In a recent ruling, the New Jersey Supreme Court has added to the ongoing debate as to whether employees may have reasonable expectations of privacy in personal emails when a company’s policies are vague. Because this is the first time a State Supreme Court has considered the issue, this case will likely influence how other courts treat this issue. In fact, a similar case is currently under consideration by the U.S. Supreme Court and the issue has been consider by lower court in numerous other States courts. This issue is likely to grow in importance in coming years. In this case, the court held that the plaintiff possessed a reasonable expectation of privacy in communications with her attorney through a third party internet email client even though the plaintiff used a company computer. Consequently, the defendant company was precluded from using the employee’s communications in its dispute with the employee. Stengart v. Loving Care Agency, 2010 WL 1189458 (N.J. 2010).
Stengart, an employee of Loving Care Agency, engaged in a series of email communications with her attorney through Loving Care’s computer systems. These emails were sent through Stengart’s personal, password protected, Yahoo! email account. Unknown to Stengart, all her emails were stored on the company computer’s hard drive. Shortly after sending theses emails, Stengart resigned from and filed suit against Loving Care. In anticipation of litigation, Loving Care hired a forensic expert to retrieve all of Stengart’s communications sent using the company computer. Stengart filed to have her communications protected.
The court decided that Loving Care’s computer usage policy did not provide adequate notice to employees that their emails, sent from private email accounts using company computers, may be read by their employer.
Loving Care’s computer usage policy stated:
The company reserves and will exercise the right to review, audit, intercept, access, and disclose all matters on the company’s media systems and services at anytime, with or without notice . . . .
E-mail and voice messages, internet use and communication and computer files are considered part of the company’s business and client records. Such communications are not to be considered private or personal to any individual employee . . . .
The principal purpose of electronic mail (e-mail) is for company business communications. Occasional personal use is permitted.
Several other courts have dealt with the issue of employee privacy when communicating through company communication services resulting in conflicting outcomes. For example, a court in Massachusetts upheld the attorney-client privilege of emails sent through company computers1 while a court in New York found the plaintiff knew of the company policy and was required to disclose the attorney-client communication.2 A case currently before the U.S. Supreme Court, Quon v. Arch Wireless,3 with oral arguments on April 19, 2010, may clarify the various court decisions on an employer’s rights to monitor their employee’s communications through company products. Quon involved an employer’s reading of an employee’s text messages sent through a company pager. Both the trial and Ninth Circuit Courts found the company’s usage policy allowed the company’s review of the text messages. The impending Supreme Court decision may explain to employers the scope of an employee’s privacy and what policies are properly written to grant employers a right to monitor employee’s communications.
Companies should review their computer usage policies with these questions in mind:
Are employees notified of the storage of communications to the computer’s hard drive?
Are employees notified that all actions taken on company computers may be monitored at any time without notice to the employees?
Are employees notified that the company may review all emails sent through company computers, even personal emails sent through personal email accounts?
Even though companies may not be allowed to monitor employee’s email communications with their attorney in New Jersey, a review of your IT policies could help remove ambiguities regarding other communications.