United States: Company's Covert Monitoring Of Former Employees' Private Facebook Messenger Conversations Was Not "Unclean Hands"

Charles A Weiss is a Partner in Holland & Knight's New York office.

The equitable defense of "unclean hands" is often raised but rarely proven. Sometimes stated as "he who comes into equity must come with clean hands," it is based on the maxim that "he that hath committed iniquity shall not have equity." Readers with a historical mindset may also recall the related, but distinct, maxim that "he who seeks equity must do equity." As explained in the leading historical treatise on equity jurisprudence, the difference is that unclean hands is implicated only when "the suitor seeking the aid of a court of equity has himself been guilty of conduct in violation of the fundamental conceptions of equity jurisprudence," while the "he who seeks equity must do equity" doctrine applies more generally—and with no assumption of wrongdoing or inequitable conduct—to compel the plaintiff to "recognize, admit, and provide for the corresponding equity of the defendant, and award to him also the proper relief." ¹

One reason why unclean hands is pled with far more regularity than it is proven is the requirement for a close connection between the plaintiff's unpleasant acts and the transaction giving rise to its claim against the defendant. Stated simply, bad (or even criminal) conduct that is not tied to the cause of action asserted as the basis for equitable relief may be independently actionable, but will not defeat the plaintiff's resort to the court's equitable powers: "The rule does not go so far as to prohibit a court of equity from giving its aid to a bad of a faithless man or a criminal. The dirt upon his hands must be his bad conduct in the transaction complained of. If he is not guilty of inequitable conduct toward the defendant in that transaction, his hands are as clean as the court can require." ²

A recent decision by the Court of Appeals for the Third Circuit provides a factually unusual lens through which to examine the doctrine's "relatedness" requirement in a case against departing employees who took company documents to start a competing business.

It started out as a typical departing-employee case. Several employees of Scherer Design Group (SDG), an engineering company in New Jersey that designs antenna systems for wireless carriers, left en masse to form their own competing business. Using in part the browser history on one of the employee's company laptop, SDG was able to access and monitor conversations between them conducted on Facebook Messenger, screenshots of which were included in SDG's complaint.

The manner in which SDG was able to do this was hotly disputed: SDG contended that the employee had not fully logged out, and left his account open on the company laptop. The defendants countered that SDG used a password recovery tool to hack into the account. Seemingly undisputed, however, is that SDG used a program (fbunseen) that permitted it to monitor the former employees' Messenger conversations without being detected, and continued this monitoring for at least a few weeks. SDG had no policies informing employees that it could monitor their activities on company-issued computers.

Regardless of how they were obtained, some of the former employees' conversations gave SDG evidence for its claims on a silver platter, including one in which the first employee to leave advised the others on how to plan their departures, and an explanation why their new business would—unlike SDG—require non-compete and non-solicitation agreements:

Also, I'd be wise to have non-competes and non-solicits for partners/employees for all members in both companies. Does anybody have an issue with that? That'd mean you can't go off on your own, steal clients, employees and compete with the other partners. These are things SDG is wishing they had about now . . . . What if I take all AE's clients and start my own company doing the exact same thing? Would you want me to do that to you? Well guess what, I wouldn't want you to do it to me either. And SDG is pretty sorry they didn't lock me down too. ³

In addition to its monitoring of the former employees' Messenger conversations, SDG also investigated the activities conducted on their computers before they left. It alleged that they downloaded more than 77,000 files, including client documents, construction plans, internal analysis tools for scheduling, CAD files and macros, and an automation tool used to provide services to SDG's largest customer.

In opposition to SDG's motion for a preliminary injunction, the defendants' asserted that SDG's monitoring of their personal accounts was with unclean hands that defeated its potential entitlement to equitable relief. The district court did not resolve all the factual disputes concerning the manner in which SDG gained access to the accounts, but rejected the unclean hands defense based on a lack of relatedness to SDG's claims. Referring to SDG's monitoring of their accounts, the district court held that:

[T]his conduct is arguably not related to the litigation to find unclean hands. While it goes to Plaintiff's full knowledge of the underlying facts, it does not affect the potential breaches of loyalty, tortious interference, and/or trade secret violations that are the subject of the litigation and which occurred prior to Plaintiff's alleged hacking of [the employee's] account. On balance, the Court is not persuaded that Plaintiff's "'unclean hands" should bar its right to pursue injunctive relief.

