EPIC Workplace Privacy Page

Workplace Privacy

Introduction| News | Surveys and Reports | Legislation | Cases | Resources | Surveillance Technologies

Former Employer Caught Snooping on Employee's Private Email. A former employee of Structured Settlement Investments filed a lawsuit against the company claiming that the company had been reading his personal yahoo e-mail messages. The company prohibited the former employee from engaging in a similar line of work for 3 years post employment. The case, filed in a Connecticut federal court, alleges that the company gained access to the personal e-mail on a private account, while the company claims to have knowledge about the employee because it was on his computer screen where others could see. (June 27)

Court Rules in Favor of Employee Privacy. The 9th Circuit Court upheld the workplace privacy rights of employees in its decision in Quon v. Arch Wireless. Sgt. Jeff Quon and 3 other officers sued Arch Wireless for sharing wireless communication records with their employer, the Ontario Police Department. The City contracted for text messaging service for employees, and later obtained records to investigate whether all communications were work related. The court's decision reversed a lower court ruling, and found that the carrier was in violation of the 4th Amendment and California constitutional guarantees. (June 19)

Introduction

Workers of the world are exposed to many types of privacy-invasive monitoring while earning a living. These include drug testing, closed-circuit video monitoring, Internet monitoring and filtering, E-mail monitoring, instant message monitoring, phone monitoring, location monitoring, personality and psychological testing, and keystroke logging. Employers do have an interest in monitoring in order to address security risks, sexual harassment, and to ensure the acceptable performance of employees. However, these activities may diminish employee morale and dignity, and increase worker stress.

The Modern Challenge of Workplace Privacy

While gone are the days where Henry Ford would inspect the homes of workers, employers have new means to acquire information about employees, and these new means require a reevaluation of basic fairness in the employee-employer relationship.

Many workers are not protected with due process guarantees against arbitrary discharge. Absent state law or contract, employers can often dismiss an employee for any reason, or no reason, even if the decision to terminate is based on false information.

At the same time, increased employee monitoring powers raise the risk that false inferences can be drawn about employee contact. An employee network monitoring appliance can detect access to the inappropriate site, but not the intent of the employee. With these new monitoring tools and potential to draw false inferences, it is important now more than ever for employees to have basic due process protections--the right of notice of the violation and some "opportunity to be heard."

This field is also nuanced. Employees may desire medical screening, including genetic screening, prior to employment. For instance, in certain workplaces, it is possible to screen an employee for predispositions to disease that may be exacerbated by the presence of chemicals essential to the business. Similarly, background checks are often appropriate for positions of trust, such as a police officer, but not appropriate for jobs unrelated to public safety or the handling of very large sums of money.

In the United States and many third-world countries, workers have very few privacy protections in law. There are few situations where an employee has a due process right to access, inspect, or challenge information collected or held by the employer. There are a patchwork of state and federal laws that grant employees limited rights. For instance, under federal law, private-sector employees cannot be required to submit to a polygraph examination. However, there are no general protections of workplace privacy except where an employer acts tortiously--where the employer violates the employee's reasonable expectation of privacy.

European employers are bound by comprehensive data protection acts that limit and regulate the collection of personal information on workers. These laws specifically call for purpose and collection limitations, accuracy of data, limits on retention of data, security, and protections against the transfer of data to countries with weaker protections. These protections place employees on a more equal footing while allowing employers to monitor for legitimate reasons.

The ILO Code: The Standard for Workers' Rights

In 1996, the International Labour Organization (ILO) adopted a code of practice on the protection of workers' personal data. The ILO code is regarded as the standard among privacy advocates for protection of workers' privacy rights. The code specifies that workers' data should be collected and used consistently with Fair Information Practices (FIPs). The protections include:

Coverage for both public and private sector employees.

That employees should have notice of data collection processes.

That data should be collected and used lawfully and fairly.

That employers should collect the minimum necessary data required for employment.

That data should only be collected from the employee, absent consent.

That data should only be used for reasons directly relevant to employment, and only for the purposes for which the data were originally collected.

That data should be held securely.

