Employment & social media privacy: employer justifications for access to "private" material.

• Author: Mgrditchian, Greg

1. INTRODUCTION II. BACKGROUND A. General Expectation of Privacy B. Invasions of Privacy in Employment Context C. Social Media D. Ehling v. Monmouth-Ocean Hospital Service: the Facebook Incident III. EMPLOYER ACCESS TO EMPLOYEE SOCIAL MEDIA CONTENT A. Overview of Denying Employer Access B. Overview of Allowing Employer Access C. Role of Social Media and Employment IV. CONCLUSION I. INTRODUCTION

   Most users of social media websites would agree that protecting their posts from unwanted eyes is important. Speaking even more generally, most people are keen to keep certain things private. Coincidentally, most employers would agree that protecting themselves from liability because of the "private" actions of their employees is equally important. Even more generally, as an example, the public might feel they have a right to know if a doctor who is about to operate on them went out drinking the night before. As the job market becomes increasingly competitive, and businesses become highly scrutinized, a number of employers have gone so far as to require employees to disclose their login information to social media sites they belong to in order to monitor their activity. (1)

   Today, social media has permeated the daily lives of millions and millions of people, but the legal implications of this movement are still evolving daily. As social media has gained popularity nationwide, a myriad of new legal issues have arisen regarding the accessibility of information on sites such as Facebook and Twitter. Specifically, labor and employment law has seen a breadth of new challenging legal issues that revolve around social media use. (2) Social media companies have responded to their members' concerns by adding or updating certain "privacy settings" within the websites. (3) Through the independent actions of employers and employees, tensions arose, pitting the privacy concerns of employees against the business interests of employers. Employers clearly have a strong interest in maintaining a certain business image, as well as providing a safe and secure workplace to both their employees and consumers alike. (4)

   Conversely, employees are resistant to succumbing to what amounts to little more than a general invasion of privacy by their employers. (5) All future and current law must consider these competing interests and balance them accordingly. A cursory search of the case law in this area reveals there is no bright-line, consistent approach that can apply across the board, and this note will not argue for one. Instead, courts should use a fact-based inquiry that examines the competing interests on a case-by-case basis, which best serves both employers and employees.

   Part II of this note examines the general expectation of privacy stemming from the United States Constitution, and specifically how that expectation affects the private electronic communications of employees on social media sites. Part II includes what role this general expectation of privacy has in the context of both private and public employment. In working through the employment issues, the analysis will fall under two foundational areas of labor law, the National Labor Relations Act ("NLRA") and the National Labor Relations Board ("NLRB"), and examine what, if any, privacy protections they provide. Part II concludes by considering what specific areas of the employee and employer relationship retain privacy rights and what areas remain open to interpretation by case law or legislation.

   Having addressed the law, Part III will more generally discuss employer accessibility to the social media content of their employees, including a discussion of "privacy settings" and their legal impact on employer accessibility. Here, specific cases show a fundamental split where some courts protected employer access while other courts denied employers such access. A comparison of these two types of case law will exemplify some of the policy concerns and policy justifications courts have considered in deciding such cases. The analysis will then expand into what, if any, facts may have affected the outcome in an effort to help clarify this issue for future cases. These cases will also show three common areas where social media influences employment: during the hiring process, during working hours, and during non-working hours.

   Part IV concludes by arguing that public interest concerns, when balanced, show that employer access to private social media content of their employees is not per se unreasonable. Finally, in conclusion this note will argue that employers may use social media posts, even those that are "private," as a means to monitor employee activity. It is important to consider that often case law will not involve facts specific to social media, and will instead deal with other online communications such as e-mails, text messages, or telephone calls. In order to justify this argument, all electronic communications have equal force. Ultimately, this note will not attempt to analyze the sources of law noted above, but instead will attempt to narrowly define one area of law where employers' business interests should trump the "expectation of privacy" of employees.

2. BACKGROUND

   1. General Expectation of Privacy

      The legal expectation of privacy originates in the Fourth Amendment of the United States Constitution. (6) The Fourth Amendment carves out a very narrow protection: "[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures...." (7) The Supreme Court expanded this to include privacy expectations in Katz v. United States by declaring "the Fourth Amendment protects people, not places." (8) By placing the protection on the person, as opposed to some other tangible extrinsic factor, the Supreme Court created a general expectation of privacy for individuals. Historically, this generalized expectation of privacy has struggled to adapt to advances in technology. (9)

      With the advent of the Internet creating a myriad of new privacy issues, Congress passed the Electronic Stored Communications Act ("SCA") in 1986. (10) Initially, the purpose of the SCA was to punish people who hacked into private communications stored on servers." As technology evolved and electronic communications became commonplace, case law interpreted the SCA to place a general expectation of privacy on certain forms of electronic communications. (12) The SCA quickly became the electronic version of the Fourth Amendment, protecting privacy interests while limiting accessibility for prying eyes. (13)

      Eventually, as social media became more prevalent, the SCA became the apparent standard that would apply to social media posts. This notion would not last. The complexity of the legal issues regarding social media became clear once courts inconsistently decided cases when applying the SCA. (14) There is yet another privacy overlay when the employer-employee relationship enters the equation. (15) Traditionally, the privacy protections of employees in the private sector did not fall under the purview of the Fourth Amendment. (16) This legal standard began to shift, as electronic communications such as e-mails became a common form of workplace communication. (17) Courts were struggling to find a balance between the expectation of privacy that employees had and the desire of employers to conduct their business as they saw fit. (18)

      Even the two pillars of labor and employment law, the NLRA and NLRB, are of little use in clarifying privacy expectations for every employee or employer, as they only apply to the private sector, and are ultimately bound by a labor agreement. (19) Thus, not every employee-employer relationship will fall under the purview of the NLRA and NRLB. Clearly, major reform in labor law would help define where the expectation of privacy gives way to the employers legitimate business interests. Currently, both the NLRA and NLRB are even less effective because any expectation of privacy issues or concerns traditionally are to be resolved through the collective bargaining agreement between the individual union and employer. (20) This results in even less legal precedent, as potential case law disappears during the collective bargaining process, never reaching the NLRB or a courtroom.

   2. Invasions of Privacy in Employment Context

      The term "invasion of privacy" is a product of common law tort actions. (21) The cause of action is defined in the Restatement as, "[o]ne who intentionally intrudes, physically or otherwise, upon the solitude or seclusion of another or his private affairs or concerns, is subject to liability to the other for invasion of his privacy, if the intrusion would be highly offensive to a reasonable person." (22) However effective that line of reasoning may be, the employment context will split the legal analysis depending on whether the employee is working in the private or public sector. (23) For example, in the private sector, common allegations of invasions of privacy include monitoring employees' telephone conversations, conducting general searches of employees' desks, and on-the-job video surveillance of employees. (24)

      In the public sector, employees have similar allegations of privacy violations, but with a constitutional overlay that does not exist in the private sector. (25) For example, most cases involving privacy issues in the public sector are on constitutional grounds, while most private sector cases deal primarily with contractual issues. (26) Therefore, one of the biggest differences between public employees and those working in the private sector is not only the standard applied to invasion/expectation of privacy claims, but also the legal method employees who feel wronged may use to remedy their claims. (27)

   3. Social Media

      The privacy settings that social media sites afford their users bring yet another wrinkle to the legal expectation of privacy. (28) As social media sites like Facebook and...