Posted on June 17, 2010 by Maria Danaher

Supreme Court rules that review of public employee's text messages was not a Constitutional violation.

[With thanks to Hera Arsen, J.D., Ph.D., in our Client Services group - her more detailed explanation of this case can be found on the firm's website at www.ogletreedeakins.com.]

The U.S. Supreme Court has held that a city police department's search of an employee/police officer’s text messages was reasonable, and did not violate the individual’s Fourth Amendment (“search and seizure”) rights. City of Ontario v. Quon, No. 08-1332, U.S. Supreme Court (June 17, 2010). While employers have been anticipating the high court’s opinion on whether employees have a reasonable expectation of privacy related to electronic messages, the Supreme Court did not tackle that issue. Instead, the Court assumed that the officer did have a reasonable expectation of privacy in his personal text messages. However, the Court also found that the search was motivated by a legitimate work-related purpose, and was not excessive in scope. Based upon those factors, the Court held that the city's review of the officer's text messages was reasonable and did not violate the employee’s Constitutional Rights. City of Ontario v. Quon, No. 08-1332, U.S. Supreme Court (June 17, 2010).

Jeff Quon was a police sergeant with the Ontario Police Department (OPD). In 2001, the city of Ontario acquired 20 alphanumeric pagers capable of sending and receiving text messages and contracted with an outside vendor to provide wireless services. Under the agreement with the city, the vendor charged an overage fee if messages exceeded 25,000 characters in a single month.

Before acquiring the pagers, the city adopted a “Computer Usage, Internet and E-mail Policy,” which was applicable to all employees. The policy set forth that the city “reserves the right to monitor and log all network activity including e-mail and Internet use, with or without notice.” The policy further stated that “users should have no expectation of privacy or confidentiality when using these resources” and that the use of inappropriate language in the e-mail system would not be tolerated. Although the policy did not specifically refer to text messaging, the city issued a written memo to employees that it would treat text messages the same way as it treated e-mails, and that text messages would be “eligible for auditing.” Quon signed a statement acknowledging that he had read and understood the city’s policy.

After Quon began to regularly exceed the 25,000-character limit, he was reminded that text messages were “considered e-mail and could be audited.” In October 2002, in an attempt to determine whether the 25,000 character limit was too low for work-related messages, the police department asked its vendor to provide the transcripts of Quon’s last two months of messages to determine if the overages were for work-related or personal messages. The transcripts revealed that many of the messages were personal in nature and that some were sexually explicit. That triggered an investigation of whether Quon was violating Ontario Police Department (OPD) rules by pursuing personal matters while on-duty. It was determined that in August, Quon sent or received 456 messages during work hours, and that less than 60 of those were work-related. The report concluded that Quon had violated OPD rules, for which he could be disciplined.

Quon filed suit in the U.S. District Court for the Central District of California claiming, in part, violation of his Fourth Amendment rights, and arguing that the privacy of personal text messages is protected by the ban on “unreasonable searches and seizures” found in the Fourth Amendment to the U.S. Constitution. The trial judge agreed that Quon had a reasonable expectation of privacy in the text messages, but held a jury trial to determine the intent of OPD’s search. The jury determined that the original purpose of investigation of the text messages was to determine the efficacy of the character limit, and not to determine whether Quon was wasting time while on-duty. Thus, the search was reasonable.

Quon appealed to the Ninth Circuit Court of Appeals, which agreed with the trial judge that the employees had a reasonable expectation of privacy. However, the Ninth Circuit rejected the trial judge’s finding on the reasonableness of the search overall, stating that, while the purpose of the search was to verify the efficacy of the 25,000 character limit, the purpose of the investigation could have been achieved by less-intrusive means (i.e., warning Quon, asking him to count the characters himself, or asking him to redact personal messages and grant permission to the department to review the redacted transcript).

The Supreme Court declined to address the issue of privacy of personal messages on company equipment, opting to dispose of the case on “narrower grounds.” Instead, the Court assumed that Quon had a reasonable expectation of privacy in the text messages, that the city’s review of the transcript constituted a search within the meaning of the Fourth Amendment, and that the principles applicable to a government employer’s search of an employee’s physical office apply to an electronic intrusion of privacy as well.

The Court then turned to the reasonableness of the search, finding that when conducted for a non-investigatory, work-related purpose or for the investigation of work-related misconduct, a government employer’s warrantless search is reasonable if: (1) it is “justified at its inception” and (2) if “the measures adopted are reasonably related to the objectives of the search and not excessively intrusive in light of” the circumstances giving rise to the search. Noting that OPD initiated the search to determine whether the vendor’s character limit was meeting the city’s needs, the Court concluded that the search was justified at its inception. The City and OPD had a legitimate interest in ensuring that officers were not paying for work-related expenses and alternatively, that the city was not paying for officers’ personal communications.