That workers should have access to data.

That data should not be transferred to third parties absent consent or to comply with a legal requirement.

That workers cannot waive their privacy rights.

That medical data is confidential.

That certain data, such as sex life and political and religious beliefs, should not be collected.

That certain collection techniques, such as polygraph testing, should be prohibited.

Privacy Journal's Principles for Restricting Surveillance in the Workplace

Robert Ellis Smith, editor of the Privacy Journal, has created a model for US employers that offers strong protections for workers' privacy. Smith's model, which was presented to the Service Employees Union on October, 27, 2000. It calls for annual notice to employees of the monitoring type, purpose, and location, provisions for data destruction, audit trails, and a right of action against an employer for invasion of privacy for violations of the principles.

US Approaches, Legislation, and Protections

In 1977, the Privacy Protection Study Commission (PPSC), which was convened pursuant to the Privacy Act of 1974, issued a report covering workplace privacy. The report recognized that employers collect a broad range of information on workers, and focused on delineating lines of fairness on the collection and use of employee information. It also recognized that much had changed since the development of common law employment norms. America is now longer a country of the self-employed, but rather of employees who do not always have the power to bargain the terms of employment. Quoting the Equitable Life Assurance Society of the U.S., the PPSC's approach recognized that "people with a given employment status…must adhere to many terms of employment set by the organization they work in if they are to work at all."

The PPSC pursued three public policy objectives, and 34 recommendations to meet the objectives. The objections were first, to minimize intrusiveness in hiring, and specifically to reduce the practice of obtaining information about an employee from a third party, such as a credit reporting agency. Second, to maximize fairness, by reducing use of arrest information and ensuring that information collected is accurate, complete, and timely. Third, the PPSC pursued the goal of creating a legitimate and enforceable expectation of confidentiality in employment records.

The Electronic Communications Privacy Act of 1986 (ECPA) is the only federal statute that offers workers protections in communications privacy. ECPA prohibits the intentional interception of electronic communications. However, the ECPA contains loopholes that facilitate employee monitoring. First, employers are permitted to monitor networks for business purposes. This enables employers to listen in on employee phone calls or to view employees' e-mail. Employers may not monitor purely personal calls, however, in order to determine that a call is personal, employers usually have to listen to portions of the employee's conversation. Second, an employer may intercept communications where there is actual or implied employee consent. Consent has been found where there employer merely gives notice of the monitoring.

There have been attempts to increase workers' privacy through new legislation. In 1993, Senator Paul Simon (D-IL) introduced the Privacy for Consumers and Workers Act. The measure would have established a standard for notice, access to information, and use limitations. However, the bill did not leave the committee to which it was assigned. The Notice of Electronic Monitoring Act (NEMA) was introduced by Representative Charles Canady (R-FL) and Senator Charles Schumer (D-NY) in 2000. NEMA would have established a private right of action against employers who failed to give notice of wire or network monitoring. The measure did not leave committee.

Privacy Guidelines for the Workplace - International

EUROPEAN UNION:

Hubert BOUCHET, (Commission National Informatique et Libertés), LA CYBERSURVEILLANCE DES SALARIÉS DANS L'ENTREPRISE, Study and public consultation report (March 2001)(Not available online).

Olivier Rijckaert, Exemples de directives relatives à l'utilisation du courrier électronique et d'Internet au sein de l'entreprise, April 2000.

Council of Europe (Comity of Ministers), Recommendation No. R (89) 2 of the Committee of Ministers to Member States on the protection of personal data used for employment purposes (January 18, 1989)(Not available online).

AUSTRALIA:

Guidelines on Workplace E-Mail, Web Browsing and Privacy, March 30, 2000.

Specific Methods of Worker Surveillance

Remarkably invasive tools exist to monitor employees at the workplace. These include:

Packet-sniffing software can intercept, analyze, and archive all communications on a network, including employee e-mail, chat sessions, file sharing, and Internet browsing. Employees who use the workplace network to access personal e-mail accounts not provided by the company are not protected. Their private accounts, as long as they are accessed on workplace network or phone lines, can be monitored.

