Forgot your password?
typodupeerror
Privacy The Courts Your Rights Online

NJ Court Upholds Privacy of Personal Emails At Work 172

Posted by Soulskill
from the easier-said-than-done dept.
chiguy sends word of a ruling from the New Jersey Supreme Court which found that a company did not have the right to read emails from an employee's personal account even through the account was accessed on a company computer. This ruling is likely to set precedent for other workplace privacy cases around the country. "'The court has recognized the very legitimate and real concerns with regards to privacy. This gives some guidance to employers in terms of how explicit (e-mail) policies need to be,' [attorney Marvin Goldstein] said. The ruling stems from a harassment and discrimination lawsuit Marina Stengart of Bergen County filed three years ago against Loving Care of Ridgefield Park. Stengart, then the executive director of nursing, sent her attorney eight e-mails from her company-loaned laptop about her issues with her superiors. Stengart used her Yahoo e-mail account. 'Under all of the circumstances, we find that Stengart could reasonably expect that e-mails she exchanged with her attorney on her personal, password-protected, web-based e-mail account, accessed on a company laptop, would remain private,' Chief Justice Stuart Rabner wrote in the decision, which upholds an appeals court’s ruling last year."
This discussion has been archived. No new comments can be posted.

NJ Court Upholds Privacy of Personal Emails At Work

Comments Filter:
  • by sjbe (173966) on Friday April 02, 2010 @02:18PM (#31708554)

    a company did not have the right to read emails from an employee's personal account even through the account was accessed on a company computer.

    I agree with the general principle - if someone doesn't use the company account there should be a reasonable expectation of privacy for a personal webmail account. However she still may be violating company policy about using work assets for personal affairs. The computer is owned by the company and they have every right to reprimand her for making the emails regardless of the content.

    • by flaming error (1041742) on Friday April 02, 2010 @02:22PM (#31708600) Journal

      > ... they have every right to reprimand her for
      > making the emails regardless of the content.

      Ok. But if what she did was wrong "regardless of the content", why did the employer have to read them?

      • by sjbe (173966)

        But if what she did was wrong "regardless of the content", why did the employer have to read them?

        They didn't. That was just stupid on their part - at least according to the judge. Unless they didn't have their usage policies written out (also stupid) they could have fired her, without reading the content, for violating corporate policy on acceptable use of company assets.

        • by Anonymous Coward on Friday April 02, 2010 @03:01PM (#31708950)

          The company did have their usage policies written out and the court noted that they explicitly said "occasional personal use is permitted."

          So she didn't violate the company's acceptable use policy.

          If the company policy had said that personal use is never permitted, the court might well have ruled differently.

          • by shentino (1139071)

            What about breach of attorney client privilege?

            IIRC the conversations were with her lawyer.

      • by TubeSteak (669689) on Friday April 02, 2010 @04:57PM (#31709866) Journal

        Ok. But if what she did was wrong "regardless of the content", why did the employer have to read them?

        Before she resigned, she was planning to sue the company.
        After she resigned and filed her lawsuit, the company went back and dug through her work laptop.
        Then the company lawyers quoted, to her, Yahoo e-mails between her and her lawyer...
        Which is how the whole thing turned into a clusterfuck.

        Unfortunately, this only sets a binding precedent in New Jersey (AFAIK).

        • Re: (Score:3, Interesting)

          by shentino (1139071)

          And they should get smacked for that right there.

          There's something called attorney client privilege. If the company WILLFULLY breached that there should be some MAJOR league hell to pay.

    • by Herkum01 (592704) on Friday April 02, 2010 @02:38PM (#31708734)

      The company does not have the right to read her personal mail either, but if she wrote it using a company pen or paper she may be violating company policy about using work assets for personal affairs... Or maybe the company phone, or maybe the rental car when she decided to stop at a store on a business trip, etc...

      The costs of the items involved, like a personal email, can be minimal to non-existent so it is not about money. These things are not being done in the companies name, so it is not about being a representative of the company. The person is probably an exempt employee, which means that the person is expected to do their job, whatever that is, not punch a clock. As long as the job is getting done, the so called time lost is irrelevant.

      These policies are rules made by busy bodies that feel a need to insert their nose into someone's business. That it involves "Company property" is just the excuse. Why these people believe that the companies rights are so superior to the individual is rather pathetic. Especially since the Constitution was really set up to protect the individuals right to privacy, that the government seems so willing to defer that right because a business is involved is very scary.

      • Re: (Score:2, Insightful)

        by arbiter1 (1204146)
        what if she used her private email to send email with sensitive company info to a competitor? They have the right to monitor all data sent over their networks and any computer they own.
        • Re: (Score:2, Funny)

          by Anonymous Coward

          Why even add "over their networks and any computer they own"? She is an asset of the company, an inventory item. Why should she be expected to have any privacy at all? The company owns here as soon as she signed her work contract.

