by frederick s. lane iii '88
|(Illustration by Barbara Bellingham)|
In the digital workplace, can employees ever have a reasonable
expectation of privacy?
There’s never a shortage of good oxymorons: Jumbo shrimp. Computer security. Military intelligence. Compassionate conservatism. World Series Champion Boston Red Sox. And now, to that list can be added: Workplace Privacy.
From a legal perspective, “privacy” in general is a fairly recent discovery. In the list of inalienable rights set out in the Declaration of Independence and later codified in the Bill of Rights, privacy is conspicuously absent. It wasn’t until 1890, when Boston attorneys Louis D. Brandeis and Samuel D. Warren wrote “The Right to Privacy” for the Harvard Law Review, that the concept first entered the legal lexicon. Although privacy has since gained both statutory and case support, it is a “right” that is easily trumped by judicial process and bureaucratic regulation. More importantly, it is a “right” that we treat shabbily: We regularly trade private information for a twenty-five-cent coupon at the grocery store, or publicly discuss private matters on our cell phones.
Admittedly, the concept of privacy has never gained much traction in the workplace. There are very few successful or even surviving businesses where the owner or manager doesn’t have some idea of what his or her employees are doing and how they’re doing it. The question that we need to ask, however, is at what point employer surveillance is excessive or simply unnecessary.
The test, courts have uniformly held, is whether an employee has a reasonable expectation of privacy, and whether that expectation is outweighed by legitimate business concerns. Unfortunately for employees seeking greater privacy, the boundary between legitimate employee supervision and invasive scrutiny will never be brightly lit. Every business has serious and reasonable justifications for a certain amount of surveillance, including productivity, prevention of theft and sabotage, prevention of harassment and discrimination, prevention of violence, and prevention of terrorism.
Thanks to a confluence of technological innovations, economic challenges, and social trends, the capabilities and rationalizations for workplace surveillance have accelerated dramatically in recent years. At the core of the nascent debate is now a central question: As surveillance technology grows smaller, faster, and more powerful, can an employee ever have a reasonable expectation of privacy in any corner of the digital workplace? The window for a rational discussion of that question is rapidly closing.
It is important to realize that the implications of this debate extend well past the employee parking lot. At a philosophical level, one concern is that the rise in workplace surveillance is slowly inuring us to surveillance in general. Across the nation, for instance, police departments are installing video cameras in public areas to look for potentially criminal activity. On a more practical level, workplace surveillance has the potential to alter the balance between the federal government and its citizens: The information that employers can (and are) gathering is actively being sought by the Federal Bureau of Investigation and the Justice Department under the auspices of the Homeland Security Act and the USA Patriot Act. In many cases, federal agents are obtaining information that it would have been difficult or impossible for them gather on their own. Even more disturbing is the fact that employees will generally have no idea their employer is providing such information, since it is a federal crime to reveal even that the information has been requested.
If there is one technology that is encouraging employers to expand workplace surveillance, it is the World Wide Web. First introduced in late 1994, the Web experienced phenomenal growth (more than 300,000 percent in one twelve-month period), and by 1997 or 1998, had already become an important business tool.
The “killer app,” of course, was email. Although electronic mail has been around since late 1971 (the actual date of the first email is lost to history), it was only after the Web gained widespread popularity that the volume of email grew significantly. Today, on average, more than 10 billion email messages are sent each day.
The goal of early programmers was to make email similar in form and function to letters. Largely because messages appear to go directly from one person to another, a deep-seated assumption has arisen that email enjoys the same protections given to first class mail.
Michael Smyth, an employee of the Pillsbury Company in Philadelphia, didn’t merely assume that his email was private—Pillsbury specifically promised all of its employees that electronic communications were privileged and could not be used to fire an employee. In late 1994, Smyth received some emails from a supervisor. Apparently upset by the emails, he sent his own electronic messages across the company system. Among other things, Smyth harshly criticized Pillsbury sales management, threatened to “kill the backstabbing *&@!$%^#,” and described an upcoming company party as a “Jim Jones Kool-Aid affair.” After a Pillsbury executive saw a copy of one of the messages in a company printer, Pillsbury opened and read all of Smyth’s emails and promptly fired him for sending “inappropriate and unprofessional comments.”
Not surprisingly, Smyth sued to get his job back, but the US district court upheld Smyth’s termination. Despite the fact that Pillsbury breached its repeated promises, the district court ruled that “the company’s interest in preventing inappropriate and unprofessional comments or even illegal activity over its email system outweighs any privacy interest the employee may have in those comments.”
In the seven years since the Smyth decision, courts have not deviated from the basic conclusion that employees have no reasonable expectation of privacy in the mail that they send across a company’s computer network. Some employees think they can avoid management scrutiny by using a free mail account like Yahoo! or HotMail. There is no practical difference, however; even if an employee uses Yahoo!, the message still needs to travel across company wires and can be intercepted legally.