Keystroke loggers can be employed to capture every key pressed on a computer keyboard. These systems will even record information that is typed and then deleted.

Phone monitoring is pervasive in the American workplace as well. Some companies employ systems that automatically monitor call content and breaks between receiving calls.

Video surveillance is also widely deployed in the American workplace. In a number of cases, video surveillance has been used in employee bathrooms, rest areas, and changing areas. Video surveillance, under federal law, is acceptable where the camera focuses on publicly-accessible areas. However, installment in areas where employees or customers have a legitimate expectation of privacy, such as inside bathroom stalls, can give the employee a cause of action under tort law.

"Smart" ID cards can track an employee's location while she moves through the workplace. By using location tracking, an employer can even monitor whether employees spend enough time in front of the bathroom sink to wash their hands. New employee ID cards can even determine the direction the worker is facing at any given time.

Increasingly, employers are using psychometric or aptitude testing to evaluate potential employees. Such tests purport to assess intelligence, personality traits, religious belief, character, and skills.

Satellite or Global Positioning System (GPS) Surveillance Technology is now incorporated into cell phones, and vehicle tracking technology. GPS is a global navigation tracking system deployed by the Department of Defense, later used extensively for air travel, and has now become available for personal communication devices and service features for personal ground transportation. Now the technology is being used by employers to keep track of employees who are in distributed work environments (construction, delivery, service providers, etc).

Employee Background Checks are increasingly used to screen perspective employees and current employees for criminal and credit histories. Adverse employment decisions based on the results of a criminal background check are not federally regulated, so employers in states without laws governing notice are not required to tell applicants about the negative reports.

Telecommuting

Telecommuters, or employees who labor remotely from the workplace encounter different privacy challenges. For instance, how can the employer monitor the employee's home without impinging upon non-work-related activities? What limits are there to prevent surveillance of the employee during off-hours? What about information collected about non-employee family members who may use work equipment? What about non-work related information on company based home offices? What about tax obligations for home offices that home owners might face? Where is the line between work and personal time? These questions remain unresolved.

Labor Issues - Computer Surveillance

In the United States, restricting employee communications may run afoul of fair labor laws where there is interference with union activities. In Pratt & Whitney, 26 AMR 36322, 12-CA-18446 (Feb. 23, 1998), the National Labor Relations Board (NLRB) reported in an advice memorandum that a company's computer network was a "work area." Accordingly, rules prohibiting all nonbusiness use of e-mail on a company's network could be unlawful. The NLRB has found that policies discriminating against union activity on computer networks run afoul of the National Labor Relations Act (NLRA). Employee monitoring that has the effect of selectively punishing labor organizing activities could violate the NLRA.

Mark E. Schreiber, Employee E-mail and Internet Risks: Policy Guidelines and Investigations (PDF), 2001 Elron Software.

Report of the NLRB General Counsel on Employer Rules Limiting Employee Use of Company Computers and E-Mail, September 2000.

Timekeeping Systems v. Leinweber, 323 NLRB 30 (1997)(cited in Schreiber). In Timekeeper, a employee who sent an e-mail criticizing workplace privacy to all co-workers engaged in protected concerted activity.

Kim M. Tran, Union Activity by Email: Another Topic for the Employee Handbook, Fall 1997.

E. I. DU PONT & CO., 311 NLRB 893 (1993)(cited in Schreiber). In Du Pont, the NLRB held that a employer's policy of allowing personal use of e-mail but prohibiting union use violated the NLRA.

National Labor Relations Act, 29 USCA Secs. 151-169.

Labor Issues - Video Surveillance

Employers increasingly attempt to install hidden surveillance cameras. Recent cases have established a precedent that employers must provide notice to labor unions before installing surveillance cameras in the workplace and employers must provide the opportunity to negotiate and bargain over this action. In the most recent decision, however, the NLRB would not rescind the discipline of employees even if the employers illegally and secretly installed hidden cameras.

