Originally published in the May 22, 2000 issue of the National Law Journal at page A23.

A new privacy battle is being waged over the use of computers in the workplace. New surveillance software is covertly being installed on corporate computers to invisibly capture and record employee keystrokes as they occur. The software allows electronic data from keystrokes to be recorded even if an employee never saves any of the electronic data on a corporate computer. Employees insist that they have a reasonable expectation of privacy for their "raw thoughts" expressed by keystrokes in electronic format on a corporate computer. However, employers are asserting that any communications, raw or otherwise, composed on corporate computers isn’t private under current law.

With ever increasing concerns about potential liability associated with the use of corporate computers, corporate executives are wasting no time taking full advantage of new innovations in technology to monitor employee activity. New surveillance software is being used by employers to secretly monitor and record the keystrokes of employees. The software records electronic data associated with the keystrokes as the employee types, including raw text, typos, backspacing, word substitutions, electronic cut and paste operations, etc. even if the electronic data is then erased and never saved on the computer.

Originally designed to track employee productivity or the amount of time spent on a project for billing purposes, the keystroke monitoring programs have been improved to include new monitoring features that can further invade an employee's privacy. For example, the surveillance software allows a dictionary of trigger words to be defined, and when a series of keystrokes comprising a trigger word is identified, the software will remotely freeze a computer to immediately prevent any further inappropriate activity.

The potential for employer misuse of such surveillance software is enormous. Employees have expressed fear and concern that employers may monitor keystrokes for trigger words such as union, organize, strike, alcoholic, boss, drug re-habilitation, HIV, psychiatrist, religious affiliations, sexual orientation, etc. that can be used to record private information about an employee. Once such private information is recorded, an unscrupulous employer may then use the private information as an underlying reason to inappropriately, or illegally terminate employees who do not fit within a "belief" system of an employer, to save on insurance costs, to get rid of perceived troublemakers, etc.

Nevertheless, is it reasonable for an employee to have any expectation of privacy when personal thoughts are typed on a corporate computer, even if their thoughts are never saved? Based on current case law, the answer appears to be no. Courts have consistently refused to expand employee privacy rights for private communications voluntarily composed on corporate computers.

For example, in Michael A. Smyth v. The Pillsbury Company, 914 F.Supp. 97, 101 (E.D. Pa. 1996), the court stated that by intercepting e-mail communications on a company computer system, "the company is not, as is the case in urinalysis or personal property searches, requiring an employee to disclose any personal information about himself. Moreover, the company's interest in preventing inappropriate and unprofessional comments or even illegal activities over its e-mail system outweighs any privacy interest the employee may have in those comments."

There has also been resistance by state and federal governments to expand privacy rights for employees using corporate computers. Concerned with corporations spying on employees, California Senator Debra Bowen introduced a bill1 that would have made it a crime to monitor an employee's e-mail without warning the employee in advance. The bill passed the legislature but was vetoed by Governor Gray Davis. Governor Davis stated the law infringes on employer's rights and leaves employers open to unjust lawsuits. Davis further stated an employer has a legitimate need to monitor, either on a spot basis or at regular intervals, company property such as e-mail and other information stored on corporate computers.2

In the fast-paced, workaholic age of Internet economy, it is becoming increasingly difficult, if not impossible for employees to separate their professional activities from their personal activities. Innovations in technology continue to blur the distinctions between the workplace and home environments. Considering the amount of time the average employee now spends each day using a corporate computer, in and out of the office, it has almost become a certainty that an employee will use corporate computers for personal activities. To avoid a total loss of personal privacy for employees, the courts and the legislature should at least consider a more appropriate balancing between an employee’s right to protect personal privacy and an employer’s right to prevent inappropriate activities on corporate computers.

Footnotes

1 California State Senate Bill, SB 1016, February 26, 1999, http://www.sen.ca.gov.

2 "Right to Monitor E-mail Upheld," L.A. Times, October 12, 1999, at A8.

Copyright © 2000, by Stephen Lesavich, PhD. All rights reserved.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.