Employees’ right to privacy when using electronic communications has become a major workplace issue within the last decade. What constitutes an invasion of privacy? When does an employer have the right to monitor electronic communications? And does monitoring bring up the Orwellian image of Big Brother?
The Electronic Communications Privacy Act (ECPA) of 1986 is the only federal statute that deals directly with the interception of e-mail. The ECPA was enacted to extend an earlier legislation’s protection against the unauthorized access of wire and oral communications to include electronic communications. Although the Act doesn’t expressly mention e-mails, courts have interpreted the term “electronic communications” to include emails.
The ECPA does not, however, guarantee an employee’s right to email privacy in the workplace. There are three specific instances when an employee’s protection under the ECPA does not apply:
- The Consent Exception – Section 2511(2)(d) indicates that an interception of an electronic communication is considered legal if the person doing the intercepting is a party to the communication, or if one of the parties involved in the communication consents. The only exception to this proviso is if the purpose of intercepting the communication is to use it to commit a crime or tort. If an employer asks their employees to sign an employment agreement stating that their electronic communications will be monitored, the agreement will nullify the protection of the ECPA.
- The Provider Exception – Section 2511(2)(a)(i) allows an officer, employee, or agent of a provider of wire or electronic communication service, whose equipment is used in the transmission of an electronic communication, to intercept, disclose, or use that communication in the normal course of employment if that person is involved in an activity which impacts upon the normal course of operations or upon the protection of their property rights. This means that intercepting emails to conduct quality checks is permissible as is intercepting them if you believe an employee is “stealing” the service by sending emails to friends on company time.
- The Business Extension Exception – Section 2510(5)(a) exception also covers interception done in the ordinary course of business. It is similar in intent to the provider exception.
What all of these exceptions boil down to is that employers are justified in intercepting email messages as long as they have a valid business reason for doing so. However, if the business takes physical action to protect the privacy of email by installing a system that allows messages to be marked as confidential or by using passwords; or if the business tells employees that their email is private, the employer’s right to intercept may be considered voided unless one of the above stated exceptions can be proven.
Although there are still accusations that intercepting email is an outright invasion of a worker’s privacy even though the message may be written on company time and using company equipment, intercepting emails is becoming increasingly necessary. As the number of employees who sue because of harassment that occurred via email increases, businesses will find that limiting risk will depend upon knowing when you can legally intercept.