Anheuser-Busch, Inc. (14-CA-25299; 342 NLRB No. 49) St. Louis, MO July 22, 2004. In 1999, the Administrative Law Judge (ALJ) found that the installation of hidden cameras monitoring work areas requires notice and opportunity for bargaining. The ALJ found that the area in dispute could indeed be called a work area, thus broadening the definition of "work area." However, they did not revoke the discipline of the employees even though it was based on evidence obtained by the hidden cameras. In 2004, the NLRB upheld both decisions. The NLRB ruled that the employers were still justified in the disciplinary action taken against employees due to the evidence obtained by the hidden cameras. The board found that rescinding the discipline would violate the specific remedial restriction contained in Section 10(c) of the Act, which provides that "[n]o order of the Board shall require the reinstatement of any individual as an employee who has been suspended or discharged, or the payment to him of any backpay, if such individual was suspended or discharged for cause."

National Steel Corporation, 335 NLRB No. 60 (2001). The union requested information about cameras and bargaining as a result of the Colgate-Palmolive decision, but the employer disputed their right to such actions since surveillance was a pre-existing practice. The NLRB found that the union's failure to request bargaining on prior occasions did not constitute a waiver of the union's right to bargain over future installation of surveillance cameras. U.S. Court of Appeals for the Seventh Circuit agreed with the decision in National Steel Corp. v. NLRB, 324 F.3d 928 (2 PVLR 385, 4/14/03).

Colgate-Palmolive, 323 NLRB No. 515 (1997) (pdf). The NLRB found that the employer had violated section 8(a)(5) of the NLRA in refusing to respond to the union's request to bargain on the issue. They found it to be a mandatory subject of bargaining saying the installation of surveillance cameras is "outside of the scope of managerial decisions lying at the core of entrepreneurial control." 323 NLRB at 515.

Monitoring Public Employees

Government employees do enjoy some protection from searches under the Fourth Amendment. In O'Connor v. Ortega, the Supreme Court extended Fourth Amendment privacy protection to public workplace. In that case, the Supreme Court recognized a reasonable expectation of privacy in the governmental workplace. However, that expectation of privacy can be affected by office policies and practices. The plaintiff employee in O'Connor was found to have had a legitimate expectation of privacy in his desk and file cabinets. But, the rights conferred under O'Connor are narrow. The government still has the right to perform searches that serve interests in promoting efficient operation of the workplace. Government employers can also weaken expectations of privacy by informing employees that they do not have an expectation of privacy, or that their desks, computers, and lockers may be searched.

New Scanners For Tracking City Workers, New York Times,Section B January 23, 2007- In August 2006 the city began using palm scans to monitor Department of Design and Construction employees' entries and exits from work.
Fired Worker Claims Wal-Mart Spying, The Commercial Appeal, Pg. C5, April 5, 2007 - Wal-Mart according to a dismissed employee engaged in a large surveillance operation that spied on company workers, critics, vendors and consultants.

Monitoring of the US Judiciary

One related area of public employment that has been exposed to workplace monitoring is the federal judiciary. In May 2001, a group of US federal court judges learned that their Internet communication was being monitored by court administrators. The judges were troubled by the privacy and confidentiality issues raised by the monitoring. Some judges argued that the monitoring violated the Electronic Communications Privacy Act (ECPA). As a result, the judges disabled the Internet monitoring systems on their networks. A public conflict ensued between judges and the administrators who maintain judicial computers. The administrators wished to reinstate monitoring and adopt a policy giving federal judges and their staff no expectation of privacy in the workplace.

In September 2001, the Judicial Conference, the policy-making body of the federal judiciary, met to resolve the conflict. In anticipation of the meeting, EPIC sent a letter to the Judicial Conference urging the body to end monitoring of judges. The Judicial Conference rejected the administration policy that would have eliminated all expectation of privacy in the workplace. The Conference also voted to end e-mail monitoring of the judiciary. However, the Conference did approve limited monitoring of Internet use and prohibited the use of certain file sharing programs.

Federal Judge's Victory Just the First Shot in the Battle Over Workplace Monitoring, Privacy Foundation, September 20, 2001.

