In John P. Mello Jr.’s blog post, “Peeking into employee’s email can be no-no”, John details a recent New Jersey court case involving the rights of a company to view the contents of an employee’s non-business related emails on the laptop issued to the employee after the employee had left the company.

In the court case, the trial court refused to require the employer, Loving Care, to return the emails to the employee’s attorneys. A judicial panel had upheld a lower court’s ruling that it was allowable for the company to access the employee’s email communications between the employee and her attorney.

Later, however, an appellate court reversed the lower court’s decision and held that the employee had not waived their attorney-client privilege.

As it turns out, the laws regarding email privacy vary not only at state level but also at the federal level. For example, if one of the employees in your company sends an email from their state to someone else in another state the question could come up – which state’s email privacy laws supersedes the other state’s email privacy law? As it happens, what might be considered legal to read in one state might, in another state, be considered illegal and unjustified to read.

According to the State of California Online Privacy Protection Act (OPPA) of 2003, companies which operate commercial websites must disclose their privacy policy with regard to what data they might collect and share with other organizations. That data could theoretically include the contents of email messages that pass through their servers.

Continue reading Employee Email Privacy Considerations

There’s a bank clerk in Wyoming who is in deep trouble with the boss. According to news reports, an employee of a bank in Wyoming sent an email that contained customer data to the wrong recipient’s Gmail account. The employee of Rocky Mountain Bank made two critical errors: First, they sent it to the wrong address, and second, they attached a file with sensitive information that should not have been attached.

According to news reports, the employee, realizing they had sent it to the wrong address, tried to “recall” it after sending it. Huh?? How long has this employee been using email? Just about anybody that isn’t living in a cave knows that you can’t recall an email once you’ve sent it out. That’s why standard procedure should include at least a quick once-over of the contents and recipient list before hitting the “send” button.

The attachment that was sent contained customer information, including social security numbers and loan data.

Continue reading Bank learns its lesson, you can’t recall email