The Legality Of Employee Monitoring | Position Paper
This paper discusses the legal aspects surrounding employee monitoring in the USA and other countries as well.
Table of Contents
- Summary and Background
- Distinction between Federal and State Laws
- Best Practices
- Relevant Supreme Court Ruling
- Employee Monitoring Software Comparisons
Summary and Background
This Whitepaper discusses the legal aspects surrounding employee monitoring in the USA and other countries as well.
This paper also reviews some of the basic advice that has been given to companies (from some well know sources which are cited below) on how to monitor employees’ emails without violating the employee’s expectation of privacy and privacy rights.
Yes, as you likely already know, employee monitoring has become common practice in the USA and is growing in popularity worldwide as you can see here noted recent news in Paris, France Supreme Court:
http://rt.com/news/234347-french-court-workers-texts/
According to this ruling, employee text messages sent or received through a work phone “are assumed to be of a professional nature,” All messages can be viewed and even taken to court “for legitimate reasons,” especially if they contain insults or allegations of suspected employee fraud or breach of confidentiality.
How about in Canada?
“Yes, monitoring employees electronic communications is legal and quite common in Canada” and similarly, “It is also legal in Canada hire a private investigator to spy on an employee who says he or she is too sick to work”, Said Daniel A. Lublin is a partner at Whitten & Lublin, representing both employers and employees in workplace legal disputes.
By way of background in the USA:
The 1986 Electronic Communications Privacy Act (ECPA) prohibits unauthorized interception of electronic communications including e-mail; however, the law specifically exempts service providers.
Therefore, the U.S. Courts have commonly interpreted this to “include” employers who provide e-mail and Internet access, according to David Sobel, attorney for the Electronic Privacy Information Center in Washington, D.C.
According to a recent survey taken by Quicktake ClickZ Incisive Media Plc 62% of employers monitor their employees’ electronic communications.
However, Michael Overly, Author of E-policy SciTech Publishing found that only 60% of the employers who monitor employees’ communications actually have a written policy in place.
Despite the above, there has been a 3000% increase in seemingly frivolous violation of privacy lawsuits filed over the past decade by disgruntled ex-employees!
Sadly, in 2014 for just $100 a disgruntled ex-employee could file a lawsuit and try to seek additional compensation from your company in this illicit manner.
As can easily be concluded from the long history of court cases, employers have successfully protected themselves from these frivolous claims time and time again simply by implementing a sound email policy notification in their employee handbook.
Federal and State Law
It is important to make two basic distinctions concerning the general legality of email monitoring in the USA.
Distinction one; being the differences between the two, namely Federal law, tends to be more biased towards the employer, and individual state by state laws, which are usually the opposite.
Under Federal Law the Electronic Communications Privacy Act (ECPA) allows companies to monitor employees’ emails when one of three (3) basic provisions is met:
- One of the parties has given consent
- There is a legitimate business reason to do so
- The company needs to protect itself and/or its Intellectual Property
Even though the ECPA requires one of these basic provisions to be met, under federal law companies are generally allowed to monitor employees’ electronic communications.
In July 2000 legislators proposed the Notice of Electronic Monitoring Act to amend the 1986 ECPA in which employers would “be required to notify new employees of any electronic monitoring and provide annual notice of the same to all employees”. In this proposed amendment; Employers that failed to inform employees of email monitoring “would face civil suit damages of up to $20,000”.
However, this proposed regulation was never promulgated and since September of 2000 there has been no further mention of this act whatsoever.
That being said; even without the introduction of this new bill, disgruntled ex-employees are of course free to seek compensation through state law, where the legality of electronic monitoring is not as clear cut as it is under federal law.
If your company has no email policy in place, and no employee handbook, etc. an employee could argue that he or she had a reasonable expectation of privacy that was violated.
However, if your company has implemented a simple written email policy where employees are informed about the possibility of monitoring and warned that they should have no expectation of privacy, your company is protected from this type of privacy claim by both State and Federal Laws!
Distinction Two; The Difference between email auditing and email interception; email auditing (sometimes called email monitoring), is where emails are checked after the actual transmission, and email interception (sometimes called email filtering), is where email is actually intercepted and checked during the transmission.
Several court cases have upheld that checking email after transmission is legal (i.e. email auditing), since it is viewed “as essentially no different than searching through a file in an employee’s drawer”.
For instance in a criminal case against a CIA employee charged with receiving inappropriate emails (United States v. Mark L. Simmons), the court ruled that the viewing of personal email communications did not violate federal wiretapping laws, since the email was not viewed while it was being transferred but was first recorded and obtained from storage.
Email interception is not as clear-cut as email auditing.