Judicial Conference Approves Recommendations on Electronic Case File Availability and Internet Use, (PDF) Administrative Offices of the U.S. Courts, September 19, 2001.

EPIC Letter to the Judicial Conference.

Congressmen Urge Rehnquist To Oppose E-Mail Monitoring, Wall Street Journal (AP), September 7, 2001 (subscription required).

Judicial Leaders Mull Web Monitoring, Yahoo News (AP), September 10, 2001

Letter from Judge Edith Jones to Judge Edwin Nelson on Judicial Monitoring, August 18, 2001.

Rebels in Black Robes Recoil at Surveillance of Computers, New York Times, August 8, 2001.

News

A Company Computer and Questions About E-Mail Privacy, New York Times, June 27, 2008

Court limits employer access to worker messages, Associated Press, June 19, 2008

New Kinds of Drug Tests Weighed for Federal Workers, Washington Post, January 20, 2004.

Federal Law Allows Employer's Search of Worker's E-Mails, The Legal Intelligencer, December 12, 2003

Data Protection: Commission seeks views on privacy legislation, European Commission.

Agency Allowed to Revoke E-Mail Access, CNET News.com, April 29, 2002.

Instant message monitoring soaring, SMH (AP), April 15, 2002.

Firms Dig Deep Into Workers' Pasts Amid Post-Sept. 11 Security Anxiety, Wall Street Journal, March 12, 2002 (subscription required).

Shaw's calls off employee searches, Providence Journal, March 9, 2002.

IT shops balance security, privacy, CNN.com, February 27, 2002.

Supreme Court passes up chance to consider workplace monitoring by police, Arizona Central, February 19, 2002.

Legal Issues Involved in Monitoring Employees' Internet and E-mail Usage. GigaLaw.com, January 2002.

US Supreme Court Won't Hear Tolietcam Lawsuit, Declan McCullagh's Politechbot.com, January 8, 2002.

Report Attacks Monitoring, Australian IT, December 18, 2001.

Electronic surveillance in the workplace, USA Today, October 18, 2001.

Christophe Guillemin, L'entreprise n'a aucun droit de regard sur les courriers personnels, October 4, 2001.

Estelle Dumout, Cybersurveillance des salariés: un hiatus entre la théorie et la pratique, September 28, 2001.

Lawsuits spur rise in employee monitoring, US News and World Report, August 13, 2001.

US employees find no right to privacy in cyberspace, Financial Times, August 12, 2001.

Reconsidering the Privacy of Office Computers, New York Times, July 27, 2001.

Study: Web, e-mail monitoring spreads, CNET, July 8, 2001.

Workplace Phone Calls Protected by Privacy Laws?, Globe and Mail, July 6, 2001.

Companies keeping watch over their employees, Siliconvalley.com (Reuters), June 9, 2001.

Your boss knows you're reading this, ZDNet (Reuters), May 29, 2001.

More Companies Watching Employees, American Management Association Press Release, April 18, 2001.

Privacy at Work? Be Serious, Wired, March 1, 2001.

Careful -- should you read this? Monitoring employees: Eyes in the workplace, CNN.com, January 2, 2001.

Jeffrey Barlow, Employers and E-mail -- Where to Draw the Line?, The Internet Law Journal, December 26, 2000.

Gina M. LaPlante, How Private is Your Work E-Mail?, The Internet Law Journal, November 14, 2000.

Dana Hawkins, Privacy is under Siege at Work, at Home, and Online, U.S. News and World Report, October 2, 2000, p. 63.

Jeffrey Rosen, The Eroded Self, The New York Times Magazine, April 30, 2000, p. 46.

Ann Carrns, Prying Times, Wall Street Journal, February 4, 2000, p. 1.

Matt Richtel, Software to Watch, The New York Times Magazine, July 4, 1999, p.12.

Chris Poynter, Wal-Mart Verdict Puts End to Shame, Ex-Workers Say 4 Accused of Theft Feel Vindicated By $20 Million Award, The Courier-Journal, January 25, 1999, p. 01a.

