Do you or your employees check personal email from work computers? Probably so, as most of us do it at least occasionally. Are those personal emails actually private? The law in California is clear that employers can limit or even completely prohibit personal and Internet use on company computers. See TBG Ins. Servs. Corp. v Superior Court (2002) 96 CA4th 443, 452, 117 CR2d 155. But what if the employer does not prohibit employees from making personal use of its computers — does the employee have any expectation of privacy in emails sent from his or her personal email account while on the company computer?
Although no California case has addressed this issue yet, it seems that an employee may have a reasonable expectation of privacy in emails sent from his or her employer’s computer when the employer does not have a clear policy banning personal use of emails at work. This means that a clear employer policy on the issue can go a long way toward refining employees’ expectation of privacy in their personal email messages and thus minimizing employer exposure to litigation based on accessing these messages.
As Law.com reports, several recent court decisions have highlighted the need for employers to have clear policies on employee use of work-issued electronic devices. For example, in City of Ontario v Quon, the California Supreme Court held that a police officer did not have a right to privacy in personal text messages sent to and from a city-issued pager. Although this decision involved a public employer, Law.com notes that “the ramifications and lessons learned extend to private employers.”
When drafting an employer policy on the use of employer-issued electronic devices and computers, make sure to at least
- Clearly define which work devices and messages are covered by the policy;
- Address whether and the extent to which employees may use work devices for personal use;
- List any absolutely prohibited uses of work devices;
- Inform employees that the employer may monitor and log all work devices and accounts, as well as access and search work devices and accounts;
- State that employees have no expectation of confidentiality or privacy in messages sent over those devices;
- Provide for disciplinary action if the policy is violated; and
- Require employee signature acknowledging receipt of the policy.
On privacy issues relating to employee emails, as well as other workplace privacy issues, check out Privacy Compliance and Litigation in California, chap 8 (Cal CEB 2008). There is a sample Electronic Information Systems Policy in §8.73 of that book.
© The Regents of the University of California, 2010. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited.