To repeat: The employer has a right to inspect employee e-mails from its own systems

March 21, 2013

Article courtesy of SBAM Approved Partner ASE

By Michael J. Burns

A report came out last week that some resident deans at Harvard University were outraged to find that Harvard administration had gone through the emails of 16 of their colleagues.

The administration’s action was part of its effort to identify who had leaked information to the media about a cheating scandal at the school. Administrators were concerned that the resident deans involved may have breached the student’s rights to privacy and due process by way of these leaks. On the other hand the position of the Harvard deans was concern over “integrity” at Harvard.

Employers in the private sector well understand their right to access the information on their own computer systems. The dust-up at Harvard suggests that not all sectors of the workplace—academia, for example—have accepted such a practice as management’s right. Since Harvard is one of America’s most iconic institutions, the outrage expressed by its resident deans could conceivably cloud this issue for other employers regardless of their industry sector. It should not.

Legally, an employer has the right to inspect and check any system it owns unless it has reserved a privacy right to its employees. For most employers such a voluntary forfeiture of a management right is neither likely nor prudent. It may find its way into a collective bargaining contract, for example, or be granted due to some other extenuating circumstances. In the situation at Harvard management gave up no such rights.

In 2010, the U.S. Supreme Court weighed in on this issue, finding that the City of Ontario, California had the right to read private text messages an employee had sent and received on his city-issued pager. In that case, the Court found that any expectation of privacy the employee may have had was outweighed by the fact that the city had a legitimate, work-related reason to read his messages (to figure out whether the city needed to change its contract to allow a higher character limit on the city’s pagers). Neither was the search excessive (the city looked at only two months’ worth of messages, and only at messages that had been sent during work hours).

A 2005 poll from the American Management Association revealed the following:

Almost half the employees surveyed had sent or received email messages that included jokes, stories, or pictures that were “questionable” (meaning they included sexual content or were politically incorrect).
Six percent of employees have emailed confidential company information to someone they shouldn’t have.
Fifteen percent of companies have faced a lawsuit triggered by employee email, and almost one quarter of companies have had their email subpoenaed by courts and regulators.

How actively an employer monitors its employees’ email typically depends on its goals and resources. The most common practice is reactive. As with the situation at Harvard, employers review employee email only if there is a serious reason related to its business or public image (such as a claim that the employee sent trade secrets to a competitor or used company email to send a racist joke). Some companies do random spot checks of email periodically. Others are more active, reading a larger percentage of messages.

It is generally sufficient to notify employees by way of a handbook policy affirming the employer’s right to access e-mails (and Internet use). But there is a growing consensus among lawyers and HR professionals that employers should periodically remind employees of the policy and even apply it occasionally. For example, it can conduct an audit simply to let employees know it is a real practice, not just a remote possibility, to access employee emails. This will bring reality to an otherwise ignored or disregarded policy.

There are some situations where an employer may not want to let employees know it is accessing emails. Adam Fiss at the law firm of Littler, Mendelson explains: If the employer is investigating a retaliation claim and finds information in the email that supports the claim, then tipping the employee off might prevent the employer from getting to the truth. “You’d be giving them advance notice,” says Fiss, “and they’d be looking into their email account and potentially preparing answers to questions they anticipate.” Letting employees know just after a search is a better alternative approach to notification.

Regardless, employers should feel legally comfortable to conduct searches of their email systems should they feel it necessary.