Stuart Silverstein, Employee Finds Hidden Camera in Bathroom, Los Angeles Times, September 12, 1997, Part D, p.1.

US Privacy Protection Study Commission finds US standards inadequate, recommends legislation, April 22, 1996.

Surveys and Reports

The American Management Association (AMA) surveys major employers annually to determine the extent of workplace surveillance in the United States. Since AMA started conducting the survey in 1997, prevalence of workplace monitoring has increased every year.

On Your Tracks: GPS Tracking in the Workplace, National Workrights Institute

Privacy Under Seige: Electronic Monitoring in the Workplace, National Workrights Institute

2006 Proofpoint and Forrester Research Survey: Outbound Email and Content Security in Today's Enterprise. May 2006.

2001 AMA Survey Workplace Monitoring & Surveillance: Policies and Practices Summary of Key Findings (PDF). Full report can be purchased online.

European Commission's Article 29 - Data Protection Working Party, Opinion 8/2001 on the Processing of Personal Data in the Employment Context, September 13, 2001.

A Report on the Privacy Practices of Monster.com, Privacy Foundation, September 5, 2001.

Millions of Monitored Employees Have No Legal Protections, Privacy Foundation, July 16, 2001.

One-Third of U.S. Online Workforce under Internet/E-Mail Surveillance, Privacy Foundation, July 9, 2001.

Hubert Bouchet, (CNIL), La Cybersurveillance Des Salaries Dans L'Enterprise, Study and Public Consultation Report, March 2001.

Commission belge de la protection de la vie privée (Belgian Data Protection Authority), Avis no. 10/2000 d'initiative relatif à la surveillance par l'employeur de l'utilisation du système informatique sur le lieu de travail, April 3, 2000.

College Bescherming persoonsgegevens (Dutch Data Protection Authority), Goed Werken in Netwerken - Regels Voor Controle Op E-Mail En Internetgebruik Van Werknemers, 2000.

Commission Nationale Informatique et Libertés ("CNIL"), La Cybersurveillance des salariés, Chapter 5 in 21ST ACTIVITY REPORT, p. 121 et seq., (2000).

Mary E. Pivec and Susan Brinkerhoff, E-Mail in the Workplace: Limitations on Privacy, Human Rights Magazine, Winter 1999.

Report by former chair of US Privacy Protection Study Commission finds US standards inadequate, recommends legislation, April 1996.

U.S. Congress, Office of Technology Assessment, The Electronic Supervisor: New Technology, New Tensions, OTA-CIT-333 (Washington, DC: U.S. Government Printing Office, September 1987) (Not available online).

Resources

Workplace Privacy in Privacy and Human Rights 2000, EPIC and Privacy International (2000).

National Workrights Institute.

International Labour Organization (ILO) Code on Protection of Workers' Personal Data.

ILO Workers' Privacy Page.

The Employment Relationship, Chapter 6 to the Report of the Privacy Protection Study Committee (1977).

Employment Records, Appendix 3 to the Report of the Privacy Protection Study Committee (1977).

Privacy Journal Principles for Restricting Electronic Surveillance in the Workplace, Robert Ellis Smith, Presented to the Service Employees Union October 27, 2000.

Privacy Foundation Workplace Surveillance Project. The Privacy Foundation's resources include information on surveillance technology and law. The page also features a job loss monitor and a workplace privacy toolkit.

Martha McCaughey, Windows without Curtains: Computer Privacy and Academic Freedom, Academe, Sept/Oct 2003.

Employee Privacy: Computer-Use Monitoring Practices and Policies of Selected Companies. GAO-02-717, September 27, 2002.

Malika Reed, Technological Advancements Erode Expectations of Workplace Privacy, 3 Loy. Intell. Prop. & High Tech. J. 15, (Summer 2002) (Not available online).

Stephen B. Stern & Pamela J. White, Legal Risks of Electronic Surveillance in the Workplace, 35 Md. Bar J. 1 (2002) (Not available online).

