Can my employer read my e-mail? California employment law explained.

In workplaces across California, employers provide their employees with useful electronic tools. These include: cell phones, computers, laptops, tablets, e-mail addresses, and even websites. In most cases, these tools improve productivity and make the workplace more enjoyable for everyone.

But many California employers have been caught checking their employees’ e-mails, installing keystroke loggers on employees’ computers, checking browser histories, and otherwise using these tools to obtain personal information about their employees.

But are these practices legal? Are California employers allowed to check their employees' e-mail? What if the e-mail address is issued by the company? What privacy protections are offered by California state and federal law? This article will address these and other questions.

Is it possible for my boss to know what I’m looking at?

Absolutely. Regardless of whether it is legal or not, it is not difficult for employers to monitor electronic usage information. If you’re using a company-issued computer or you’re connecting to the company’s network, it is very possible that your employer is able to monitor your electronic actions. In fact, an entire industry has developed around employee monitoring.

Companies like SpectorSoft Corp. make their living off selling e-mail, phone, and computer monitoring software to employers. Studies show that almost every aspect of an employee’s electronic usage can be—and in many cases is—tracked, monitored, and viewed by employers.

Keystroke loggers, for instance, can record the buttons pushed on your keyboard and transmit that information secretly to your employer. Employers can also install monitoring applications or spyware on computers. These can allow them to watch what their employee does on the computer. Employers can then remotely view the employee’s computer screen. This practice has become popular with school-issued laptops.

In one of the more egregious examples, a school administrator was caught secretly activating the webcams of laptops that students brought home. The students were not notified that the invasive software was installed. They had no idea that school administrators could watch videos of them from home. If schools can do it, employers can do it too.

The same kinds of programs can be used to monitor network activity, even on computers that have not been issued by employers. It is also possible to monitor usage on mobile devices, including text messages and phone calls from employer-issued cell phones.

So, yes. It is very possible for employers to snoop on their employees to determine what they are looking at.

Violating the Dignity of Employees: Is it worth it?

Whether the law allows employers to check e-mail skips an important practical question: is it even a good idea? In many cases, employees believe that they have a right to privacy in their electronic communications—notwithstanding the fact that their employer may have a policy that states the opposite.

Even when employees do not believe they have a right to privacy on work e-mails or computers, they often feel violated when they find out their employer has been actively monitoring their computing activities. So, they may understand that their employer has the right to monitor their activities, but they still dislike the fact that it happened.

The mere act of using software to observe an employee’s e-mail and computing habits will normally feel like a breach of trust. The feeling of most employees is along the lines of: “If my employer appreciates me and the work I do, why would they spy on me?”

From the employer’s perspective, some people argue that monitoring employees’ e-mails, computers, and phones benefits employers by allowing them to make sure:

  • That the device is not being used for illegal or pornographic activity.
  • That only business transactions are conducted on work computers.
  • That viruses are not being downloaded.
  • And that private company or client information is not being distributed.

Based on these factors, studies suggest that as many as 66% of employers are monitoring their employees’ computer usage.

The lack of trust that snooping programs create, however, can undoubtedly strain the employer-employee relationship. Studies show that managerial behavior and morale significantly impact worker productivity. Low morale is correlated with factors that can significantly harm a business. Including:

  • Absenteeism,
  • Low productivity,
  • Lower revenues,
  • Lower loyalty,
  • Lower attention to detail,
  • Lower quality of work, and
  • Unsafe workplaces, which can result in lawsuits.

Low morale is common with high-pressure, distrustful, and aggressive managerial behaviors. “Command and control” leadership styles are correlated with low employee morale and low motivation.

High morale, on the other hand, can have the exact opposite effect. It can be fostered in situations where independence, trust, and teamwork are encouraged. These patterns suggest that active observation of employee computing behaviors ultimately harms the employers. Employers therefore have a lot to gain by respecting the privacy of their employees.

Unfortunately, the law on e-mail surveillance is not well-settled. The federal Electronic Communications Privacy Act of 1986 (ECPA) prohibits the unauthorized access to electronic communications. The phrase “electronic communication” includes the transfer of any writing or data, but it does not include oral communications. Several courts have found that the ECPA covers e-mail messages. People that violate the ECPA could be subject to fines or prison time.

The problem for employees, however, is the definition of “without authorization” under the ECPA. If an employee checks their e-mail from a work computer, have they authorized their employer to access it as well? The phrase “without authorization” is not clearly defined.

There is, however, at least some argument that an employer is not authorized to access employees’ personal e-mail accounts. So, even if the employee accesses their personal e-mail from a work computer, this would not seem to create an implied authorization for the employer to snoop in their e-mail further.

This argument is significantly diminished by the use of employer-issued e-mail accounts. Because the ultimate ownership of the domain and the e-mail account itself remains with the employer, it is likely that the employer can authorize itself to access the e-mail account.

Employers with a “Business-use Only” Policy for Computers, E-mails, and Electronics.

The argument that employer snooping is “without authorization” is even further diminished if the employer has a “business-use” only policy with its computers or privately-issued e-mails. This kind of policy could put the employee on notice that the employer snoops on their computing activities. It could also imply that the employer is authorized to view their online activities. So, by using the computer after being notified that the employer is watching, the employee may be impliedly authorizing the employer to view his or her activities, including e-mail. In some cases, the employees may be explicitly agreeing to being monitored, especially if they are required to sign the policy.

Courts have found, for example, that an employee’s personal e-mails to her attorney were not private because they were sent from a work computer. The employer had previously advised the employee that e-mails sent from that computer were not private and were accessible by the employer. Even though a communication to an attorney is normally protected by attorney-client privilege, the e-mails lost their privileged status when a work computer was used and the employer had an established policy that they weren’t private.