        • by rsborg (111459) on Friday April 02, 2010 @04:38PM (#31709744) Homepage

          what if she used her private email to send email with sensitive company info to a competitor?

          What's stopping her from putting a file into her briefcase/backpack and taking it home and sending it there? What about thumbdrives or synched cell-phones (which allow file-storage)?

          Face it, unless the worker is in a secured area, the "need to monitor all traffic to prevent leaks" is borderline paranoiac. There needs to be an appropriate level of trust (this includes carrots and threats-of-sticks) for any worker to be productive.

      • Re: (Score:3, Interesting)

        Especially since the Constitution was really set up to protect the individuals right to privacy, that the government seems so willing to defer that right because a business is involved is very scary.

        This demonstrates a remarkable misunderstanding of Constitutional law.

        First off, the issue here is not "privacy" per se, but rather the right to be secure against unreasonable searches. The Constitution (as other comments have noted) says nothing about "privacy" per se, but rather mentions only a few related rights. "Privacy," as a legal concept, was founded in Supreme Court jurisprudence of the 20th century to strike down laws outlawing birth control, abortions, sodomy, etc. The "right to privacy," as

    • by SlippyToad (240532) on Friday April 02, 2010 @02:58PM (#31708914)

      "However she still may be violating company policy about using work assets for personal affairs."

      Maybe. That's another can of worms. I use my personal computer to work from home. I'm expected to be available every few weeks for a week of "on-call" activity where work can intrude quite firmly into my home.

      The line between working at home and "homing" at work, to badly coin a phrase, is getting blurrier every year.

      And companies have a choice of either shutting people out of their personal lives completely for 8-10 hours a day (and getting the exact same shutout when those people go home) or learning to be modestly flexible. So far the trend is that companies are learning to bend just a bit.

    • Re: (Score:3, Insightful)

      If company policy states that personal use is OK (as was the case according to TFA) then she wasn't violating company policy.
    • by BillX (307153)

      No, FTFA, the policy permitted 'occasional personal use'. I'd definitely consider 8 emails over the course of employment occasional.

  • by Nickodeemus (1067376) on Friday April 02, 2010 @02:20PM (#31708574)
    The data exists on the company's computers, likely passed through their network and servers, and because of these things they are legally accesible by the company. Unless the company accessed her email account at Yahoo using this data, there doesn't seem to be an issue to me. Unfortunately, the article is sparse on the details. Only an idiot would think, in these times, that the things they do on their company PC or laptop would not be accisible by the company. Just because they issue you a system doesn't make that system yours - its theirs, including all its contents.
    • by Stone Rhino (532581) <<moc.liamg> <ta> <ekrapm>> on Friday April 02, 2010 @02:32PM (#31708684) Homepage Journal

      I could use company paper and company pens to write my letter, and mail it with a company stamp. I would be misusing company resources for personal business, but that doesn't give the company the right to read its contents. I could sit on the company toilet and use company water to take a shit, but that doesn't give them the right to watch. I could even be masturbating in there, misusing the time, and they still wouldn't have the right to monitor my activities. They would be in their rights to discipline an employee for taking long breaks and doing who knows what in the restroom, but they wouldn't be allowed to watch their employees to check just how they're spending their time in there. In this case, they can discipline her for misusing company resources, but can't violate the privacy that she has a reasonable expectation of.

      On a closer note, it's the same privacy standard as if she'd had the conversation with her lawyer on the company phone -- a misuse of resources, but not within their right to listen in.

    • by Reverberant (303566) on Friday April 02, 2010 @02:32PM (#31708686) Homepage

      The data exists on the company's computers, likely passed through their network and servers, and because of these things they are legally accesible by the company

      How far do we take this logic? Does the company have a right to search an employee's pocketbook because it's sitting in a company-owned office? Can the company take samples of an employee's lunch for drug testing (or health insurance purposes_ because it's sitting in a company-owned refrigerator, powered by company-paid-for electricity? Can a company search an employee's car because it's sitting on a company-owned parking lot?

    • by Zumbs (1241138) on Friday April 02, 2010 @02:54PM (#31708870) Homepage

      The data exists on the company's computers, likely passed through their network and servers, and because of these things they are legally accesible by the company. Unless the company accessed her email account at Yahoo using this data, there doesn't seem to be an issue to me.

      From that logic, it follows that if you send a letter by snailmail, where the letter exist in the offices of the postal service, the postal service workers have the right to open and read your letter. In my opinion, my employers have no more right to read my personal email than a postal worker has reading my letters. Usage of company email may be a gray zone, but my personal email account is not. They may argue that I sent a mail during work hours and fire me for that (if it is against company policy), but that is something very, very different.

