Hunton Employment & Labor Law Perspectives : Employment Lawyers & Attorneys : Hunton & Williams Law Firm : Labor Law Legislative Updates

But on March 30, 2010, the New Jersey Supreme Court warned that there are limits to what an employer can dig for.  In Stengart v. Loving Care Agency, Inc., the Court held that e-mails an employee sent to her lawyer on the company computer were protected by the attorney-client privilege.  By reading the e-mails, the company's attorneys breached the legal profession's ethical rules.  This is the most important court pronouncement to date that employers do not have complete control over communications on their electronic data systems.

The Court's ruling did not address an employee's gossipy e-mails to persons other than lawyers, nor did it confront the problem of salacious internet searches.  Those issues were not before the Court.  But the Court declared a privacy right for employees on company computer systems.

In Stengart, the employee used a company laptop computer and her personal, password-protected, web-based Yahoo account to send a few e-mails to her lawyer.  After her employment ended and she filed a sexual harassment lawsuit, the company retrieved data from the laptop's hard drive, which included the internet files containing the e-mails to her lawyer.  Company attorneys reviewed those emails.    When the employee learned of this indiscretion, she asked the trial court to disqualify the company's attorneys.  The trial court ruled that the employee had waived the attorney-client privilege by posting the e-mails on the company computer.  The Supreme Court disagreed.

The Supreme Court began by attacking the employer's electronic communication policy -- which had purported to provide the employer sweeping control over its computer system.  The Court criticized the policy because (1) it did not expressly state that personal, password-protected, web-based accounts used on company computers were subject to review, (2) it did not warn employees that contents of e-mails are stored on a hard drive and can be retrieved, and (3) it permitted employees occasional personal use of e-mail, thus creating ambiguity as to whether a personal e-mail was company or personal property.  These failings meant the employer had not "notified" the employee that her e-mails were accessible to probing eyes.

We're not sure why the Court spent considerable effort criticizing the policy, because it later held that even a perfect policy would not have saved the employer.  The attorney-client privilege was impenetrable in these circumstances.  "Because of the important public policy concerns underlying the attorney-client privilege," the Court held, "even a more clearly written company manual . . . would not be enforceable."

The Court did not determine whether the attorney-client privilege would have applied had the employee written to her lawyer via her company-issued e-mail account. 

It appears certain that employers still may review all personal e-mails -- except those subject to the attorney-client privilege -- and all internet searches that are composed on the company account.  An employer's right to review is less certain when it comes to non-privileged personal information found on the company computer but under the employee's personal, password-protected, web-based account.  The tenor of the New Jersey decision suggests that employers are permitted to review those e-mails, especially if they contain illegal or inappropriate material. 

We suggest revising your electronic communications policy to expressly permit employer review of personal, password-protected, web-based accounts, to warn employees that e-mail contents are stored on a hard drive and can be retrieved, and to clarify what type of personal e-mail use is not permitted.

Under Register Guard, employers may prohibit employees from sending non-job related solicitations using the employer’s email system, including union-related communications.  Register Guard established that employers may prohibit this type of email even if the employer permits employees to send personal messages via email, such as an announcement of someone’s birthday, as long as the employer did not discriminate between union and nonunion communications of a similar nature.   

In Oakwood, the Board broadly defined a “supervisor” under the National Labor Relations Act (“NLRA”) as a person who assigns work to other employees using independent judgment and discretion.  Supervisors are not protected under the NLRA and can be ordered to assist the employer in its anti-union activities or discharged for assisting a union.  The Board stated that an individual’s judgment is independent where it is not dictated or controlled by instructions, such as employer policies or rules. 

Should the Board revisit the holding of either case, the result will most likely be employee- and union-friendly. 

In her Register Guard dissent, Board Member Liebman (now Chairman) would have found that “banning all nonwork-related ‘solicitations’ is presumptively unlawful absent special circumstances.”  When considering Register Guard on remand from the D.C. Circuit, the Board may now follow Liebman’s lead.  It will likely hold that the employer cannot preclude employees from using the email system for union-related matters. 

• What can employers do?  Employers should try to prohibit union-related solicitations by strictly prohibiting any personal use of their email systems.  Circuit courts may uphold such a policy even if Register Guard is reversed along Liebman’s interpretive lines.

In the Oakwood dissent, Liebman wrote that an individual should not be classified as a supervisor if the only supervisory duty performed is simply designating a task or tasks. If Oakwood is revisited, the Board will likely interpret “supervisor” less broadly.  This would make it more difficult for employers to classify lead persons who assign duties on a daily basis as supervisors.  Thus, in a union organizing drive, lead persons would be part of the bargaining unit and could advocate unionization to the workers they oversee. 

• What can employers do?  To ensure that lead persons can be classified as supervisors, employers should make sure that they do more than merely assign tasks (e.g. evaluate employees for raises, hire subordinates, make effective recommendations for hire, or authorize time off or overtime).

In Convertino, the plaintiff, Assistant U. S. Attorney Richard Convertino, filed suit against his employer, the U. S. Department of Justice (“DOJ”), and against Eastern District of Michigan First Assistant U. S. Attorney Jonathan Tukel.  The complaint alleged that Convertino was retaliated against for certain testimony before Congress and that, in violation of the Privacy Act, the DOJ improperly leaked information regarding an investigation into Convertino’s potential prosecutorial misconduct.  The retaliation claim (the only claim alleged against Tukel) ultimately was dismissed for lack of subject matter jurisdiction; however, the parties conducted discovery related to the Privacy Act claim. 

Although the claim against Tukel was dismissed, a discovery dispute resulted in the Court’s review of 36 emails between Tukel and his personal counsel, sent and received using Tukel’s DOJ email account, to determine whether they were protected by the attorney-client privilege.  Tukel intervened in the discovery dispute to assert privilege over the email communications.  Plaintiff Convertino took the position that Tukel waived his right to assert the attorney-client privilege because the communications were made using the DOJ’s email account. 

Judge Lamberth upheld the privilege.  In so doing, he articulated that application of the privilege requires a case by case analysis to determine whether there is a subjective expectation of confidentiality that is objectively reasonable, based on the following:  (1) whether the employer maintains a policy banning personal or other objectionable use; (2) whether the employer monitors the use of the employee’s computer or email; (3) whether third parties have a right of access to the computer or email; and (4) whether the employer notified the employee, or whether the employee was aware, of the employer’s use and monitoring policies.  The Court found that Tukel’s expectation of privacy was reasonable because, according to the opinion, the DOJ does not ban personal use of its email system, Tukel attempted to delete the email, and Tukel was unaware the DOJ “would be regularly accessing and saving e-mails sent from his account.” 

This opinion highlights why employers should develop, maintain, disseminate, and periodically update clear policies regarding acceptable practices for company information technology.  Such policies should include, among other things, guidelines governing personal and prohibited uses and statements related to privacy and confidentiality.  Taking such steps can reduce any arguable expectation of privacy and prevent employees from shielding their personal use of company resources from discovery in litigation against the company.