Remember what a stamp was? You’d slap it on an envelope, and the letter inside remained private. But technology has changed—and so has privacy expectations of work communications.
When employees send text messages on employer-provided phones, are those texts as private as a message in a bottle … or a message in the sky? The U.S. Supreme Court penned a long-awaited warning last week: For now, employees shouldn’t expect text messages at work to be private.
Case in Point: Jeff Quon was a police sergeant for the city of Ontario, California. To help Quon respond to emergencies, the police department gave him a pager that also sends text messages. Along with the pager, the city gave Quon a Computer Usage, Internet and E-Mail Policy that reserved, “the right to monitor and log all network activity including e-mail and Internet use, with or without notice.”
Further, the policy said employees, “should have no expectation of privacy or confidentiality when using these resources.” While the policy did not list text messages explicitly, the city made it clear text messages and e-mails would be treated alike.
When Quon exceeded the monthly text-message limit, the city reminded him he could be audited. Quon was told if he reimbursed the city for his overages, he could avoid the audit. Nevertheless, the police chief eventually decided to audit text message usage to determine whether the existing plan was too low.
During the audit, the city found that Quon had sent sexually explicit text messages. He was disciplined for violating the policy. Quon sued the city alleging violations of the Federal Stored Communications Act and his Fourth Amendment right to privacy.
A lower court agreed that Quon should have a “reasonable expectation of privacy” with his text messages. But the U.S. Supreme Court last week narrowly ruled that the city’s search of Quon’s off-duty text messages did not violate his privacy rights.
The court stopped short of saying when employees could expect any degree of privacy in their e-communications at work. It noted that the "judiciary risks error by elaborating too fully on Fourth Amendment implications of emerging technology before its role in society has become clear." (Ontario v. Quon, No. 08-1332, 6/17/10)
3 Lessons Learned … Without Going to Court
Make sure any searches of employee’s e-mail or texts are reasonable and not beyond the scope of the investigation. In this case, the Supreme Court recognized that only two months of texts were audited and there was a legitimate business purpose for doing so.
1. Have a technology policy. Among other things, make sure it says, “employees should have no reasonable expectation of privacy.” So they won’t.
2. Strictly business, no monkey business. Make sure your policy clearly defines whether your technology is strictly for “business use” or there can be some “occasional personal use.” If occasional personal use is permitted, give clear and practical examples of acceptable and unacceptable usage.
3. Don’t be all-inclusive. Yesteryear, we did not know from pagers, PDA’s, emails, text messages, instant messages and Twitter. While you can list technology known today, you can’t list the unknown of tomorrow. Make sure your list of devices, social networking sites and other e-things state, “including but not limited to…” Such a disclaimer today will give you legal wiggle room tomorrow.