Can you look at an employee’s personal email account if you access it on company equipment? A recent opinion from the federal District Court of Maryland should at least make you think twice before doing that. In Levin, et al. v. ImpactOffice, the court denied a company’s motion to dismiss a former employee’s Stored Communication Act (SCA) claim, which arose out of just such a scenario. The court found that former employee Melissa Edwards could proceed with her claim because the accessed emails were retained on Gmail’s servers “for purposes of backup protection.”
By way of background, Edwards and several other former employees filed suit against Impact, seeking a declaratory judgment that the restrictive covenants in their employment agreements were unenforceable. Edwards also asserted a claim under the SCA. In her complaint, Edwards alleges that after she resigned, Impact requested that she return her company-provided cellular phone. Edwards deleted all of her personal Gmail emails before returning the phone. After obtaining the phone, Impact used it to access Levin’s Gmail account on at least 40 occasions, forwarding some of the emails to Impact’s counsel, including emails between Edwards and her counsel that were sent after Edwards resigned and clearly marked “privileged and confidential attorney-client communications and work product.” Impact also deleted from Edwards’s account all emails that would have revealed the forwarding of her emails to Impact. Levin later filed suit against Impact, asserting two claims, one under the SCA.
The SCA and the Court’s Decision
A party may be held liable under the SCA where a person “intentionally accesses without authorization a facility through which an electronic communication service is provided . . . and thereby obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system.” Electronic storage is considered “(A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and (B) any storage of such communication by an electronic communication service for purposes of backup protection of such communication.”
In its motion, Impact argued that Levin’s SCA claim failed because she did not allege the emails Impact accessed were unopened. As such, the emails did not meet the definition of electronic storage. In response, Levin argued the emails fell within part (B) of the definition because copies of the emails she deleted from the phone were maintained on Google’s server “for purposes of backup protection.” Therefore the read/receipt status of the email did not matter. While the court acknowledged the read/receipt status of an email could impact whether it fell within part (A) of the definition, the court agreed with Levin that it was not germane under part (B).
The court ultimately concluded that Levin had properly alleged a SCA claim under part (B) of the definition of “electronic storage,” relying, in part, on the Ninth Circuit’s holding in Theofel v. Farey-Jones. Specifically, the court found that the emails fell within the definition of electronic storage because they were downloaded or delivered to an electronic device with a copy retained on Gmail’s server. The court, however, excluded from that definition emails that are maintained on an ISP’s server only.
The court noted that applying the definition of electronic storage “is a difficult endeavor because the technology relating to emails and other electronic communication has changed since the enactment of the SCA.” As electronic communication technology advances, that difficulty will only increase. As such, employers should be very wary of accessing an employee’s web-based email account without permission. Doing so could expose the employer to actual damages, statutory damages in the amount of $1,000 per violation of the SCA, and claims for equitable relief and punitive damages, as well as attorney fees.