However, many cases in the U.S. Courts have proven that most forms of email interception are permitted “if this is done in a reasonable manner and is backed up by a monitoring policy”, as can be seen in the Nissan and Pillsbury case: Nissan Motor Corporation fired two employees after they had been caught sending sexually explicit emails.
The employees took Nissan to court (Bourke v. Nissan) claiming unfair dismissal and violation of privacy. However, since the company had an employee monitoring policy in place and had explicitly stated that employees’ emails and text messages would be monitored, the court ruled in favor of Nissan!
In another case; (Smyth v. Pillsbury Company) an employee was fired for communicating unprofessional comments over the company’s email system. The email allegedly contained threats to “kill the backstabbing bastards” in sales management, and referred to the upcoming holiday party as a “Jim Jones Koolaid affair”.
When the employee claimed that the company had violated privacy laws, the court concluded that “no reasonable person would consider the interception to be a highly offensive invasion of privacy, and that the company’s interest in preventing inappropriate or unprofessional comments or illegal activity outweighed any privacy interest”.
So, does this mean that email monitoring is 100% legal?
“The answer is yes”, Said, Mark S. Dichter and Michael S. Burkhardt of the law firm Morgan, Lewis & Bockius In a presentation on employee monitoring, where he explained that the courts have continually recognized and reinforced the legality of Employers’ implementing Employee Monitoring Software Solutions.
Best Practices
“As a “best practice” your company should be certain that it has implemented a written email policy in which employees are warned that their emails can be monitored and that they should have no expectation of privacy”, Said Mark S. Dichter and Michael S. Burkhardt of the law firm Morgan, Lewis & Bockius.
Not only will the existence of an email policy help you in a court of law, it will also educate your employees in the usage of email and may prevent many of the issues you were trying to prevent or deter by monitoring their communications in the first instance.
Make sure that the email policy is properly communicated to all staff and that any updates are circulated amongst all employees. It is preferable to have employees sign the email policy, including any additions to it, to prove that the employee has agreed to abide by the rules.
Furthermore, email monitoring must be “applied as uniformly as possible”, since singling out an individual without a clear reason to do so could subject the company to discrimination claims.
It is important to include a note in your email policy stating that although the company might perform monitoring, it is “not obliged to monitor emails”.
Failure to include this clause could be interpreted as a commitment from your company to protect your employees from all harmful and inappropriate emails. Were an inappropriate email to slip through, an employee could technically sue your company for failure to protect him or her from offensive communications.
Take reasonable actions; remember though that even while employee monitoring is allowed, employers should still take care when taking action based on what is found.
The City of Scottsdale faced paying out damages of $300,000 after it dismissed an officer for sending out a sexually offensive email to a colleague. The officer had just received a promotion and had sent an email to a female coworker asking if she “would sleep with him now that he was promoted”. Even though the recipient was a close friend of the officer and found the message amusing instead of offensive, the police department removed the officer from the promotions list and after several disputes ended up firing him. The officer sued the police department and was awarded $300,000 in damages.
So the bottom line is, if you perform email monitoring and do not yet have an email policy in place, it is strongly advisable to implement a policy without delay.
Not only will this protect you from privacy claims, it makes good sense to document your company rules and communicate these to your employees.
After all, how can you expect employees to know how to behave if you don’t tell them what you deem to be appropriate usage of your system?
If your company does not monitor email and text messages, nor have an employee monitoring solution in place, it is time to seriously consider implementing one. Without this basic preemptive measure, companies face serious legal and business threats from rouge employees.
Relevant Supreme Court Ruling
“Employees’ text messages are open to company scrutiny”. The Supreme Court ruled unanimously!
City of Ontario California v. Quon: http://www.supremecourt.gov/opinions/09pdf/08-1332.pdf
“Employers have the right to read text messages – including personal ones sent by workers if they have the reason to believe that workplace rules are being broken”.
The ruling went on to say; “Cell phone and text message communications are so pervasive that some persons may consider them to be essential means or necessary instruments for self-expression, even self-identification. That might strengthen the case for an expectation of privacy. On the other hand, the ubiquity of those devices has made them generally affordable, so one could counter that employees who need cell phones or similar devices for personal matters can purchase and pay for their own.”
This Supreme Court’s ruling overturns an earlier decision by the Ninth Circuit Court of Appeals in a case involving a California police officer who claimed that his supervisors’ search of his text messages violated his Fourth Amendment rights.
The officer was using a city-issued pager to send sexually explicit messages. In the case, Quon sued the city, its police chief, and the police department, alleging that the pager search was unreasonable.
The suit argued that when Quon and the other officers received their pagers, the city didn’t have a text-message policy.