Again, employers are strongly motivated to snoop: Unmonitored email can be extremely expensive to a company. It didn’t take long for electronic offensiveness to become a factor in harassment litigation. In the mid-1990s, for instance, four women filed a sexual harassment lawsuit against Chevron Corporation in California. Among the evidence they introduced was an email titled “Twenty-Five Reasons Beer is Better than Women” that had been distributed across the company computer network. Chevron ultimately settled the lawsuit for $2.2 million. Offensive email has also fueled suits against a variety of other well-known and well-heeled corporations, including Morgan Stanley and Salomon Smith Barney.
To minimize the risks of harassment and to limit the impact on productivity, businesses are increasingly using software to block access to certain types of sites (pornography, sports, day-trading) and to track what their employees are doing online. Is it simply enough to say that if an employee chooses to use his or her work computer to surf the Web, the information regarding the sites visited is fair game for the employer? Certainly, many courts have ruled that employees have no privacy expectation when they surf at work. An argument can be made, however, that while a business is entitled to track and act on the information that an employee is visiting non-work-related sites, it should not be entitled to act on any information derived from the identity of the sites themselves. For instance, while a company could discipline an employee for personal surfing during the workday, it should not be allowed to act on the information that the employee visited an Alcoholics Anonymous site or a site on the treatment of a potentially costly illness.
The privacy balance is slightly more blurry when it comes to electronic files. While employers generally have broad rights to search offices and even desks, courts take care to scrutinize the circumstances leading to the inception of the search. Judges also look at whether the search was reasonably tailored to the alleged transgression.
The same general principles apply to searches of computer directories and files, but the latitude given to employers is usually broader. As with electronic mail, the employer’s ownership of the computer equipment in question enhances its ability to conduct searches. Moreover, the consequences of computer misuse (ranging from sexual harassment to intellectual property theft to child pornography) often can appear more threatening than misuse of other types of equipment. Lastly, most companies make a point of requiring employees to read and sign an “acceptable use” policy, which generally is drafted in such a way as to eliminate any reasonable expectation of privacy on the part of the employee.
Still largely unresolved is the question of how far an employer’s right to search extends into the home. If an employee is given a computer by the employer to use at home, does that give the employer license to look at even the most personal files that might be stored on that computer? Employees should assume that it does. The best (and perhaps the only) protection is to avoid putting any personal material on a work-related computer.
To the delight of plaintiffs’ attorneys, the average computer can contain a treasure trove of electronic evidence. To the delight of computer geeks, most attorneys have absolutely no idea how to access those materials. While a full discussion of computer forensics is well beyond the scope of this article, it is critical for both litigation and corporate attorneys to consider the issue of electronic data retrieval long before court proceedings begin.
Many people are still surprised by the ineffectiveness of the “Delete” key. When a computer user deletes a file, the contents of that file are not erased from the user’s computer. The only thing actually deleted is the file name; the data associated with the file remains on the computer’s hard drive until it is overwritten. There are a large number of software programs that can assist computer technicians in retrieving the contents of a deleted file.
Often, of course, a computer forensics expert doesn’t have to go to such lengths to recover a deleted file or email. In many work environments, backups are routinely made of critical data. In those circumstances, deleted files can linger for months or even years. One of the more famous examples of this is the Iran-Contra scandal of the mid-1980s. The leader of the operation, Oliver North, thought he had successfully deleted incriminating emails, but Congressional investigators were able to retrieve multiple copies of his emails from various backup tapes.
Every employee should be educated about the near-indestructibility of electronic data. Among computer technicians, there is a well-known aphorism: “Information just wants to be free.” Whenever information is put in electronic form, it is virtually certain that the information will flow beyond its intended boundaries.
One of the main reasons for the phenomenon is the bewildering array of devices available on which to store data. As litigation attorneys are learning, discovery pleadings need to be drafted in the broadest possible terms to cover the myriad types of storage technology on the market.
Where once there was the floppy disk, there are now Zip disks, Jazz disks, recordable CD-ROMs, recordable DVDs (which will soon have capacities in the tens of gigabytes), and a whole menagerie of devices with flash memory and seemingly microscopic hard drives. Inexpensive key chains can be purchased that can store 256 or 512 megabytes of data; only slightly more expensive Ipods—no bigger than a deck of cards—can hold twenty to thirty gigabytes of electronic files. Similarly, personal data assistants (PDAs) can store a virtually limitless amount of data on swappable memory sticks and cards.