Douglas M. Topolski & Albert W. Palewicz, Employee Privacy Rights in the Electronic Workplace, 35 Md. Bar J. 1 (2002) (Not available online). "There are few employee rights in the area of employee privacy that cannot be reduced, compromised, or eliminated by the careful employer."

Monitoring Employee E-Mail: Efficient Workplaces vs. Employee Privacy, 2001 Duke L. & Tech. Rev. 0026 (July 2001).

Fact Sheet 7: Workplace Privacy, Privacy Rights Clearinghouse, April 2001.

James Rosenbaum, In Defense of the Hard Drive (PDF),The Green Bag, Winter 2001.

James Rosenbaum, In Defense of the Delete Key (PDF), The Green Bag, Summer 2000.

Roger Clarke's Workplace Privacy Resources.

Civil Liability for Invasion of Privacy, Law Reform Commission of Hong Kong, August 1999.

Mark S. Dichter and Michael S. Burkhardt, Electronic Interaction in the Workplace: Monitoring, Retrieving and Storing Employee Communications in the Internet Age.

S.984, the Privacy for Consumers and Workers Act, Introduced by Senator Paul Simon, 103 S. 984 (1993).

California Senate Bill 147, introduced by Debra Bowen (D-Redondo Beach).

H.R.4908. Notice of Electronic Monitoring Act. Introduced by Senator Careless Schumer (D-NY) and Representative Charles Canady (R-FL).

Anonymous Internet access services, such as Safeweb and Anonymizer, may prevent the monitoring of telecommuters' computers.

Technology, work and surveillance: organisational goals, privacy and resistance, David Mason, Graham Button, Gloria Lankshear and Sally Coates, September 2000.

ACLU Report "PRIVACY IN AMERICA: Electronic Monitoring."

ACLU Legislative Briefing Kit on Employee Monitoring.

US News and World Report Workplace Privacy News Archive.

Electronic Frontiers Australia Model Acceptable Use Policy for Employee Use of the Internet.

US Office of Personnel Management Policy on Personal Use of Government Office Equipment.

UK Data Protection Commissioner Codes of practice.

Anti-Polygraph.org.

ACLU, The Rights of Employees.

Findlaw Workplace Law Links.

Don A. Cozzetto & Theodore B. Pedeliski, Privacy and the Workplace: Technology and Public Employment, 26 PUBLIC PERSONNEL MANAGEMENT 515 (1997).

Holly L. Rasky, Can an employer search the contents of its employees e-mail?, 20 ADVOCATES QUARTERLY 221 (1998) (Not available online).

Martin H. Samson, Internet Law - E-mail/Right of Privacy/Internet Use, (last updated October 17, 2001).

Susan E. Gindin, Guide to E-Mail & the Internet in the Workplace (introduction only).

Amy Rogers, You Got Mail But Your Employer Does Too: Electronic Communication and Privacy in the 21st Century Workplace, 5.1 J. Tech. L. & Pol'Y 1 (2000).

RIGHTS TO PRIVACY, Robert E. Long Ed., New York: The H.W. Wilson Co., 1997. (Not available online.)

William S. Hubbartt, THE NEW BATTLE OVER WORKPLACE PRIVACY, New York: AMACOM, American Management Association, 1998. (Not available online.)

Rod Dixon, Windows Nine-to-Five: Smith v. Pillsbury and the Scope of an Employee's Right to Privacy in Employer Communications, 2 VA. J.L. & TECH. 4 (Fall 1997), 1522-1687.

Robert Ellis Smith, Workrights, E. P. Dutton, 1983 (Not available online).

DiTecco, D. "Operator Stress and Monitoring Practices," 23 Applied Ergonomics 1, p. 29-34 (Not available online).

Smith, Michael J. et al., "Employee Stress and Health Complaints in Jobs With and Without Electronic Performance Monitoring," 23 Applied Ergonomics 1, p. 17-27 (Not available online).

Westin, A.F. "Two Key Factors That Belong in a Macroergonomic Analysis of Electronic Monitoring: Employee Perceptions of Fairness and the Climate of Organizational Trust or Distrust," 23 Applied Ergonomics 1 p. 35-42 (Not available online).

