Thursday, September 11, 2014

Translegislation Update Vol. 2

Employers and the Stored Communications Act
Q: We’re just an average employer.  Should we worry about the Stored Communications Act?

A: First of all, you may want to work on that self-description just a little, particularly in your recruiting efforts. We’re sure you’re an exceptional employer.  But back to your question.  Yes, you should worry about the SCA.

Q: Why?

A: Well, it’s a federal law, and it applies to everybody everywhere in the US, including employers of all sizes and types (even average ones).  If you violate it, you can face civil and criminal penalties.  And it deals with unauthorized access to private electronic communication.

Q: So what’s that got to do with us?

A: Electronic communication goes on everywhere, including in your workplace.  If somebody gains unauthorized access to private electronic communication that belongs to your organization, that would be of concern to you and might violate the SCA.  Employers have to think about what they do, however, and not just what might be done to them. Here are a couple of examples of situations in which an employer’s access to an employee’s electronic communications raised SCA issues:
  • A New Jersey employee named Deborah Ehling posted some controversial comments on Facebook.  A coworker, who was a Facebook friend of Ehling’s, decided to provide management with a copy of the post. Ehling was suspended.  She was later terminated in complicated circumstances and brought several legal claims against the employer.  Among other things, Ehling claimed that the employer’s review of her Facebook post was a violation of the SCA.  The New Jersey federal district court found that the SCA does protect Facebook posts, but that because someone Ehling authorized to see the post (her coworker “friend”) was the employer’s source, there was no violation in this case.  If the employer had directly obtained access to her Facebook posts without her authorization, this decision suggests that the result would have been different and the employer might well have been found in violation of the law.
  • An employee in Ohio resigned and turned in a company smartphone.  Her former supervisor proceeded to review 48,000 emails in the employee’s personal email account, which could be accessed through the phone. A federal court in Ohio found that the supervisor’s review of the emails violated the SCA – but only as to his review of unread emails in the account.  (This related to the “stored” nature of the communication.)
Q: So what are you saying?  That we should be really paranoid about violating the SCA?

A: It’s hard to say.  Some courts have interpreted the SCA pretty narrowly.  The 5th Circuit Court of Appeals, which covers Louisiana, Mississippi and Texas, has held that an employer’s access to text messages and photographs stored on an employee’s personal cell phone was not a violation of the SCA.  Some states have passed laws that cover the same topic, and where such laws exist they may be more clearly relevant to an employer than the SCA.  But as long as the SCA is on the books, employers need to keep it in mind and be really thoughtful about accessing employee’s private electronic data.

Q: “It’s hard to say”??!  Are you always this helpful?

A: We try to be.

Posted by: Judy Langevin and Kate Bischoff