It’s not just the misappropriation of electronic data that is troublesome. As many bookstores and newsstands are discovering, the theft of text and images is no farther away than an inexpensive digital camera and a quiet corner of the store. Even relatively inexpensive PDAs and cell phones are coming pre-equipped with simple but functional digital cameras. In addition to posing a general privacy threat (many locker rooms, gyms, and health clubs now ban camera-equipped devices), the increased risk to trade secrets and confidential information gives employers yet another rationalization for surveillance.
The tension between employee privacy and workplace surveillance grows stronger as employees move farther from the workplace itself. Thanks to a never-sleeping system of twenty-four satellites, however, “workplace” surveillance is no longer limited to the Dilbertian cubicle. Over the last decade, the Global Positioning System (GPS) has become an increasingly common feature in commercial vehicles and corporate automobile fleets. When combined with fairly simple computer systems, a GPS system is capable of reporting where a vehicle has gone, how fast it has traveled, how long it has stopped, and even the vehicle’s changes in altitude. The owners of service companies praise the increases in efficiency that have resulted from GPS installations, but employees are wary of a system that so closely monitors where they go and what they do. On the eve of last December’s unexpectedly massive snowstorm, for instance, the Commonwealth of Massachusetts was locked in bitter negotiations with independent snowplow contractors. State officials were demanding that the plowers carry GPS-equipped devices to help them track plowing, assign trucks to problem areas, and maintain a log of activity for billing and payment. Ultimately, the state agreed to delay using the devices for billing and payment until the GPS calculations can be compared to the paper records maintained by the drivers. In the aftermath of the storm, highway officials said the devices made it much easier to keep roads clear and estimated they will save taxpayers millions of dollars per year.
If GPS systems are being used to make sure that an employee is working when he or she is supposed to be working, there are few privacy concerns. It’s difficult to argue against a system that is primarily used to make sure that employees are doing what they’re paid to do. But as with Web surfing, there are currently few legal restrictions on employer use of information gathered from GPS systems.
The temptation to obtain and perhaps misuse private information will grow steadily as GPSs become an integral part of electronic devices in general. Already, cell phones are routinely equipped with GPS location equipment, and it is creeping its way into PDAs and laptops. When those devices are paid for and provided by employers, employees should be aware that the information generated by the GPS may well be available to their supervisors. Workplace surveillance is no longer a 9 to 5 concern.
On the very near horizon are technologies that raise concerns about far more serious intrusions into worker privacy. Infrared technology is being incorporated into a wide variety of applications, the most common of which is the employee identification badge. In particular, a number of hospitals have installed systems that allow an infrared signal to be read from each badge. The system allows the employer to track the location of each employee. While nominally to enable staff to be located quickly in an emergency, the system also spins off a variety of potentially intrusive data, including how long people spent in any given location and the amount of time various staff members spend together, data that could be useful in analyzing and fighting unionizing efforts.
Although most infrared sensor systems do not monitor bathroom use, some are aimed specifically at it. In the restaurant industry, at least one company has linked infrared badges to bathroom devices to monitor employee hygiene habits. The company’s software tracks the steps employees take to wash their hands and records whether they do so for a sufficient period of time. The information is stored in a database for review by management. Excessive? At a gut level, perhaps, but restaurant owners can justify such intrusions by pointing to the economic and personal costs of a single bacterial outbreak.
On the near horizon is the introduction of radio frequency IDs (RFIDs), rice-grain-size devices that emit a unique identifying code that can be read by receivers. The chief interest in RFIDs right now is in the retail industry, as companies consider putting them on products and shipping packages to track inventory. But they may well be introduced into the workplace as more secure personal identifiers. One Florida family has already had the devices implanted in their hands to provide paramedics with sure identification and quick access to their medical records online. It’s only a matter of time before some employer makes the use of a RFID a condition of employment.
By itself, the collection of large amounts of information in the workplace and its potential misuse raises serious privacy concerns. An employer should be making employment decisions based on an employee’s capabilities and job performance and should not be tempted by extraneous information collected through workplace surveillance. Take health records, for instance. Misusing someone’s private health information can be appealing to employers that provide health insurance to their employees; a single employee with a long-term illness can dramatically increase a company’s premiums.
There are some federal and state statutory protections for employees, but they are scattershot at best. Absent some type of Employee Bill of Rights, there is unlikely to be significant improvement in the area of workplace privacy.
As surveillance technology grows more pervasive, the leading consequence will be to make a reasonable expectation of privacy in the workplace nonexistent, if not laughable. That alone would be reason for pause, but if such surveillance is in reality numbing us to the idea of being constantly watched, or is effectively being done for government agents who could not do it themselves, then we really must consider whether “workplace privacy” is merely the canary for our “right to privacy” in general.
Frederick S. Lane III is the author of Obscene Profits: The Entrepreneurs of Pornography in the Cyber Age (Routledge 2000) and The Naked Employee: How Technology Is Compromising Workplace Privacy (AMACOM 2003), upon which this article is based.