"Employer's Policies Can Affect Expectation of Privacy"
by Richard S. Rosenberg and John J. Manier

Privacy rights often conflict directly with legitimate employer interests. However, the constitutional right to privacy is not absolute. To prove a violation of the right to privacy, a plaintiff must establish, among other things, “a reasonable expectation of privacy in the circumstances.” Hill v. NCAA, 7 Cal.4th 1 (1994). Two recent California appellate decisions demonstrate how an employer may affect employees’ privacy expectations with respect to work-related activities.

Computer Monitoring. In TBG Insurance Services Corp. v. Superior Court, 96 Cal.App.4th 443 (2002), the Court of Appeal ruled that Robert Zieminski, who sued TBG Insurance Services Corporation for tortious wrongful discharge, had to produce a home computer which TBG had purchased for business use. The court found that Zieminski lacked a reasonable expectation of privacy over the personal and private information which he claimed was stored in the computer.

TBG terminated Zieminski for accessing pornographic web sites on his office computer. Zieminski denied intentionally accessing the pornographic sites and claimed that they “simply ‘popped up’ on his computer.” Zieminski contended that TBG’s real motive for terminating him was to prevent his stock holdings in TBG from vesting, in violation of public policy.

Like many employers, TBG had Zieminski sign a policy statement in which he agreed to use both office and home computers only for business purposes and not for “improper, derogatory, defamatory, obscene or other inappropriate purposes.” In this policy statement, Zieminski also agreed to allow TBG to monitor his use of the computer as needed, and that computer transmissions were not private.

TBG demanded Zieminski to produce the home computer during discovery. TBG figured that if Zieminski accessed pornographic sites on his home computer, it would tend to show that his access of such sites at work was no accident.

Zieminski objected on privacy grounds. He claimed the home computer was a “perk” for senior executives and that it contained information which was personal to him and his family, such as income tax returns.

The trial court denied TBG’s motion to compel production of the home computer. However, the Court of Appeal granted TBG’s writ petition and ruled that TBG was entitled to production of the home computer, subject to a possible protective order.

The appellate court found that the search of the home computer for evidence of Zieminski's website activities was “relevant” for purposes of discovery, and then addressed Zieminski’s privacy objections. The court began its assessment by assuming that Zieminski had a legally protected privacy interest in the information on his home computer. However, the court ruled that Zieminski did not have a reasonable expectation of privacy under these circumstances.

The court cited to a 2001 survey by the American Management Association which reported that over 75 percent of America’s major firms “monitor, record, and review” employee computer activity at work. Employers’ motives for these practices include ensuring legal compliance, avoiding legal liability, reviewing performance and productivity, and security concerns.

The court also noted that employers are frequently advised to have employees sign written policies for computer usage. Having such a policy may diminish privacy expectations by clearly stating that electronic communications may be used only for company business, reserving the company’s right to monitor and access employees’ Internet and e-mail usage, and emphasizing that the employer will keep copies of computer passwords.

The policy also should prohibit employees from transmitting discriminatory, offensive or unprofessional messages, visiting discriminatory or offensive Web sites, and posting personal opinions – particularly political or discriminatory opinions – on the Web by using the company’s access. The court stated that “[f]or these reasons, the use of computers in the employment context carries with it social norms that effectively diminish the employee’s reasonable expectation of privacy with regard to his use of his employer's computers.”

By agreeing to TBG’s policy statement, the court held that Zieminski consented to “the very thing that he now complains about.” In particular, Zieminski knew that TBG would monitor his office and home computers, and he “had the opportunity to limit the use of his home computer to purely business matters.” Zieminski thus “relinquished his privacy interests in the information he stored on his home computer,” and his expectation of privacy was unreasonable.

The court further found that TBG’s demand for production of the home computer was not “a serious invasion” of Zieminski’s privacy interests in his personal information. However, the court added that the scope of TBG’s discovery of this information may be limited by an appropriate protective order which “can prohibit the unnecessary copying and dissemination of Zieminski’s financial and other information that has no rational bearing on this case.”

