Peeking into employee’s email can be no-no

peek emailPeeking into an employee’s Web mail accessed on a company computer during work hours can be illegal–at least in New Jersey, according to that state’s Supreme Court. In a 7-0 decision, the judicial panel upheld a lower court ruling that sanctioned a company for collecting email messages between an employee and her attorney stored on the employee’s company computer.

“Finding that the policies undergirding the attorney-client privilege substantially outweigh the employer’s interest in enforcement of its unilaterally imposed regulation, we reject the employer’s claimed right to rummage through and retain the employee’s emails to her attorney,” the appellate court ruled in its decision upheld by the state’s high court.

The case involved Marina Stengart, the former executive director of nursing at Loving Care, a home health care provider located in Bergen county. After resigning from Loving Care, she filed a discrimination lawsuit against the company.

Loving Care issued Stengart a notebook computer when she worked for the company. She had a work email account, as well as personal Yahoo! mail account. Prior to resigning, she used the Yahoo! account to communicate with her attorney about her potential lawsuit. The Yahoo! emails were stored on her company computer.

After Stengart filed her lawsuit, Loving Care made a copy of the information on her laptop’s hard drive. When examining that copy, lawyers for the company discovered the correspondence between Stengart and her attorney, which they later used in court proceedings.

Stengart’s lawyer tried to restrain Loving Care from using the correspondence, but the trial court judge refused to do so. He reasoned that the emails were not protected by attorney-client privilege because the company’s electronic communication policy gave Stengart sufficient notice that her correspondence would be treated as company property.

In reviewing the trial judge’s opinion, the appellate court found defects in the Loving Care’s electronic communication policy that undermined its claim that all employee email was company property.

Stengart, in her defense, claimed she wasn’t aware that such a policy existed for executives. Even if it did exist, she argued, it was never enforced.

The company countered that the language is in the company’s handbook and there are no exceptions for any employee in that language.

Problem was, the appellate court pointed out, there appeared to be several versions of the policy floating around during Stengart’s tenure at the company, which suggested the rules were a work in progress and not a firm regulation.

“We are immediately struck by the fact that the record on appeal contains multiple versions of an electronic communications policy,” the appellate judges wrote, “and that there is a lack of certainty exhibited by the record as to which, if any, version of the policy may have actually applied to employees in [Stengart’s] position.”

“This uncertainty regarding the foundation for the company’s position dovetails and supports [Stengart’s] argument that drafts of at least five separate handbooks were under discussion and that no definite, applicable policy was in place by the time she resigned from the company,” they added.

What’s more, they pointed out, the policy provides for “occasional personal use” of email by employees. “An objective reader could reasonably conclude…that not all personal emails are necessarily company property because the policy expressly recognizes that occasional personal use is permitted,” they wrote.

“In short,” the judges added, “although the matter is not free from doubt, there is much about the language of the policy that would convey to an objective reader that personal emails, such as those in question, do not become company property when sent on a company computer, and little to suggest that an employee would not retain an expectation of privacy in such emails.”

Although in this case, it seems Loving Care’s careless handling of its electronic communications policy led to its rebuff by the court, some red flags were raised by the judges that should concern email administrators.

“Today,” they wrote, “many highly personal and confidential transactions are commonly conducted via the Internet, and may be performed in a moment’s time.”

“With the touch of a keyboard or click of a mouse,” they continued, “individuals may access their medical records, examine activities in their bank accounts and phone records, file income tax returns, and engage in a host of other private activities, including, as here, emailing an attorney regarding confidential matters.”

“Regardless of where or how those communications occur, individuals possess a reasonable expectation that those communications will remain private,” they declared.

They went on to say, “A policy imposed by an employer, purporting to transform all private communications into company property–merely because the company owned the computer used to make private communications or used to access such private information during work hours–furthers no legitimate business interest.”

Written by John P Mello Jr

John Mello is a freelance writer who has written about business and technical subjects for more than 25 years. He is frequent contributor to the ECT News Network and his work has appeared in a number of periodicals, including Byte magazine, PC World, Computerworld, CIO magazine and the Boston Globe

Leave A Reply