Much to the chagrin of employers, the NLRB continues to parse employer policies and rules. In its July 31, 2014 decision, Fresh & Easy Neighborhood Markets361 NLRB No. 8, the NLRB found that the employer’s “confidentiality and data protection” rules violated employees’ Section 7 rights. The rule in question stated:

“Keep customer and employee information secure.  Information must be used fairly, lawfully and only for the purpose for which it was obtained.”

Over the dissent of Member Johnson, Members Pearce and Schiffer reversed the Administrative Law Judge and found the rule contained in a Code of Conduct unlawful. The majority rejected the ALJ’s conclusion that the rule only addressed ethical matters, not being a typical employee handbook. The majority determined the Code governed day-to-day duties and that they could be subject to disciplinary action for violating the Code.

The majority then read the Code’s changed provision expansively. The Board implied that to avoid an expansive interpretation, the employer would have had to have included language limiting the types of employee information that should not be disclosed to narrow the rule’s context. The majority distinguished other cases where such rules by context suggested they were limited in reach to the “protection of intellectual property assets.” Of course, in so distinguishing these cases, the Board’s opinion fails to show clear lines to guide employers when promulgating such rules. In fact, as dissenting Member Johnson pointed out – it now appears the Board is encroaching on a presumption of illegality for certain types of rules, absent explicit exceptions carved out to protect Section 7 activity.

The lessons of this case and many others over the last several years is clear:  employers must closely scrutinize all forms of policy statements addressing the protection of company information to ensure that such rules do not run afoul of the NLRA.