Access to Employer Provided Computers Requires Effective Privacy Policies

Employers should implement clear policies addressing the employers' right to access employee workspaces and computers. In U.S. v. Ziegler, the Ninth Circuit held that an employee's expectation of privacy in the workplace is diminished if the employer establishes a clearly written policy stating that the employer has a right to monitor the workspace. A well drafted policy should state that the employer may access and monitor electronic mail, voicemail and other electronic information, and that nothing on an employee's computer or the employer's electronic systems is private. The policy should also address electronic data that is prepared or accessed by the employee outside of the office, such as data stored on a laptop used for work or prepared while an employee is working from a remote location.

Ziegler involved an employee who was convicted of various child-pornography charges. His employer notified the FBI that he was using his work computer to access child pornography on the internet. In cooperation with the FBI's investigation, the employer gave the FBI access to the computer and hard drive. The evidence of child-pornography found on his computer and hard drive ultimately led to his conviction.

The employee argued that the FBI's search of his computer without a warrant violated the Fourth Amendment. The Ninth Circuit disagreed, holding that the employer could give valid consent to search the hard drive because the computer was the type of workplace property that remained within the control of the employer, even if the employee placed personal items on it. The Ninth Circuit found it significant that the employer had complete administrative access to every employee's computer, installed a firewall program to monitor employees' internet use, and actually monitored this information on a regular basis. Most significantly, the employer's policy notified employees about this monitoring activity and clearly stated that employees had no expectation of privacy in their computers. For these reasons, the Ninth Circuit held that the employer had the right to access the computer data and turn it over to the FBI.

The Ziegler decision underscores the importance of implementing a clear privacy policy. Employers who do not have a privacy policy in place should establish one. Employers who already have privacy policies should review them to ensure that they adequately address these issues. The policy should be distributed to employees, along with the employer's other employment policies. In addition, the contents of the policy should be addressed during every employee's orientation and training. Should you have questions regarding implementing or updating such policies, please contact an attorney in our Employment and Benefits Group.

 

---

Please note that the information contained in this newsletter is not intended to provide specific legal advice. You should consult with an attorney and not rely on any information contained herein regarding your specific situation.