) Providers: employers who own and provide their own e-mail or instant message systems are exempt Not applicable if the interception occurs in the “ordinary course of business.” Electronic Communications and Privacy Act 18 U.S.C. § 2510, et seq. © 2010 Mudd Law Offices

  25. whoever-- intentionally accesses without authorization a facility through which an electronic communication service is provided; or (2) intentionally exceeds an authorization to access that facility; AND….. Stored Communications Act (18 U.S.C. § 2701) © 2010 Mudd Law Offices

  26. thereby obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system shall be punished . . . Stored Communications Act (18 U.S.C. § 2701) © 2010 Mudd Law Offices

  27. (REMEMBER - CRIMINAL STATUTES) Civil Remedy Very similar to ECPA except minimum statutory of $1,000 Punitive if willful determination 18 U.S.C. § 2707 Stored Communications Act (18 U.S.C. § 2701) © 2010 Mudd Law Offices

  28. 18 U.S.C. § 2702 Providers generally cannot disclose contents of communications except in certain instances Stored Communications Act (18 U.S.C. § 2701) © 2010 Mudd Law Offices

  29. General Thoughts Harsher penalties when done for malicious purposes or commercial advantage Certain permission creates exceptions Stored Communications Act (18 U.S.C. § 2701) © 2010 Mudd Law Offices

  30. General Thoughts Provides exception for “the person or entity providing a wire or electronic communications service.” Thus, courts have been favorable to employers when e-mails occur on employer-created e-mail servers. BUT BE WARY…..MISPERCEPTION Stored Communications Act (18 U.S.C. § 2701) © 2010 Mudd Law Offices

  31. City of Ontario, California v. Quon, et al. SCA Question: In storing texts, was Arch Wireless acting as a “remote computing service” or an “electronic communication service”? If remote computing service, it could disclose, as subscriber was the City employer. Stored Communications Act (18 U.S.C. § 2701) © 2010 Mudd Law Offices

  32. City of Ontario, California v. Quon, et al. SCA Question: If electronic communication service, it could not disclose because the City was not an “originator or an addressee or intended recipient of such communication.” This is what Ninth Circuit concluded. Stored Communications Act (18 U.S.C. § 2701) © 2010 Mudd Law Offices

  33. Impact of Quon on Use of Employer Devices by Employees will continue…. Stored Communications Act (18 U.S.C. § 2701) © 2010 Mudd Law Offices

  34. Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030) Prevents Unauthorized Access or Exceeding Authorized Access to Computers in Variety Contexts - National Security - Financial Information - Information from Government - Protected Computer © 2010 Mudd Law Offices

  35. Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030) Protected Computer Financial Institution or related Interstate or Foreign Commerce 18 U.S.C. § 1030(e)(2) © 2010 Mudd Law Offices

  36. Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030) Protected Computer …… and Causes Damage © 2010 Mudd Law Offices

  37. Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030) Civil Remedy provision 18 U.S.C. § 1030(g) Anyone harmed BUT…. © 2010 Mudd Law Offices

  38. Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030) One of five types of damage Most Common (I) loss to 1 or more persons during any 1-year period (and, for purposes of an investigation, prosecution, or other proceeding brought by the United States only, loss resulting from a related course of conduct affecting 1 or more other protected computers) aggregating at least $5,000 in value; © 2010 Mudd Law Offices

  39. Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030) Also: affecting medical examination, diagnosis, treatment, or care physical injury to any person; a threat to public health or safety; damage affecting a computer used by or for an entity of US © 2010 Mudd Law Offices

  40. Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030) Must be Unauthorized Access Exceeding Authorized Access Key Question…. © 2010 Mudd Law Offices

  41. Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030) Snap-on Business Solutions Inc. v. O'Neil & Assocs., Inc. (N.D. Ohio April 16, 2010) (Examined Agreements, question of fact denied MSJ) LVRC Holdings LLC v. Brekka, 581 F.3d 1127 (9th Cir. 2009) (access not automatically unauthorized if disloyal) International Airport Centers, LLC v. Citrin, 440 F.3d 418 (7th Cir. 2006) (employee who violates duty of loyalty, no authorization) US v. Drew, 259 F.R.D. 449 (C.D. Cal. 2009) (violation of TOS not enough) © 2010 Mudd Law Offices

  42. State Statutes Utah Offenses Against Privacy 76-9-403 Privacy Abuse 76-9-403 Communications Abuse Interception of Communications Act 77-23a-1, et seq. Access to Electronic Communications 77-23b-1, et seq. © 2010 Mudd Law Offices

  43. Utah 76-9-402. Privacy Violation (1)A person is guilty of privacy violation if, except as authorized by law, he: (a)Trespasses on property with intent to subject anyone to eavesdropping or other surveillance in a private place; or © 2010 Mudd Law Offices

  44. Utah 76-9-402. Privacy Violation (1)A person is guilty of privacy violation if, except as authorized by law, he: (b) Installs in any private place, without the consent of the person or persons entitled to privacy there, any device for observing, photographing, recording, amplifying, or broadcasting sounds or events in the place or uses any such unauthorized installation; or © 2010 Mudd Law Offices

  45. Utah 76-9-402. Privacy Violation (1)A person is guilty of privacy violation if, except as authorized by law, he: (c) Installs or uses outside of a private place any device for hearing, recording, amplifying, or broadcasting sounds originating in the place which would not ordinarily be audible or comprehensible outside, without the consent of the person or persons entitled to privacy there. © 2010 Mudd Law Offices

  46. Utah 76-9-403. Communication abuse (1) A person commits communication abuse if, except as authorized by law, he: (a) Intercepts, without the consent of the sender or receiver, a message by telephone, telegraph, letter, or other means of communicating privately; [Illinois legislation] © 2010 Mudd Law Offices

  47. Utah 76-9-403. Communication abuse [the foregoing paragraph] does not extend to: Overhearing of messages through a regularly installed instrument on a telephone party line or on an extension; or Interception by the telephone company or subscriber incident to enforcement of regulations limiting use of the facilities or to other normal operation and use; or © 2010 Mudd Law Offices

  48. Utah 76-9-403. Communication abuse (b) Divulges without consent of the sender or receiver the existence or contents of any such message if the actor knows that the message was illegally intercepted or if he learned of the message in the course of employment with an agency engaged in transmitting it. (2)Communication abuse is a class B misdemeanor. © 2010 Mudd Law Offices

  49. Utah 76-9-401. Definitions (1) "Private place" means a place where one may reasonably expect to be safe from casual or hostile intrusion or surveillance. (2) "Eavesdrop" means to overhear, record, amplify, or transmit any part of a wire or oral communication of others without the consent of at least one party thereto by means of any electronic, mechanical, or other device. (3) "Public" includes any professional or social group of which the victim of a defamation is a member. © 2010 Mudd Law Offices

  50. Utah 76-9-401. Definitions (1) "Private place" means a place where one may reasonably expect to be safe from casual or hostile intrusion or surveillance. (2) "Eavesdrop" means to overhear, record, amplify, or transmit any part of a wire or oral communication of others without the consent of at least one party thereto by means of any electronic, mechanical, or other device. (3) "Public" includes any professional or social group of which the victim of a defamation is a member. © 2010 Mudd Law Offices

More Related