Notably, in each of the last three years, the Legislature has passed bills which would prohibit employers from monitoring employee computer records in the absence of such a signed, written policy. Governor Gray Davis has vetoed all three bills. Nevertheless, the decision in TBG Insurance Services should further encourage employers to have their employees sign written policies concerning computer usage.

Electronic Eavesdropping. The Supreme Court also recently decided a case which will have important implications on workplace privacy. In Flanagan v. Flanagan, 27 Cal.4th 766 (2002), a unanimous court adopted a broad reading of the Invasion of Privacy Act, Penal Code Sections 630 et seq., which prohibits intentional eavesdropping and recording of “confidential communications” by use of “any electronic amplifying or recording device.”

Persons who violate the Privacy Act are subject to a criminal fine of $2,500 or imprisonment. Any person injured by a violation may bring a civil action for $5,000 per violation or triple the amount of actual damages, whichever is greater.

The act defines “confidential communication” to “include[ ] any communication carried on in circumstances as may reasonably indicate that any party to the communication desires it to be confined to the parties thereto.” However, the definition “excludes a communication made in a public gathering ... or in any other circumstance in which the parties to the communication may reasonably expect that the communication may be overheard or recorded.”

Prior to Flanagan, the Courts of Appeal had disagreed over how to apply this definition. One line of cases held that a communication is confidential if one of the parties reasonably believes the conversation is not being overheard or recorded. See, e.g., Frio v. Superior Court, 203 Cal. App. 3d 1480 (1988). Other courts held that the act applies only where a party reasonably expects the content of the communication will not be later disclosed to third parties. See, e.g., O’Laskey v. Sortino, 224 Cal. App. 3d 241 (1990).

The Supreme Court endorsed the Frio line of cases which more expansively define the Privacy Act. The court found that the O’Laskey standard was inconsistent with “the inclusive language” of the act’s definition of “confidential communication.”

Instead, the court held that the phrase “confined to the parties” applies to “the actual conversation, not its content.” Under the court’s construction, the definition generally includes any conversation where a party desires that it not be overheard or recorded, but specifically excludes any conversation where the parties reasonably believe it will be overheard or recorded.

The court also noted that its previous decision in Ribas v. Clark, 38 Cal.3d 355 (1985), distinguished between “simultaneous dissemination” of a conversation, via eavesdropping or recording, and later “secondhand repetition” of its contents. This distinction is further reflected in separate Privacy Act prohibitions against interception and recording of all communications involving cellular and cordless phones.

None of these other provisions are limited to “conversations where a party wanted to keep the content secret.” The court thus adopted a “coherent” interpretation of the Privacy Act which prohibits all “intentional, nonconsensual recording of telephone conversations regardless of the content of the conversation or the type of telephone involved.”

Notably, one of the earlier Privacy Act decisions the Supreme Court approved in Flanagan arose in the employment context. In Coulter v. Bank of America, 28 Cal.App.4th 923 (1994), plaintiff Christopher Coulter sought to bolster his sex harassment claims by covertly recording over 160 private conversations with his supervisors and coemployees at Bank of America. Coulter fancied himself “an amateur sleuth” and proudly turned over the tapes during discovery.

The tactic backfired. The bank and 11 employees filed a cross-complaint against Coulter for violation of the Privacy Act. The trial court granted summary judgment against Coulter and found him liable for $132,000 in damages.

Coulter claimed that he did not intend any of these conversations to be confidential and was not going to disclose their content to third parties. However, the cross-complainants presented undisputed evidence that they did consider the conversations to be private and confidential, and did not consent to their being recorded. The Court of Appeal held that these facts were sufficient to justify summary judgment against Coulter.

The Supreme Court’s holding in Flanagan reaffirms the validity of Coulter. Employees who surreptitiously record or eavesdrop on workplace conversations will now find themselves more vulnerable to Privacy Act claims, and can no longer rely on the O’Laskey line of cases to avoid civil or criminal liability. In addition, as the decision in TBG Insurance Services suggests, employer policies on recording of workplace conversations may have a decisive impact on employees’ privacy expectations as to such conversations.