      • The Post Office's JOB is to transport your mail. So no they don't have a right to open and read it. Besides the Constitution and laws specifically exist to prohibit this; no such law exists for doing things with a private companies assets.

        Your employer is not tasked with sending/delivering your electronic mail. Therefore anything going over their *private* network is indeed fair game for them. They do not have a right to access her yahoo mail account itself, but certainly they can intercept and read
        • "But using the company resources opens up their right to see what you are doing. "

          Well but if they can't listen to your personal phone call even though its a company phone, why should email be different?
          • Re: (Score:3, Informative)

            Are they prohibited from listening to personal calls made on a company phone?

            Linky [privacyrights.org]

            "An important exception is made for personal calls. Under federal case law, when an employer realizes the call is personal, he or she must immediately stop monitoring the call. (Watkins v. L.M. Berry & Co., 704 F.2d 577, 583 (11th Cir. 1983)) However, when employees are told not to make personal calls from specified business phones, the employee then takes the risk that calls on those phones may be monitored."

            So i
        • by vux984 (928602)

          If my lunch is in my company's fridge, they can access it. If it is in my personal bag, they cannot

          That makes no sense. What if your lunch is in your personal bag, and your personal bag is in the company fridge?

          If you access yahoo email via your personal laptop over your personal wi-fi connection (not over company network) then no they can't see it because you aren't using anything of theirs.

          What if you are explicitly allowed to use the company laptop and network for personal use during breaks provided with

          • That makes no sense. What if your lunch is in your personal bag, and your personal bag is in the company fridge?

            Case in point, it's in the company fridge so it's fair game. What it is inside is irregardless at that point. Your personal bag is your personal property, not like the fridge. You have no expectation of privacy in a communal refrigerator, period.

            What if you are explicitly allowed to use the company laptop and network for personal use during breaks provided within an acceptable use policy
      • From that logic, it follows that if you send a letter by snailmail, where the letter exist in the offices of the postal service, the postal service workers have the right to open and read your letter.

        Actually it doesn't follow, because the United States Postal Service is operated by the federal government, which is explicitly banned from searching you without cause by the Fourth Amendment: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things

    • by Alomex (148003)

      Actually, if you use the company's mailbox for snail mail the courts have already ruled that companies *cannot* access your mail. This ruling seems to be the natural extension of that.

    • by BillX (307153)

      No, the article was quite clear: they retrieved cached copies of the emails from the hard drive, most likely forensically (probably Firefox/Flash/etc.'s cache). The case was about reasonable expectation of privacy vs. the wording of the company policy. Notice the article quotes all these corporate lawyers having a wet dream about the ruling telling them how to word their policies in the future. You're right in that the article does not specify whether the 'company-loaned' laptops could be taken home, or whe

  • Interesting, but I'm not going to get too worked up about it without reading the actual ruling. Attorney / Client communication is the one of the most privileged under the law. Unless the court wrote the opinion in such a way as to explicitly broaden the scope of "privileged information from personal email accounts", this is likely to be interpreted narrowly (or, at least, an argument can be made that the decision should be narrow).
    • by TubeSteak (669689) on Friday April 02, 2010 @02:48PM (#31708810) Journal

      MARINA STENGART v. LOVING CARE AGENCY, INC., [and others]
      http://www.employerlawreport.com/uploads/file/Steingart%20v_%20Loving%20Care.pdf [employerlawreport.com]

      As part of the employment relationship, the company
      provided plaintiff with a laptop computer and a work email
      address. Prior to her resignation, plaintiff communicated with
      her attorneys
      , Budd Larner, P.C., by email. These communications
      pertained to plaintiff's anticipated suit against the company
      ,
      and were sent from plaintiff's work-issued laptop but through
      her personal, web-based, password-protected Yahoo email account.
      After plaintiff filed suit, the company extracted and
      created a forensic image of the hard drive
      from plaintiff's
      [New Page]
      computer. In reviewing plaintiff's Internet browsing history,
      an attorney at Sills Cummis
      discovered and, as he later
      certified, "read numerous communications between [plaintiff] and
      her attorney from the time period prior to her resignation from
      employment with [the company]."
      Sills Cummis did not advise
      Budd Larner that the image extracted from the hard drive
      included these communications.

      Many months later, in answering plaintiff's
      interrogatories, the company referenced and included some of
      plaintiff's emails with her attorneys
      .

      That sounds like the type of shit that should get the company lawyer disbarred.
      Reading the facts of the case, I'm not at all surprised the Judge ruled the way he did.

  • How does this mesh with the other ruling that says that you have no expectation of privacy if your email is stored on a third-party server?

