It is no surprise with how plugged in we are to our cell phones, tablets, and laptops today that more and more emails are being subject to discovery in litigation and occasionally admitted into evidence. Both employers and employees should thus be wary about electronic communications.
To be sure, employers are increasingly being proactive in monitoring and capturing employee emails. From an employer perspective, monitoring employee email is one way to check up on employees and ensure they are doing what they are paid to do. From the employee’s perspective, ongoing monitoring can be oppressive and many employees do not know what employers can access or what could be discovered in the future. However, knowing what is and what is probably not accessible can help the individual employee maintain a level of comfort and privacy.
What Emails Are Legally Accessible?
As an employee, how do you know what emails can be accessed by your employer? The legal answer, of course, depends. If the issue is raised in court, the court may look at several factors, including the following:
- Does the company maintain a policy banning personal email?
- Does the company monitor the use of employee email or computer use in general?
- Can third parties access the employee work computer or work email?
- Has the employee been notified by the employer of its computer monitoring or email policies?
Indeed, these are questions the Eastern District of Pennsylvania relied on when deciding whether an employee’s right to privacy was violated. (Dombrowski v. Governor Mifflin School District).
In general, many employers have written policies that permit them to monitor your email. These policies often allow employers to access any information sent or received over the company’s server – including deleted messages!
While most employees assume that emails sent over the company server are subject to monitoring, employees often assume that since they log in with a private password, employers cannot access these emails. However, some employer policies essentially give them permission to access any emails stored on the employer server or on the employer device. Accessing private emails or texts over the company’s server can cause them to be stored in temporary files or on the hard-drive which can be discovered later. This remains true if it is a company issued mobile device.
Exceptions to Employer Access
There are a few exceptions to employer access to your emails. For example, if the employer does not have a policy allowing for access and allows employees to freely access private email over the corporate server, the law is unsettled as to whether this gives the employee some protection from intrusions unless there is some legitimate business reason. If an employee communicates over private email with an attorney, in many jurisdictions, a court is probably not going to allow the employer (or its attorneys) to intrude on historically protected attorney client communications. Yet, even within these areas of exception, the law is unsettled and employees should assume that their emails sent via a corporate server or on an employer device can be accessed by the employer and potentially third parties in the event of litigation.
What can I do to protect my emails?
The best rule of thumb is that if you want to keep it private, keep it at home. This becomes difficult, however, in a digital world where the workplace and home are increasingly interconnected. Workers often work remotely and often on employer-purchased devices. To keep communications private, employees should follow the following tips:
• Use your own device. The U.S. Supreme Court recently recognized that privacy interests can remain protected given the ubiquity of mobile devices. While an employer may be able to see some apps and perhaps even places you have been if you use your own IOS device over the employer’s Wi Fi; in general, the employer cannot access your private password protected emails. If the employer attempts to “intercept” private emails sent over Wi Fi on your own device, it could run afoul of the Electronic Stored Communications Act.
• Think before hitting send. Most people have come to realize that emails do not ever go away no matter how many times you delete them. If you think the communication could create an issue for you professionally or otherwise, don’t send it.
• Read the company’s policy. Many employees sign company policies without reading what they say. Be careful. Some companies even reserve their right to track everything you type on an employer device via a keystroke tracker or other technology. While this seems draconian (and you may not want to work with such a company), you may want to know just how far the employer is willing to go. For employers, for similar reasons, it may be prudent to give employees a reasonable idea of what can be monitored and accessed.
• Protect your most private communications. If you communicate with an attorney, a doctor, a financial advisor or a significant other in a digital way, do so over your own device and make sure it is a protected communication and perhaps an encrypted communication. Also, do not forward such communications to others. At my law firm, I increasingly discourage the use of email and, when I cannot meet with a client in person or speak with the client over the phone, I communicate with clients primarily over a password-protected Internet portal. Even so, I am continually looking for even more secure communication methods.
To some degree, it is unfortunate that privacy is being sacrificed in the digital world. Studies have shown that more privacy can give rise to greater creativity. Constant employer monitoring can also have a diminishing effect on morale and perhaps even productivity. The fear of knowing someone can be constantly looking over your shoulder can be oppressive and contrary to our American ideals. Nevertheless, unless and until the courts or legislature settle the law on some of these issues to preserve privacy rights, when it comes to digital interaction, it is better to be safe than sorry.