Court Rules on Employee Privacy with Third Party Servers - California Chamber of Commerce

Home | HRCalifornia | Store

About Us | Contact Us

CalChamber Member: Chevron Corporation - Reproduced with permission of Chevron Corporation


Daily Headlines Top Story Archives Videos Press Releases Inside the Capitol Alert Newsletter CalChamber in the News RSS CalChamber Fact Sheet Calendar of Events	phTitle Court Rules on Employee Privacy with Third Party Servers phImage phMainContent (August 14, 2008) The 9th U.S. Circuit Court of Appeals has issued a decision finding that employees have a right to privacy over information held on third party servers -- as opposed to company-owned and -controlled servers. In the case of Quon v. Arch Wireless Operating Company 2008 U.S. App, the employer received information from a third party vendor that employees had transmitted through company-owned equipment. The court said the vendor should not have released that information to the employer. Arch Wireless provided wireless text messaging services for the City of Ontario Police Department (OPD). OPD employees were given two-way pagers provided by Arch Wireless, but OPD did not provide a policy regarding employee use of the pagers’ text messaging function, except that each pager was allotted 25,000 characters, after which OPD would have to pay overage charges. OPD’s general “Computer Usage, Internet and E-mail Policy” did specify that OPD-owned computers and associated equipment, software, programs, networks, Internet, e-mail and other systems operating on OPD computers is limited to work-related business. The policy also noted that there should be no expectation of privacy relating to the use of OPD equipment, all use will be monitored and inappropriate use will not be tolerated. All employees signed an acknowledgment they received and reviewed this policy. Jeffery Quon, a sergeant and member of OPD’s SWAT team, consistently used more than the 25,000 character limit on his pager. OPD’s unofficial policy was to require the employee to repay it by check for any associated overage charges. Quon was told the pagers were considered e-mail and all messages he wrote could be audited to determine whether the messages were work-related. Quon was given the choice of either paying OPD the overage charges or having his messages reviewed by Internal Affairs. Each time Quon went over the limit, he paid the overage charges. The fourth time Quon exceeded the limit, OPD Chief Scharf ordered a lieutenant to request the pager transcripts from Arch Wireless to determine if the messages were work-related. A major account specialist with Arch Wireless printed out the transcripts associated with OPD pager numbers, put the transcripts in a manila envelope and brought them to OPD. The major account specialist did not read the messages, but after reviewing about four lines of one of the transcripts, she realized the messages were sexually explicit. Internal Affairs conducted an audit of the records to determine if OPD time was being wasted by employees not working when they were supposed to be. The audit found that Quon had exceeded his monthly allotted characters by more than 15,000 characters, and that many of these messages were personal in nature and often sexually explicit. Quon sued OPD for violating his Fourth Amendment protection from unlawful searches. A jury found in favor of Quon, but the 9th Circuit disagreed and found Arch Wireless violated Quon’s privacy by releasing the transcripts to OPD. The federal Stored Communications Act, part of the Electronic Communications Privacy Act, governs the analysis. Arch Wireless is considered an electronic communication service – defined as “any service which provides to users of the service the ability to send or receive wire or electronic communications” – that stored communication relating to the use of the pagers on its own servers. This is to be contrasted with remote communication service that provides computer data storage and processing services to the public. The Court drew an analogy to the use of an Internet service provider that stores e-mails after delivery to an e-mail recipient for purposes of back-up protection. The messages were not stored on OPD’s behalf or for its benefit. Arch Wireless served as a conduit for the transmission of messages between users and stored the messages as a “backup” for the user. The user in this case is the individual sending and receiving messages. Arch Wireless knowingly released the transcripts to OPD, which was a subscriber to OPD’s service and not a user or addressee or intended recipient of such communication, As such, the messages and privacy thereto belonged to Quon and not to OPD and Arch Wireless unlawfully released the transcripts to OPD, the court concluded. The California Chamber of Commerce has recommended that employers: To the extent possible, maintain your own servers for all company-related equipment (Blackberries, laptops, etc.). Notify all employees that they should not have a reasonable expectation of privacy related to communications on company-owned equipment that is stored on company servers. Train all employees in your discrimination and harassment policies, reminding them that use of electronic communication for inappropriate conversations is unacceptable under company policy. Staff Contact: Jessica Hawthorne

Click to verify BBB accreditation and to see a BBB report.

Free Newsletters

Hot Topics

Issues

References

About CalChamber

© 2012 California Chamber of Commerce.
Terms of Use and Privacy Policy