HR Jetpack
Home / HR Courses / Employment Law 101 / Workplace Privacy / Legal Framework of Employee Privacy

Legal Framework of Employee Privacy

This video is premium content

Register or sign in to gain access.


Legal Framework of Employee Privacy

  • Course: Employment Law 101
  • Module: Workplace Privacy
  • Lesson Type: Video
  • Lesson Duration: 11:13

Lesson Content

Now we're gonna talk about a very interesting dynamic and changing subject and that's employee privacy in the workplace. It has a lot of ways in which employers can create some legal liability from themselves and yet employers have some strong concerns. And this is one way to think about that.

What point does the privacy of an employee or a job applicant give away to does legitimate concerns of the employer? Employers have assets, intellectual assets, physical assets to protect, and part of that is monitoring your employees in a responsible way. So what is deemed responsible under the law, in terms of how we do that?

And there's a lot of laws at this particular question implicates and most of them I'm gonna cover in this presentation. So let's get started, shall we? And let's start looking at the constitution, both state and federal first, and thinking about how that works. If you look at the federal constitution, The Constitution of the United States, then the First amendment, of course, protects employees' rights of freedom and association. And the Fourth amendment deals with unreasonable search and seizures. So these two constitutional principles may have some implication. But only if you are a government agency or is stealing with some sort of state action.

In other words, the protections of the Bill of Rights, the First amendment, the Fourth amendment are to protect the citizenry from the government. Not necessarily private citizens from each other. So while in some more context there may be a governmental influence. Maybe it's a working for a city or a state, maybe it is a hospital that’s affiliated with the government, or some other type of public company. But if it's just Bob's Donut shop and Bob's Donut is privately owned by Bob and there's no governmental influence, chances are that the constitution of the United States is not going to be a factor in the privacy analysis.

Now all these states, we have 50 different states and they're all of their own individuals sovereigns. A number of these states are addressing privacy rights within the constitutions. Again, in all of these, this is similar to the federal constitution in that it deals with the protection of the employee from government intrusion. Now a couple of these, California and Florida, I’m sure, have the ability to be interpreted as applicable to the private sector as well. So, you now, that is a matter of state law and if you're curious about state constitutional Implications in specific privacy issues that you're dealing with, then my recommendation is that you find competent legal counsel in that jurisdiction to analyze that for you.

What about laws? Now we've talked about constitution laws. Laws are created by the legislature. And they're enacted and signed into law by the President, and then enforced by the administrative agencies. And here are some federal communication laws that can provide some limited protection for employees, the Electronic Communications Privacy Act, for instance.

Generally, it prohibits the interception of communications, electronic, wire, oral, unless you have some sort of consent and it's not been found generally be applicable to a private employer's monitoring of email or phone systems. So while it might provide some protection again for the public sector, generally, it does not provide and employ much protection in terms of privacy rights.

Another one is the Stored Communication Act. This deals with an entity that provides electronic communication services to the public. And that's kinda really broad definition but a lot of the places where people and businesses store information online, this applies to and, generally, there has to be an expectation of privacy by the employee for this particular act to apply.

Now, you will later in this presentation learn that, you know, employers will make disclosures, and declare that there's no reasonable expectation of privacy for communications on its systems. And historically, that concept that if that notice is there and is very clear, has been upheld. Now there has been some recent rumblings with certain administrative agencies that have made that a little more of a question. And I think going forward it's gonna become more and more of an issue, but we'll get to that later in this presentation.

Other federal communications laws is the Computer Fraud and Abuse Act. Now this here is mostly deals with the employer protecting its information when an employee is taking it as he leaves or as she leaves. Now some of the challenges for this particular law in terms of the employer being able to use it , s that there needs to be some sort of unauthorized access destruction or changing of data. And that frequently doesn't constitute changing of data if it's merely being copied. So this works in some limited ways to help an employer but it certainly is not been used effectively to protect an employee who's using a company's system and believes they're entitled to defenses or certain types of rights regarding privacy.

Another law that's really important in the hiring and interviewing process as well as in the privacy perspective is the Fair Credit Reporting Act. And the Fair Credit Reporting Act essentially is a law that directly addresses background checks of various kinds. It says fair credit reporting, but it's not limited to credit reports. It could be criminal histories, it could be getting personal interviews from prior employers and people, and how that's handled, what types of disclosures have to be made to the employee. This is an area fraught with challenges for employers to do well. And you can create some real liability if you're not working with a strong third party, or you're trying to do it on your own and you're not sure what your disclosure requirements are. So this is an area that creates problems for businesses regarding communication and privacy.

Also other state laws, now state laws generally provide more protection for employee privacy interest than the federal laws. Many of the federal laws that we've discussed so far are usually used by employers with regards to how they can retain or protect employee information or employer information that employees have. So state laws are a little different and they vary. As I said, we have 50 different states. 26 of these states have recognized in their state laws, an employee’s, you know, right to some degree of privacy in the workplace. And you can see they're listed there but these particular states ultimately have developed statutes that deal with privacy protection for employees in the workplace in some regard. And so you can see about half the United States has state laws that should be considered as well and these are laws that provide more protection, in my view, than probably an applicable or similar federal statute.

In addition to that, a couple of states, California, Connecticut, Delaware, Michigan, and Rhode Island, are really big on the idea of electronic monitoring of employees and they have some specific regulations on that aspect of it. It's important to note that some of those regulations include a notice to the employee that they are being monitored. And so if you're in any of those jurisdictions it's important for you to understand what specific employee privacy protections and notice requirements are necessary.

Well, we've covered the constitutions. We've covered state and federal laws or statutes, and now we're gonna talk about common law of privacy. Now, common law is essentially law that is made in the court systems that evolves through precedence, another kinda legal term we use is stare decisis. But the concept is the judges follow the same principles that have been decided before on similar facts. And so the common law of privacy is essentially an area where even though there is not a specific statute or there’s not a constitutional privilege at play, still based upon what we call a tort action, an employee may find some sort of recourse. Every state, all of them recognize privacy-related causes of action. And as a result, they've kind of grouped themselves into two categories.

The first category is this idea of intrusion into seclusion. The idea that you're ultimately intruding on an employee's right to be private and not have you monitor them. Generally, employees really struggle to prove this particular theory for a common law right of privacy. The standard in which they must prove is that whatever type of monitoring an employer is doing, is highly objectionable, and generally that's not something that is easy to do.

If an employer has an appropriate policy and communicates it effectively and enforces that policy consistently as a general rule from a common law perspective, they're probably going to be in a strong position to defend the policy or the practice as it relates to employee privacy. The second category, the public disclosure of private facts, generally has the same type of situation from a perspective of the employee and is generally proved to be unsuccessful.

Mark Addington


Mark Addington

Mark A. Addington, Esq. advises and advocates on behalf of businesses concerning Labor & Employment Law, Business Regulatory Compliance, Restrictive Covenants (Non-Competition, Non-Solicitation, and Confidentiality), Wage & Hour, Privacy, Technology,...

Mark's Full Bio