The city did, however, have official policies about general computer, Internet, and e-mail usage – and the policies limited the use to official purposes.
Specifically, the city’s contract with Arch Wireless allowed each pager 25,000 characters per month. Police officers who went over the limit – of which Quon was one, with 400 of 456 messages being personal in one month – could pay the extra usage charges to avoid being audited.
Quon’s department claimed they discovered the sexually explicit text messages when they conducted a review of pager use to see whether the 25,000-character limit was enough for official purposes.
In the case, Quon argued the messages were private, while the city countered that the text messages sent on department pagers could be subject to public disclosure requests under the California Public Records Act.
The Supreme Court further ruled that the search of his messages was justified because the city and the police department had a “legitimate interest in ensuring that employees were not being forced to pay out of their own pockets for work-related expenses, or on the other hand that the City was not paying for extensive personal communications.”
The ruling continued: “The fact that the search did reveal intimate details of Quon’s life does not make it unreasonable, for under the circumstances a reasonable employer would not expect that such a review would intrude on such matters”.
This is because most privacy laws are not absolute or black and white. They have exceptions and exemptions – and simply don’t apply to the vast majority of employees.
Employee Monitoring Software Comparisons
After a detailed and painful analysis of the available employee monitoring solutions performed by several members of our technically proficient Customer Support Team, it has been determined that KnowIT, a Cloud Based Employee Monitoring Software owned by Digital Endpoint™, a preeminent software company that services businesses around the globe just like yours, is hands down, the best employee-monitoring software program available in the market!
The table below lists the products we tested and points out some of the pertinent information about each one.
KnowIT has given a whole new meaning to the term “Employee Monitoring” and has given birth to a revolutionary new concept best defined as a “Business Optimization Solution”!
KnowIT has incorporated proven Employee Productivity, Time & Attendance and Data Loss Prevention methods into its overall monitoring solution.
KnowIT is the only product available that allows you to seamlessly monitor PC, Mac, Laptops, Tablets and Smartphones together on one platform;
And it lets you monitor your employees in real time, giving you monitoring access from anywhere in the world from any web-enabled device, since it is a cloud-based solution.
Compared to the other employee monitoring programs we reviewed, KnowIT has far more monitoring features and control functions, providing you with the valuable and essential tools that you need to protect your business.
The incredibly easy-to-use monitoring dashboard, the efficient customer service team, low monthly fees and a worry free guarantee, make trying it out for your business a no brainer!
All employee-monitoring systems track websites that are accessed and show you the URLs and the times they were visited. But, KnowIT shows you keystrokes so you can actually track word searches, and review which employees are browsing what sites.
You can be alerted when restricted websites are accessed, including social media pages, or when keywords are entered into a search engine. You can use KnowIT to see if employees are playing online games, searching for other jobs or checking out the competition.
This program monitors all chat and an email message to ensure that sensitive information isn’t being shared without proper authorization.
You can see when documents and files are accessed and attached to outgoing email. The keystroke logger shows you the content of each message and attaches it to the sender so you know exactly what your employees are up to.
If files or documents are deleted, you are notified. If deleted documents are retrieved, you are notified. You also receive notice if critical data is saved to an external device, including USB drives. This means that it is difficult for any worker to try and sneak sensitive information offsite.
KnowIT monitors in real time, so you can see activity as it is happening. It also collects screenshots, records information tracked and keeps it safe on KnowIT’s Standard Cloud, so you can view and analyze the information later.
One of the most powerful tools KnowIT provides you with is the ability to track employee attendance and idleness. This means if a worker opens a website or application, the program is able to tell if the employee is truly engaging in reading or researching content on the page or if the computer has been left idle with the appearance of working. This is not a common feature among employee-management programs and is an impressive one that KnowIT offers.
Monitoring employee activity and productivity is an important part of employee monitoring software. However, KnowIT goes above and beyond basic tracking and even gives you tools to help eliminate the temptation!
With this program, you can monitor the exact location of a salesman live or by viewing the recoded history and you can do a comparison to confirm that in fact all of the scheduled sales meetings happened on time, etc.
If you’re concerned about sales compliance or loyalty simply turn on the ambient recording or room surroundings listening to hear exactly what is being said live during the meetings.
KnowIT was by far the leader with regards to its Customer Support and Live Chat Support.
KnowIT was very easy to install and use.
Businesses just like yours are using KnowIT to provide them with comprehensive employee monitoring tools that they need to maximize their employee productivity, protect their organization from insider threats and ensure compliance with their most important policies!
The cost of implementing and maintaining KnowIT to protect a corporation from internal threats is far less than the loss from even one small incident!
Learn more about KnowIT: www.digitalendpoint.com
Digital Endpoint™ – KnowIT Features:
