Posted on April 27, 2010 by Bret Cohen

U.S. Supreme Court Hears Oral Arguments in Texting Case

Thanks to Elizabeth Khalil in the Hogan & Hartson privacy group for providing this report.

On April 19, 2010, the U.S. Supreme Court heard oral arguments in the case of City of Ontario v. Quon, a Fourth Amendment privacy case on appeal from the Ninth Circuit.

The argument centered primarily on the first of three questions presented in the case:  whether a police officer had a reasonable expectation of privacy in text messages transmitted on his official police department pager given the circumstances.  Specifically, his employer, the city government, had articulated a general policy stating that employees should have no expectation of privacy in their e-mail and Internet usage on official systems.  However, Quon understood the police department to have an informal policy that it would not read the personal text messages of officers who paid for additional text message volume on their pagers to allow for personal use.  The officer in question, Jeff Quon, was a SWAT team member who paid for such personal use of his official pager, from which he sent personal messages to his wife, girlfriend and others.  Department officials accessed Quon’s messages as part of an audit.  In the course of reviewing the volume of the messages, obtained from the city's wireless provider, they came across the personal (and, at times, sexually explicit) content of the messages Quon sent.

At oral argument, Chief Justice John Roberts seemed somewhat sympathetic to the notion that the department had given Quon the impression that as long as he paid for personal use of his pager, “it would be reasonable for him to assume that private messages were his business.”  Overall, however, the Court appeared skeptical of Quon’s claims.

There were two other questions presented in the case that were not the focus of oral argument:  whether the Ninth Circuit contravened the Supreme Court’s Fourth Amendment precedents and created a circuit conflict by analyzing whether the police could have used less intrusive methods of reviewing the text messages, and whether individuals who send messages to a police officer’s pager have a reasonable expectation that their messages will not be reviewed by the recipient’s government employer.  

The justices also touched upon what, if any, bearing statutes such as the Stored Communications Act (SCA) should have on the Fourth Amendment's concept of reasonable expectation of privacy, although the SCA was not an issue before the Court.  It was, however, a subject of Quon’s suit at the district court and appeals court level, where he had named the wireless provider as a defendant.  In Quon v. Arch Wireless, the Ninth Circuit held that Arch Wireless had violated the SCA when it provided the text transcripts to the police department. T he actions of Arch Wireless were not at issue in the Supreme Court appeal.

Tags: , , , , ,
Posted on April 5, 2010 by Bret Cohen

New Jersey Ruling in Favor of Employee's E-Mail Privilege Claim Suggests Amendments to Corporate Monitoring Policies

On March 30, the New Jersey Supreme Court issued its opinion in Stengart v. Loving Care Agency, Inc., in which it unanimously held that the attorney-client privilege applied to e-mails sent by an employee using a personal, web-based e-mail account to her personal attorney on an employer-provided laptop, even though the employer had a general policy stating that the employee should have no reasonable expectation of privacy in the communications sent over company equipment.

The plaintiff, a nursing manager at Loving Care, was preparing for employment discrimination litigation against her employer when she sent e-mails to her attorney about the case using a personal, password-protected, web-based e-mail account from Yahoo from her employer-issued laptop.  In anticipation of discovery, Loving Care hired a computer forensic expert to recover all files stored on the laptop, and the expert turned up copies of some of the e-mails that, unbeknownst to the plaintiff, her web browser had automatically saved to the computer's hard drive.  Loving Care's attorneys reviewed the e-mails and used information from them during discovery, which was revealed to the plaintiff's attorney later in the case, who then sought to have them returned under the attorney-client privilege.

Loving Care argued that its electronic communications policy, which allowed employees incidental personal use of its computer systems but reserved the right to "review, audit, intercept, access, and disclose all matters on the company's media systems and services at any time, with or without notice," eliminated any expectation of privacy the plaintiff might have had in the e-mails stored on the computer.  Nevertheless, the court found that the plaintiff had a reasonable expectation of privacy for three reasons:

  1. The plaintiff had a subjective expectation of privacy due to the fact that she used a personal, and not the company, e-mail account to send the messages to her attorney, and did not store her password on the computer.
  2. The plaintiff's expectation of privacy was objectively reasonable, given that her employer's policy did not address the use of private web-based e-mail accounts, even allowing incidental use of employer computers to send and receive personal e-mail.
  3. Most importantly, the e-mails clearly were subject to the attorney-client privilege, and contained a standard warning that their contents were confidential and subject to the privilege.

The court went on to hold that, given the public policy concerns underlying the attorney-client privilege, "even a more clearly written company manual -- that is, a policy that banned all personal computer use and provided unambiguous notice that an employer could retrieve and read an employee's attorney-client communications, if accessed on a personal, password-protected e-mail account using the company' computer system -- would not be enforceable."  The court, however, noted that an employee could still be sanctioned under an employment policy for spending excessive time communicating with a personal attorney during the work day, though the employer should still not be able to access the content of the communication.

The court  zeroed in on the attorney-client-privileged nature of the e-mails, and the privilege played a large role in the final disposition of the case.  The court did not address whether Stengart would have had a reasonable expectation of privacy with respect to personal e-mail communications with a non-lawyer.  Nor did the court suggest that Stengart had a cause of action against her employer for an invasion of privacy, which would have required a showing that the e-mail review was "highly offensive to a reasonable person".  The issue was whether a discovered e-mail communication deserved protection under the attorney-client privilege.

