Jumping the Gun on Employee Internet Activity

security camera_thumbA new decision from the Third Circuit Court of Appeals provides public employers with some additional guidance regarding employee internet activity. In the case of Beyer v. Duncannon Borough, police officer Eric Beyer was terminated from his position after he posted anonymous online comments, critical of the Duncannon Borough Council. More specifically, Beyer criticized the Council for its opposition to the purchase of new AR-15 rifles for the police department. Continue reading

Employer Liability for Accessing Employee’s E-Mails

When a former employee sues his former employer, an immediate issue of concern is how to preserve all electronically stored information (ESI) that may be relevant to the claim. Failure to do so may result in a claim of spoliation, sanctions against the employer and its legal counsel, or even an adverse ruling. Good employment counsel understands these consequences and how to avoid them in the first instance. Continue reading

Work Email and the Attorney-Client Privilege Do Not Mix

An appeals court in California recently decided that emails sent by an employee from her work email address to her attorney are not protected by the attorney-client privilege. In the case of Holmes v. Petrovich Development Company, LLC, an employee sued her employer for wrongful termination. Prior to filing her lawsuit, she had exchanged emails with her attorney, using her office email account. The employer used the emails in its defense, and the employee objected, claiming that they were protected by attorney-client privilege. Continue reading

Why Don’t Employers Care About Employees’ Internet Usage?

Employers don’t care that their employees browse the internet all day long.  They don’t care that employees do their holiday shopping online from the comfort of their offices.  Employers don’t care that employees’ internet usage exposes their companies to substantial security risks.  I’m convinced–they just don’t care. 

Most employers do not have any rules about online shopping during working time.  And, of those employers who do have some sort of web policy that limits employee use, just a few have a program in place to monitor online activities. 

Millennials are the most likely group of employees to put their companies at risk over the holiday season.  An estimated 4 out of 10 U.S. workers aged 18-24 will spend up to five hours shopping online–on their work computers–this holiday season, according to the Shopping On the Job surveyMy Computer

That’s more than half a working day!  

Not only are Gen Y employees the most likely to browse the web for that hard-to-find gift but they are also the least worried about the vulnerability of their work computers.  Millennials tend to be less concerned about safe web browsing when compared to their older colleagues. 

Despite the many voices of concern that online activity will have a negative impact on productivity and will expose the company’s internal network to serious security risk, there doesn’t seem to be much to prevent it. 

Is this because employers really don’t understand the amount of potential loss?  Or do they not realize that, without a proactive procedure in place to deal with this risk, employees are not likely to change their habits?  Or maybe employers don’t know what types of procedures to implement as a way to combat the potential losses associated with employees’ online use during the holiday season. 

Other Posts on Electronic Monitoring in the Workplace:

Survey Says:  Employers’ Policies on Technology in the Workplace

Is It Time to Update Your Electronic Communications Policy? If you’re the Mayor of Detroit, the answer is “Yes”

Blogs In the Workplace

Somebody’s Watching You:  New Data on Electronic Monitoring by Employers

Spy vs. Spy: New Tools Offer New Ways to Obtain Employees’ “Private” Data

An employer’s right to monitor employees’ electronic communications is a very popular topic.  There are numerous questions in this area of the law that remain unanswered.  For example, can an employer can lawfully retrieve an ex-employee’s personal e-mails sent and received from the company’s computers?  The 9th Circuit took a shot at another big question earlier this year in Quon v. Archer, when it held that an employee’s text messages were personal and could not be viewed by the employer–even though the pager used to send and receive the text messages was the employer’s property.  Employees’ text messages can result in significant consequences for their employment–just ask the former mayor of Detroit. 

What seems to get many employees into trouble is their misconceptions about the security of their electronic data.  It seems that many workers don’t believe that their employers could access electronic mail and messages, even if the employer was inclined to do so.  Well, that is just plain wrong.  Electronic data can be retrieved.  And it’s a lot easier than you may think.  A new product on the market, Sim Card Spy Elite by Brickhouse Security, is a compelling example of this fact. image

The Sim Card Spy Elite is a recovery device that can retrieve “deleted” data from a SIM card.**  Just pop the SIM card out of a cell phone and insert it into the Spy Elite.  Then insert the Spy Elite into your computer and, Voila!  All of the data that you thought had been deleted from the cellphone is instantly restored.  Names, text messages, and last-dialed numbers are given new life.  The data can be viewed, printed, and even edited–all for the low price of $199.95.   

As technology continues to improve, powerful tools like this are going to become easier and easier for the masses to obtain.  No longer are these items accessible only to security insiders.  Not only should employees be wary of the potential use of these tools by their employers but, as the Larry Mendte saga made evident, employers must also be cognizant of the possible use of spy devices by employees as tools for coworker sabotage and espionage.  It’s not as fictional as it may sound.  Just ask Alycia Lane.

**A SIM card is a tiny circuit board for cell phones that contains the user’s account information. SIM cards are interchangeable between phones, allowing users to program a new phone by just switching the SIM card.

Employer Yells Yahoo! for Employee’s E-Mail

The extent to which an employer may access an employee’s personal e-mail account is an unsettled issue.   Many employers have policies in place that either prohibit or significantly limit an employee from accessing personal e-mail during work hours.  Most employers have (or, if not, should have) a right-to-monitor policy, which notifies employees that the employer may actually monitor access to personal e-mail accounts if the employee is using company equipment.  A recent decision from a federal court in Florida supports the employer’s position that it can compel an  employee to turn over e-mail from a personal account.     email

In

(pdf), a breach of employment agreement and misappropriation of trade secrets case, an employer moved to compel production from the employee’s personal Yahoo! e-mail account.  Although the employee claimed he could not produce any e-mails because he presumed they had been destroyed by Yahoo!, the only support for his position was a generic letter from Yahoo! which indicated the account at issue had been deactivated. 

Not surprisingly, the court found the employee’s explanation dubious–even more so after the court learned that the employee untimely identified his personal account because, in his opinion, production of e-mails would be “impossible.”  According to the employer, the employee used this specific personal account to engage in the activities upon which the entire lawsuit was based. 

Thus, given the potentially high evidentiary value of the e-mails, the court sanctioned the employee (although any potential fine is dependent upon how successful the employee is in his court-ordered attempt to obtain the e-mail from Yahoo!).  The court further cautioned that if it turns out the employee’s failure to identify his personal e-mail account and obtain messages from his account results in the spoliation of evidence, the court will consider serious penalties. 

The Mendte-Lane Saga Concludes With a Guilty Plea and a Lawsuit

According to the AP, Larry Mendte has admitted that he hacked into Alycia Lane’s e-mail and leaked her private information to a reporter from the Philadelphia Daily News.  This admission comes just two months after Mendte’s home was raided by the FBI and his computers from home and work were seized.  Although not likely, Mendte could be sentenced to up to five years in prison when he is sentenced in November.

JON19DPT 52439 Photography by Peter Tobia  IN THIS PICTURE  Larry Mendte and Alycia Lane in between news cast.  THE STORY IS CH3 news team individual and together.

JON19DPT 52439 Photography by Peter Tobia IN THIS PICTURE Larry Mendte and Alycia Lane in between news cast. THE STORY IS CH3 news team individual and together.

Mendte admitted that he viewed hundreds of e-mails after installing a keystroke-tracking software on her computer at work.  Lane maintains that she complained about the possibility that her e-mails were being leaked but her employer, KYW-TV, “treated her as if she was paranoid.”  Lane claims that her career has been ruined as a result of Mendte’s behavior.