Social Media Privacy in The Workplace: Is There Any?

Caucasian mid-adult man with hands on hips looking over shoulder of woman sitting at computer. But what about my right to privacy?  Employment lawyers hear this question a lot.  We hear it when an employee is being questioned about his internet use at work.  We hear it when an employee gets caught posting about how much fun it is being at a baseball game on a day she called in sick.  We hear it when an employee sends a sexy text using a work-provided smartphone.  And, we hear it during employment litigation when employees want to prevent an employer from obtaining texts, posts, pictures, and status updates during discovery.  We hear that question a lot.

What is the correct answer to such a ubiquitous question?  As lawyers like to say, “It depends.”  If there is a specific law prohibiting some type of employer monitoring (like the new law in Maryland regarding social media monitoring I wrote about in May), then the answer is relatively simple.  The law tells employers what they can and cannot do.  So, for example, Maryland employees are not required to provide their employer access to their social media accounts (except in limited circumstances).  Unfortunately, however, the number of specific laws on workplace monitoring/privacy is small.  And, thus,  “it depends” arises quite frequently.

What Is A Reasonable Expectation of Privacy?

In these situations, an employee’s right to privacy is governed by an amorphous standard that focuses on an employee’s “reasonable expectation of privacy” in the workplace.  Chief Judge Alex Kozinski, of the U.S. Court of Appeals for the Ninth Circuit, recently spoke about this topic at a Stanford Law Review Symposium, and his presentation, titled The Dead Past, has been published by the Stanford Law Review Online.  The Chief Judge dissected the notion of what is a “reasonable expectation of privacy” and how it is changing rapidly due to technology and everyone’s use of it.  While his article did not focus specifically on social media and employment law, it does raise some very thought provoking questions about our society’s expectations of privacy, and those expectations help define what is, or is not, considered private in the workplace.  I am simplifying, but the Chief Judge essentially advances the notion that we (everyday people), and not the government, nor “Big Brother,” are eroding the expectation of privacy.  For example, we have sensitive (private) conversations on cell phones in restaurants, walking down the street, and at airport lounges.  We check-in, and update our status, and silly videos without much thought to the permanency and widespread distribution of such content (even if your “privacy settings” are “on”).  And, as the Chief Judge notes, we post details of sexual affairs and go on national television to talk about them openly.  Technology is leading us away from private one-on-one discussions.  Instead, technology is helping all of us broadcast too much information.  And, a potential consequence of such TMI is the erosion of the expectation of privacy.

What Can Employers Do, And How Do They Do It Lawfully?

Employers have a legitimate interest in making sure their employees are working during work time, being productive, and using company-provided computers/equipment for legitimate business purposes.    Today, some employers block all access to non-work related websites.  So if your job does not require you to be active on Facebook, Twitter, Google+ or LinkedIn, etc., some employers block access to such sites along with many others.  Some employers also deny workplace computer access to email run through third-parties, like Gmail, Yahoo! and Hotmail.

A greater number of employers, however, do not block such sites and email services, but rather maintain the option to monitor employee computer, internet, and telephone use.  And, they do so lawfully because they tell their employees that they should have no expectation of privacy.  Generally, employers have a great deal of latitude monitoring their employees, if done for legitimate reasons, and done in as limited a way to achieve thse legitimate reasons.   Employers have policies that make clear in no uncertain terms that when an employee uses company-provided computers, internet access, or other property, the employee consents to being monitored.  These policies are generally found to be lawful, particularly when the employer owns the computers/equipment and/or the email system/internet access.  Furthermore, employees usually acknowledge their understanding of such policies by signing an acknowledgement form about the specific policy, or about an entire Employee Handbook that includes such provisions.  With such knowledge, employees have difficult, and usually unsuccessful, arguments that their use of their employer’s computer system for personal reasons during work is protected by their right to privacy.  Simply, they should have had no expectation of privacy because the employer’s policy explicitly said as much.  Whether an employer actually monitors all such activity is another question, and there are limits on all of that.  The important take away here, however, is that if an employer promulgates properly drafted policies and notices, employees should not consider anything done using company-provided tools to be private.

The case law around the country continues to develop on issues of employer monitoring and employee privacy.  For example, the U.S. Supreme Court, in June 2010, unanimously held that a search of a police officer’s personal messages on a government-owed pager did not violation his constitutional right to privacy.  (City of Ontario v. Quon).  The Supreme Court determined that the search was motivated by legitimate business reasons, and thus, the employer did not violation the employee’s right to privacy when it discovered the sexually explicit text messages he had been exchanging.  Other cases have examined the issues of whether an employee has differing expectations of privacy while using his company’s computers to send emails from his work email account versus using his company’s computers to send emails from a third-party email provider (like Gmail).

While the case law works its way through the courts, employees should see if their employers have done the following (and employers are advised to do the following):

  • Prepare a comprehensive computer (and other electronic devices) use policy for employees
  • Explain that an employee’s use of such company-provided equipment for personal use is voluntary
  • Obtain an employee acknowledgement of understanding and compliance
  • Only monitor activity based on legitimate business reasons
  • Update such policies as technology advances
  • Apply the policies consistently and train managers/supervisors on the scope and enforcement of such policies

An employee’s right to privacy while at work is limited.  Employees should take care in how they use employer-provided equipment and systems, and frankly, wait until they get home to post something on Facebook, or to tweet (unless you want your employer to have access to your online activities).  And, employers should be cautious too.  While employee monitoring is generally permissible, it does not mean you should routinely do it, nor does it mean, as the National Labor Relations Board advises, you can always take action on something posted by an employee at work.

Information provided on this website is not legal advice, nor should you act on anything stated in this article without conferring with the Author or other legal counsel regarding your specific situation.


About the Author:

James Wu

This monthly Social Media and Employment Law column is contributed by James Y. Wu. For over 15 years, James has provided day-to-day counseling and advice to employers regarding compliance with employment laws and reducing the risks of employment-related claims and lawsuits. He also provides strategic litigation services when claims and lawsuits do arise. After practicing at some of the nation’s leading law firms, James opened his own law office in order to continue to provide his top-notch service at a much more reasonable rate for his clients. James earned his JD from Boston College Law School and both his BA and MA from Stanford University. +James Wu

Experts Connection - Facebook

Please Leave a Comment!