Supreme Court to Hear Case on Employer Access to Worker Messages

supreme court

How much privacy do workers have when they send text messages from company accounts?

Users of text-messaging services “have a reasonable expectation of privacy” regarding messages stored on the service provider’s network, 9th Circuit Judge Kim Wardlaw said in Quon v. Arch Wireless Operating Company, Inc., 529 F.3d 892 (9th Cir. 2008).

In that case the court found that a police department had violated the Fourth Amendment and state constitutional rights of employees and the people they exchanged text messages with, when they reviewed “personal” text messages created on devices owned and issued by the police department. It also found that the text messaging provider, Arch Wireless, violated the Stored Communications Act (SCA), 18 U.S.C. §§2701-2711, by providing transcripts of these messages to the employer.

Supreme Court

The U.S. Supreme Court agreed to hear an appeal of the case: City of Ontario, California, et al., Petitioners v. Jeff Quon, et al. (08-1332). The Justices could add some new law to the ability of companies to monitor and access their employees’ use of a company’s computer system.

Limitations

Although it sounds interesting, the case has some limitations that will likely make the decision underwhelming. The employees at issue are government employees, so the Constitution is implicated. You don’t have this issue with private employees. Second, the governmental employer accessed the information from the third party provider of the text-messaging system. The information was not on the government’s computer system itself. Third, the governmental employer did not have a clear policy on the use of the equipment and whether the messages were private or accessible by the government employer.

Background

The case originated when police officers claimed thier rights were violated when messages on department devices were read by their chief. Quon and the other officers had signed a statement declaring “users should have no expectation of privacy or confidentiality” when using devices furnished by the city. But shortly after text pagers were distributed, the officers were told by a supervisor they could use them to send messages, as long as they paid for messages that exceeded the monthly limit. It was understood that some of these messages would be personal and unrelated to police work. When the police chief learned that some officers were regularly exceeding the monthly limit, he asked for an audit and read the messages.

After Quon and the other officers learned their messages had been read, they sued. They lost in the Los Angeles Federal District Court, but won in front of the 9th Circuit.

References:

Policies for Private Use of Company Computer Systems and Mobile Devices

edward_angell_logoMark E. Schreiber and Barbara A. Lee published an article on the New Liabilities and Policies for Incidental Private Use of Company Electronic Systems and PDAs.

The discussion in the article comes from the decision in Quon v. Arch Wireless Operating Company, Inc., 529 F.3d 892 (9th Cir. 2008). In that case the court found that a police department had violated the Fourth Amendment and state constitutional rights of employees and the people they exchanged text messages with, when they reviewed “personal” text messages created on devices owned and issued by the police department. It also found that the text messaging provider, Arch Wireless, violated the Stored Communications Act (SCA), 18 U.S.C. §§2701-2711, by providing transcripts of these messages to the employer.

The authors point out that the decision in Quon deals with constitutional questions involving government employees.  The same positions may not be true for non-government employees.  But there are still lessons to be learned:

  • Policies regarding employee use of email, internet access, and mobile devices should be clear that employees have no expectation of privacy
  • Policies should make it clear that employees can expect their use of computer systems and devices, including personal use and messages, to be subject to monitoring and access by the employer with or without notice.
  • Carefully draft service agreements to comply in advance with the SCA and other wiretap type statutes with “consent” language.
  • Update subpoena and document response policies and protocols to comply with the SCA and,  if the company operates internationally, foreign laws.