While limited in jurisdictional breadth to New Jersey, Stengart is one of the first cases of its kind, and courts in other states could be tempted to follow it .  This could especially be the case as employee use of personal, web-based e-mail in the workplace becomes more common, with many employers relaxing their electronic communications policies to allow for "incidental" use of employee computer systems for personal reasons.

 Thus, the case suggests the following:

  • Make clear in an acknowledged policy that employees have no expectation of privacy in their use of company computers, whether connected to the network or not, even where "incidental" personal use is allowed.
  • Make clear in such a policy that employers retain the right to monitor employees' use of employer resources, including the sending and receiving of personal, web-based e-mail, and explain  that e-mails sent through a personal web-based e-mail account can end up being stored on company equipment and suject to review consistent with state law.
  • Prohibit the use of company resources to communicate with a personal lawyer and advise employees that they can be disciplined for violations (and all violations of the electronic resources policy).  Companies are not required to allow employee use of company equipment to plan litigation against the company.
  • For employers that permit "incidental" personal use of computer systems, emphasize that any use of company computers or electronic resources that rise above the level of "incidental" personal use and affect employee productivity can lead to sanctions under the policy, though this provision must be enforced uniformly and in a non-discriminatory manner.
  • Instruct company employees who monitor electronic communications not to review personal attorney-client privileged communications but, rather, to bring such communications to the attention of in-house counsel to review in accordance with the applicable ethical rules regarding waiver.

While Stengart is noteworthy, it did nothing to fundamentally alter the well-established principle that employers retain the right to monitor employee use of company equipment and that they can , through a well-crafted policy, reduce employees' privacy expectations.

 

 

 

Tags: , , , ,
Posted on December 22, 2009 by Bret Cohen

Supreme Court to Decide Reasonable Expectation of Privacy in Text Messages on Employer-Provided Devices

On December 14, the Supreme Court granted certiorari in City of Ontario v. Quon, a case that could set the parameters for the rights of employees in the workplace to privacy in their electronic communications, or just as easily be narrowly resolved on constitutional grounds with little implications for private employers.

Quon, an officer with the Ontario, California Police Department, was discharged after his employer searched the records of his city-issued pager and found personal and sexually explicit messages between Quon, his wife, his girlfriend, and a co-worker.  Though the city had a policy that it could monitor all employee electronic communications for inappropriate use, Quon's supervisor had communicated an informal policy under which the supervisor would not review the contents of text messages so long as officers exceeding their monthly allotment paid the difference.  Quon had paid the difference in every month that he had exceeded his allotment.

Notwithstanding this informal policy, the police department, as account holder, requested a copy of certain text message transcripts to determine why officers were exceeding their message limits, and discovered Quon's messages.  After being discharged, Quon sued his public employer for a violation of his Fourth Amendment rights, claiming that his supervisor created a constitutionally cognizable reasonable expectation of privacy in the messages by informally mentioning that they would not be reviewed.  In addition, Quon sued the telecommunications provider, Arch Wireless, under the federal Stored Communications Act ("SCA"), which prohibits electronic communication services, which transmit electronic communications such as e-mails and text messages, from disclosing these messages to anyone except to the sender, to the recipient, or in other limited circumstances.

Though the district court ruled against Quon on all claims, the Ninth Circuit reversed, finding that Quon and the recipients of the text messages had a reasonable expectation in the privacy of their messages, as guaranteed by the supervisor's informal policy.  It also ruled that the telecommunications provider violated the SCA by disclosing the content of the communications to the city which, despite being the actual subscriber to the text messaging service, was not the technical "sender" or "recipient" of the text messages.  The Ninth Circuit denied a review of the case en banc, over the dissent of seven circuit judges.

Though Supreme Court will determine whether the search of the text messages violated the Fourth Amendment, it could be important to private employers given that state law privacy rights are governed by an often-overlapping "reasonable expectation of privacy" standard.  Currently, many  employers, like the city of Ontario, institute policies expressly disclaiming any potential right to privacy in their employees' electronic communications using company resources.  The disciplinary force of employment policies can be weakened by inaction or inconsistent application, but there would be serious implications for employers if they could also be affected by conflicting representations by low-level managers that are not sanctioned by the company.

The Court will also review whether the city was required to abstain from reviewing the content of the text messages in favor of non-content information that could have revealed the information about pager use for which it was searching, and whether the recipients of the text messages -- Quon's wife, girlfriend, and co-worker -- had their constitutional rights violated by the city's search.

Though this case might provide some pause for employers, this Supreme Court's grant of certiorari in a Ninth Circuit case creating new case law contrary to that of other circuits, over the dissent of a number of their conservative colleagues, seems ripe for overturning.  Nevertheless, it remains good law in the Ninth Circuit and is potential fodder for other employment lawsuits until and when the Supreme Court issues a decision in the case.  The more permanent and significant result of this appeal could be the Court's denial of certiorari on the SCA issue, leaving as good law in the Ninth Circuit that electronic communication services cannot disclose the content of stored messages to organizational clients without the specific approval of the person either sending or receiving a particular message.  Employers, especially in the Ninth Circuit, should amend their electronic communications policies to receive authorization from employees to review e-mails, text messages, and other electronic communications stored remotely by the vendors that process these messages, especially as more employers migrate their e-mail and other services to servers not owned or operated in-house.

Tags: , , ,