In one California case, TBG Insurance Services v. Superior Court, an employer adopted an electronics policy, which it had each of its employees sign. In the policy, the employees agreed that their employer could monitor their computer usage to prevent the use of business computers for inappropriate purposes. After signing the statement, the employee in question was given two computers by the employer—one for the office and one for working from home. Despite the policy, the employee used one of the computers to look at pornography.

During the following lawsuit, the employee refused to turn over the computer, claiming that it contained personal information and he had a right to privacy in it. The court held that the employee did not have a reasonable expectation of privacy in the content of the computer because he had consented to the policy. So, the company’s adoption of a “business-use only” policy significantly contributed to the company’s ability to access information on the employee’s computer.

Special Protections for Phone Calls.

The protections for private telephone conversations are greater than those for e-mails under current law. Both California and federal law prohibit telephone wiretapping. California law, however, provides broader protections for victims of eavesdropping. In California, it is illegal to record or secretly monitor a phone conversation without the consent of all parties to the communication. Prohibited activities include eavesdropping or recording telephone calls, as well as intercepting cell phone conversations. Employers, therefore, must have the permission of all parties to the conversation before they listen to phone calls. Violating these rules could result in fines or imprisonment.

Special Protections for Government Employees.

Unlike private-sector employees, government employees may have special rights. When a government actor is involved, constitutional rights come into play. Employers at private businesses, on the other hand, have no constitutional obstacles in dealing with their employees.

In 2010, the U.S. Supreme Court laid down the groundwork for how the Constitution treats electronic privacy in the public-sector workplace. The case, City of Ontario v. Quon, involved the use of wireless pagers, which were issued to the city’s SWAT team members. The city adopted a policy for all city-issued electronics that it reserved the right to monitor and log all network activity including e-mail and Internet use, with or without notice.

Shortly after being issued the pagers, the employee at issue in the case, Jeff Quon, began exceeding his usage limits and costing the city additional fees. Eventually, Quon’s on-duty usage was audited and the content of his messages were reviewed. The audit concluded that Quon had used the pagers for almost 400 messages that were not work-related. Some of the messages were even sexually explicit. Quon filed a lawsuit alleging, among other things, that the city had violated his Fourth Amendment right against unreasonable searches. Quon argued that he had a reasonable expectation of privacy in his text messages and that the city’s search of the text messages was unreasonable.

The Supreme Court acknowledged that public employees do retain Fourth Amendment protections against their employers. The Court even acknowledged that many employers expect, or at least tolerate, the personal use of employer-provided electronics.

The Court nevertheless found that Quon’s reasonable expectation of privacy was significantly diminished because the city had told him, through the city’s electronic use policy, that his messages were subject to auditing. Additionally, the search was limited in scope to Quon’s on-duty text messages. It was not a blanket search of all of his communications. Finally, the search was made even more reasonable because it was motivated by a legitimate work-related purpose—the need to ensure that work-issued pagers were being used for work-related purposes while on-duty.

Given this case, courts will examine searches of public employer-provided electronics for several factors. They will look at:

  • The scope of the search.
  • The purpose of the search.
  • And whether the employee had a reasonable expectation of privacy in using the electronics.

Concluding Thoughts.

Overall, electronic protections for employees are not well-established. Employees should assume that all work-issued computers, cell phones, and e-mails are being monitored. Employer snooping is simply too common to assume otherwise—regardless of whether the employer is legally permitted to do so.

Hopefully, the law will catch up to the current state of technology. But it’s not uncommon for legislators to lag behind society.

If you have questions not answered by this article, please contact an attorney in your area to be sure that you’re receiving up-to-date legal advice that is specifically tailored to your situation.

If you found this article helpful, please feel free to share it on Facebook, Twitter, LinkedIn, or other social media sites. Your social shares let us know that we’re writing helpful articles.


References

ePolicy Institute, 2007 Electronic Monitoring & Surveillance Survey: Over Half of All Employers Combined Fire Workers for E-Mail & Internet Abuse, Amer. Management Ass’n (Feb. 28, 2008), available at http://press.amanet.org/press-releases/177/2007-electronic-monitoring-surveillance-survey/.
Ron Todt, School Caught in Spying Scandal Admits Activating Webcams on Students' Laptops, Huffington Post (Feb. 20, 2010), available at http://www.huffingtonpost.com/2010/02/22/harriton-high-school-admi_n_471321.html.
Susan M. Heathfield, Surfing the Web at Work: What Employers Are Doing About Employees Surfing the Web at Work, About.com (no date provided), available at http://humanresources.about.com/od/technology/a/surfing_web.htm (last checked June 15, 2013).
H.C. Ngambi, The relationship between leadership and employee morale in higher education, 5 African Journal of Business Management 762, 764 (Feb. 2011), available at http://www.academicjournals.org/ajbm/pdf/pdf2011/4Feb/Ngambi.pdf.
Id.
Id.; David Sirota, Louis A. Mischkind, & Michael Irwin Meltzer, Why Your Employees Are Losing Motivation, Harvard Business School (Apr. 2006), http://hbswk.hbs.edu/archive/5289.html.
18 U.S.C. § 2701, subd. (a).
18 U.S.C. § 2510, subd. (15).
Theofel v. Farey-Jones (2004) 359 F.3d 1066, 1075.
18 U.S.C. § 2701, subd. (b).
See 18 U.S.C. § 2701, subd. (c) .
Holmes v. Petrovich Development Co., LLC (2011) 191 Cal.App.4th 1047.
(2002) 96 Cal.App.4th 443.
Penal Code, §§ 630–637.6.
(2010) 130 S.Ct. 2619.
Id. at 2627–2628.
Id. at 2629–2630.
Id. at 2630–2633.