Resources-International

AUSTRALIA:

Surveillance: Interim Report, Australia Law Reform Commission, Report 98 (2001). Chapter 7 of this report has a comprehensive listing of surveillance methods.

BELGIUM/FRANCE:

Olivier Rijckaert, L'Utilisation des ressources Internet par un employé, May 1, 2000.

Jean-Claude Patin, La Surveillance des courriers électroniques par l'employeur, August 10, 1999.

Valérie Sédallian, Internet dans l'entreprise, January 1998.

NETHERLANDS:

J.H.J. Terstegge, Personeelsinformatiesystemen en de Wet bescherming persoonsgegevens, METHODEN, TECHNIEKEN EN ANALYSES VOOR PERSONEELSMANAGEMENT, Suppl. 55, I.6.2.2., 701-724, Kluwer Bedrijfswetenschappen, 1999.

CANADA:

S.M. Entwisle, E-Mail and Privacy in the Workplace.

SWITZERLAND

Swiss Federal Data Protection Commissioner.

Legislation

Electronic Communications Privacy Act, 18 USCA 2510 (ECPA), prohibits intentional interception of electronic communications.

National Labor Relations Act, 29 USCA Secs. 151-169. Provides the framework for fair labor practices and labor organizing.

Employee Polygraph Protection Act, 29 USCA 2002, protects private-sector workers from exposure to polygraph "lie detector" testing. Government employees and certain government contractors are still subject to examination.

Connecticut statute requiring notice to employees for electronic monitoring (PUBLIC ACT NO. 98-142).

Selected Cases

Cramer v. Consolidated Freightways (PDF), No. 98-55657, (9 Cir. 2001). In Cramer, the court held that a per se violation of California privacy laws occurred where the defendant trucking company employed surreptitious audio and video surveillance in an employee bathroom.

Halford v. The United Kingdom, 73/1996/692/884. In Halford, the European Court for Human Rights found that a public employee's calls from a work telephone were protected by international law.

Deal v. Spears, 980 F.2d 1153 (8th Cir. 1992): Court held that employee did not give consent to telephone monitoring where employer informed employees that calls might be monitored to cut down on personal calls.

O'Connor v. Ortega, 480 US 709 (1987). In O'Connor, the Supreme Court recognized a reasonable expectation of privacy in the governmental workplace. This expectation of privacy can be affected by office policies and practices. The plaintiff employee in that case was found to have had a legitimate expectation of privacy in his desk and file cabinets.

K-Mart Corp. Store No. 7441 v. Trotti, 677 SW2d 632 (Tx Ct App 1984). In K-Mart, a search of an employer-provided locker violated the employee's reasonable expectation of privacy.

Selected Cases-International

EUROPEAN COURT OF HUMAN RIGHTS:

Copland v. The United Kingdom 62617/00 [2007] ECHR 253 (April 3, 2007) (employees' right to privacy in their correspondence sent from a workplace)

FRANCE:

Nikon v. Onof, Decision n° 4164, October 2, 2001 (99-42.942).
Under Nikon v. Onof:
Vers une "ambassade virtuelle" en terre patronale?.
Olivier Rijckaert, Cybersurveillance des salaries: l'étau se resserre suite à un arrêt de cassation français, October 15, 2001.

OTHER CASES:

A. v. V. et autres, Trib. Corr. Paris, November 2, 2000.

Workplace Monitoring Technologies

ChoicePoint Employee Background Check Service

netOctupus is a comprehensive monitoring tool that can detect whether employees install "unauthorized" programs.

Raytheon's SilentRunner software monitors networks passively. It is capable of realtime analysis and archiving of network communication. SilentRunner can be employed with a standard laptop computer. SilentRunner is undetectable on a network, therefore, it could be used by a employer to spy on employees or by an employee who wishes to conduct corporate espionage.

Pearl Software's Pearl Echo can be used to monitor both traditional and telecommuting employees.

EPIC Privacy Page | EPIC Home Page
Last Updated: September 11, 2008
Page URL: http://www.epic.org/privacy/workplace/default.html