U.S. Court Affirms Employer's Right to Read Employees' Email

U.S. law gives employees few protections against employer surveillance of their workplace communications. Even without express employee consent, U.S. employers generally may listen to workplace telephone conversations, read messages sent to and from corporate email accounts, and record and disclose the contents of employee communications. Employees that bring legal challenges to these practices rarely succeed in U.S. courts. The recent decision of the U.S. Third Circuit Court of Appeals in Fraser v. Nationwide Mutual Insurance Company, which upholds an employer's reading of an employee's electronic mail email ("email") messages, typifies the obstacles that complaining employees face under U.S. law. 1

Background of the Fraser Decision: The Electronic Communications Privacy Act ("ECPA")

In the United States, monitoring of employee communications is governed primarily by the Electronic Communications Privacy Act of 1986 ("ECPA"). 2 The ECPA is divided broadly into restrictions on two kinds of activity: (1) interceptions, which are acquisitions of communications in real time (e.g., while the parties to a conversation are speaking or while an email is in process of transmission); and (2) unauthorized access to communications after they have been placed in electronic storage. 3Taken together, these prohibitions apply to most kinds of electronic surveillance, including listening to and recording wireline and wireless telephone calls, reading email, and use of hidden microphones to eavesdrop on oral conversations. 4 Both governmental and private parties are subject to ECPA restrictions.

Unlike the counterpart regulations in many European jurisdictions, the ECPA is not comprehensive. A careful reading of the ECPA, including the definitions of key terms and the statute's numerous exceptions, discloses ample scope for monitoring and recording of communications. A complete discussion of the gaps in the statute's coverage is beyond the scope of this article, but those statutory provisions with particular value to employers are worth noting.

Activities that Are not Classified as Interceptions

When an employer is accused of violating an employee's rights under the ECPA, the employer's legal position is improved if the challenged action can be classified as access to a stored communication rather than an interception. The ECPA's prohibitions against interceptions, which involve the acquisition of the contents of a communication with the aid of an electronic, mechanical or other device, are more stringent than the prohibitions against unlawful access to stored communications. 5 For example, as we discuss further below, courts have found that an employer that provides a communication service to its employees may read those communications, when in storage on the employer's system, for any purpose. Real-time interceptions of employee communications, however, may be unlawful unless they come within specific statutory exceptions.

The distinction between real-time interception of a communication, and access to that same communication in storage, is complicated by the technology of electronic communications in the digital era. Email systems, in particular, combine transmission and storage functions in ways that might not have been fully anticipated when the ECPA was written, and plaintiffs have tried to persuade the courts that intermediate or temporary storage of an email by the service provider should not convert the acquisition of that message from an interception to a mere acquisition of a stored communication.

An early example of this issue was the case of Steve Jackson Games, Inc. v. United States Secret Service ("Steve Jackson Games"). 6 In that case, the U.S. Secret Service had seized, pursuant to a search warrant, a Steve Jackson Games server that contained 162 email messages that had not been opened by their intended recipients. Among other claims, Steve Jackson Games alleged that the emails, although stored in the server, had been intercepted for purposes of the ECPA because the government had acquired the emails prior to delivery and prevented their delivery. 7 The district court rejected this argument on the ground that under the ECPA, an act of interception must be "simultaneous with the [communication's] transmission." 8 On appeal, the Court of Appeals also rejected the plaintiff's interception claim, but on the ground that the definition of "electronic communication" in the ECPA unlike that statute's definition of "wire communication" did not include an electronic communication while in electronic storage. Accordingly, by definition, acquisition of an electronic communication while in electronic storage could not be an interception of that communication. 9

Subsequent decisions have confirmed the difficulty of challenging the seizure of a stored communication as an interception. Notably, in Konop v. Hawaiian Airlines, Inc., the U.S. Court of Appeals for the Ninth Circuit reviewed the case of Konop, an airline pilot who "maintained a website where he posted bulletins critical of his employer, its officers and the incumbent union . . . ." 10 An officer of Konop's employer, using other employees' names, gained access to the website and read Konop's critical postings. Among other claims, Konop alleged that his employer's activity violated the ECPA interception and access-to-stored communications provisions. The district court granted summary judgment for the employer on both claims, and Konop appealed.

On the interception claim, the Court of Appeals, following the rationale of Steve Jackson Games, concluded that "for a website such as Konop's to be 'intercepted' in violation of the [ECPA], it must be acquired during transmission, not while it is in electronic storage." 11 Accordingly, the...