The Court next found that reviewing Quon’s messages was an “efficient and expedient way” to determine if his regular overages were work-related or personal. The Court noted that the review was not “excessively intrusive” since it covered only two months of messages and was limited to on-duty messaging. In addition, given that Quon was told that his messages were subject to auditing, the Court concluded that it would not have been reasonable for Quon to assume that his messages were “immune from scrutiny.” Thus, the Supreme Court held that the search was reasonable and the city did not violate Quon’s Fourth Amendment rights.

Although this case deals specifically with a public employer, private employers should use a similar approach when faced with an issue regarding the privacy of electronic correspondence on company computers and handheld devices, balancing privacy guarantees (based in state law or company policy) against the reasonableness of the employer's search and its purpose.
 

Tags:
Posted on October 5, 2009 by Maria Danaher

Company violated federal law by accessing employee's invitation-only MySpace chat group without authorization.

In an unpublished opinion, a federal district court in New Jersey has upheld a jury verdict in which a company was found liable for violating the federal Stored Communications Act (SCA). The violation occurred when the company’s managers intentionally accessed a “chat group” on an employee’s MySpace account without having received authorization from the MySpace member to join the group. Further, the court upheld the jury’s finding of malicious conduct, which supported an award of punitive damages. Pietrylo v. Hillstone Restaurant Group d/b/a Houston’s, D.N.J., No. 06-5754, unpublished, Sept. 25, 2009.

Brian Pietrylo and Doreen Marino filed suit against their employer, Houston’s Restaurant, after two of the restaurant’s managers accessed a MySpace chat group maintained by Pietrylo during his non-work hours. The chat group, called the “Spec-Tator,” was accessed via an electronic invitation from Pietrylo. If the user accepted that invitation, he or she could access the site only by using a personal password. The site included language that indicated that the group was private, and that it was a place in which Hillstone employees could talk about the “crap/drama/and gossip” related to their workplace. No Hillstone upper manager was invited to join the group, and members accessed the site only during non-work hours and on non-company computers.

One employee/chat group member, Karen St. Jean, made a Houston’s manager aware of the site. St. Jean later provided her password to another manager, Robert Anton, who shared the information with a regional manager, Robert Marano. In spite of the privacy warning on the page, Anton and Marano accessed the site on multiple separate occasions. After determining that the content of the postings in the chat group were “offensive,” Anton and Marano fired Pietrylo and Marino.

Pietrylo and Marino then sued Houston’s, alleging, in part, that the company violated the SCA and a parallel New Jersey statute, the New Jersey Wiretapping and Electronic Surveillance Control Act. A jury found in favor of the employees, awarding modest compensatory damages, but adding punitive damages after finding that the company acted maliciously. Houston’s challenged the verdict in a motion for judgment, and requested a new trial. Both motions were denied by the district court, which found that the verdict and the damages were supported by the evidence.

Under the SCA, the plaintiffs had to prove that Houston’s managers accessed the chat group “knowingly, intentionally, or purposefully,” and without authorization. Although Houston’s argued that St. Jean willingly volunteered her password to Anton, St. Jean’s trial testimony included the fact that she would not have provided that information to Anton if he had not been a manager. Interestingly, the court’s decision turned partly on the fact that there was no documentary evidence concerning the authorization, and so the jury had to rely on the testimony and demeanor of the witnesses. The court held that the jury could infer from St. Jean’s testimony – specifically her statement that she felt that she “would have gotten in trouble” if she hadn’t provided her password – that the purported authorization was coerced. In addition, the court cited that particular testimony, in conjunction with the fact that the restaurant’s managers viewed the site on several different occasions, even though the site specifically contained warnings that it was “private” and accessible to “members only,” to support its decision to deny Houston’s motions.

While this decision is a district court case and therefore open to appeal, the decision is one of which employers should be aware. The lack of documentation regarding how the company obtained the password, the use of a self-designated “private” chat room by individuals without an actual invitation, and the continued use of the site with specific knowledge of its invitation-only status all provided a basis for the court to support the jury’s findings against the company. While employers have certain rights and obligations with respect to company-related computer equipment and electronic sites, this case points out the pitfalls of an attempt to extend that authority to non-work-related equipment and sites. This area of the law is developing quickly, and employers should be attuned to the ways in which courts are addressing the issues that arise in that area.
 

Tags: ,