    • Re: (Score:3, Informative)

      by demonlapin (527802)
      This is her company, not the government.
    • by proslack (797189)
      The branch of the federal government that I work for has no problem with employees using government equipment to check personal emails (as long as it isn't abused). Porn, logging into personal financial sites, and trading stocks are about the only things specifically proscribed. Web-use at work is logged but not reviewed (there's too much of it and, being a research center, the sites accessed can be a bit eclectic), but there isn't anybody reading over my shoulder if I use my laptop at home. Of course there
      • by BitZtream (692029)

        The policy isn't against the use, its simply a statement that what you do on your company issued laptop isn't private, regardless of what it is.

      • by Itninja (937614)
        But all it takes are a couple knobs playing some FPS during company time, and getting caught by the CEO. Then, in typical EMT style, there's an overreaction and everyone gets hit with the personal use ban-hammer. Kind of like dress codes. They are usually pretty relaxed until that one weirdo in the office (and every office has one) wears Daisy Dukes to work and POW! It's business attire only for a couple of years....
  • In an era where privacy is slowly being eroded online, it's good to see a judge take a stand and at least draw the line somewhere.

  • IANAL, but don't I give consent to monitoring when prompted by nearly any government computer system (and any private corporations who do something similar)? If I don't want to be monitored, I don't use that system...seems simple enough.

  • "ruling from the New Jersey Supreme Court ... is likely to set precedent for other workplace privacy cases around the country."

    No, it's likely (100% likely, in fact!) to set precedent for other workplace privacy cases in New Jersey. For the rest of the country, it sets nothing, even if it might be useful for other courts dealing with similar problems.

    Unless, of course, poster is just being ridiculous optimistic and think that the logic of this ruling is so impressive that all other judges will simply bow in

    • Re: (Score:3, Insightful)

      Actually, other state courts are likely to follow this precedent for two reasons. One, it applied to attorney-client communication (judges are lawyers, as such they tend to favor rulings that protect lawyers). Two, it appears to be a carefully worded and reasoned ruling with a fairly specific, limited scope (judges are human, as such if there is an easy way to make a ruling that they can do by little more than cut and paste, they will).
      As my second point notes this is a narrow ruling, as such even if it do
      • by nomadic (141991)
        One, it applied to attorney-client communication (judges are lawyers, as such they tend to favor rulings that protect lawyers).

        Actually attorney-client privileges are intended to protect the client, not the lawyer. The privilege belongs to the client, in fact, who may waive it if he or she wishes.
    • by kabloom (755503)

      People here just don't understand the difference between persuasive precedent [wikipedia.org] and binding precedent [wikipedia.org], and they make this mistake repeatedly.

  • Finally my home state shows some common sense. Though this is a state supreme court, not federal, so I don't know how much precedet it will be.

  • It's communication between an individual and their attorney. That's legally protected six ways from Sunday far beyond normal communication. I'm pretty sure that is the thing that saved her.

    It's absolutely dumb to be sending and receiving personal mail on work computers. Doubly so if you're communicating with a lawyer, discussing the possibility of filing a lawsuit against your company. I've seen some seriously dumb email usage in my day. Like using a company account to communicate with a mistress. Tha

  • Is this tied close to something unique in NJ law or will this likely have broader influence with other state supreme courts?
  • legalities and ethical issues aside...

    when, the fuck, are people going to learn to use encryption for important stuff. I mean, seriously, it's not *that* hard.


  • I got excited when I glanced and read Supreme Court... I'm thinking NO WAY - they actually did the right thing?!?!?! Then realized it was just the New Jersey Supreme Court.

    If this get appealed I'm prepared for it to be overturned by the U.S. Supreme Court. They're not one's to let personal privacy get in the way of well... anything.

    -[d]-
  • Companies will just block access non-corporate e-mail websites. Which they should really do anyways since it allows employees to bypass all of the security filters on their e-mail system, creating a big security risk for the corporate LAN.
    • by rickb928 (945187)

      My employer doesn't block the common email services. They do, however, block Google Docs for obvious reasons. I can't be allowed to save data onto public servers, and they can't be bothered to figure out if the data is corporate or personal.

      I can live with this. There are other ways to deal with that situation.

      I'm a little annoyed that they won't let me have Facebook here, but they gave us back Linkedn recently. I betcha some VP has a profile there.

      Now, am I gonna write anything incredibly sensitive on

  • As we all know, encryption means probably never having to say you're sorry.

    Except maybe to the NSA.

  • Employer who violated an employees privacy:
    "Loving Care"

    "Loving care", indeed.

"Now this is a totally brain damaged algorithm. Gag me with a smurfette." -- P. Buhr, Computer Science 354

Working...