Having rejected this defense, the district court proceeded to the usual four-factor analysis applicable to preliminary injunctions and granted SDG's motion based on its claim for breach of the duty of loyalty. (The court found that SDG had not shown a likelihood of success on its claims for misappropriation of trade secrets because it had not taken sufficient precautions to maintain secrecy.)

On appeal, the defendants relied only on their unclean hands defense to argue that the district court erred in granting SDG a preliminary injunction. The court of appeals affirmed, over a dissent stating that the district court evaluated the defense under an incorrect application of governing privacy law.

As many readers will know, the standard of review for appeals from decisions granting or denying preliminary injunctions is abuse of discretion. The abuse of discretion standard also applies to the district court's application of the unclean hands doctrine (although the legal parameters of the doctrine is an issue reviewed de novo), and the court of appeals designated its opinion as not precedential. Still, the differing treatment of the unclean hands defense by the panel and the dissent provides a worthwhile examination of an interesting issue in cases of this type and illustrates the challenges faced by an employer that finds itself confronted with the challenge of mass defections.

In affirming the district court's grant of a preliminary injunction, the panel looked to precedent limiting the unclean hands defense to cases in which there is a "tight connection between the object of the injunction and the misconduct of the plaintiff," and authority that misconduct by the plaintiff is "collateral" when the right it seeks to vindicate "did not accrue" to it because of the misconduct. The panel then explained that the district court's assessment of the unclean hands defense was sound for three reasons:

• SDG did not dirty its hands in order to acquire the legal rights it asserted against the defendants; its right to loyalty by its employees existed "long before" it began monitoring their Facebook Messenger conversations.
• Although the surreptitious monitoring of the former employees' conversations provided SDG with proof of its claims against them, it did not give rise to the claim. Stated differently, SDG's monitoring was not related to the separate question of whether the former employees misappropriated its documents.
• The potential breach of defendants' privacy by SDG is governed by a body of law that is distinct from the law concerning employee loyalty and those different bodies of law provide different remedies for their respective breaches.

Given these circumstances, the panel held—because relatedness is a "critical element" of an unclean hands defense—that the district court did not abuse its discretion in declining to apply the unclean hands doctrine to deny SDG's application for a preliminary injunction.

The dissent's disagreement with the panel rested largely on its view of New Jersey's privacy law, which it argued that it had not been adequately considered by the district court before it rejected the defendants' unclean hands defense. Looking in part to New Jersey precedent concerning employer monitoring of personal e-mails sent from work accounts, along with the common-law standards for invasion of privacy claims based on intrusion upon seclusion, the dissent first concluded that SDG's conduct in monitoring the former employees was tortious.

Reviewing the elements of a privacy claim, the dissent had little trouble concluding that SDG's conduct was (i) intentional, (ii) an intrusion into private space, and (iii) highly offensive. To make matters worse, SDG had a way through discovery to acquire legally" the information pertinent to its case.

The dissent also advocated a more flexible application of the "relatedness" requirement than the formulation applied by the panel (and the district court). Specifically, it wrote that inequitable conduct could be related for purposes of the unclean hands doctrine when the plaintiff's conduct (i) bears a direct relation to the matter before the court and (ii) affects the balance of equities. The first prong was easily met by SDG's use of screenshots of the surreptitiously monitored messages in its complaint. The second prong was potentially satisfied because "both parties unlawfully acquired from the other information relevant to their competing businesses," and both abused the employer/employee relationship (the employees by using their employment to misappropriate SDG's information and SDG by using their activities as employees to acquire the private information that it collected). Thus, wrote the dissent, the matter should be reconsidered by the district court following a more searching consideration of the former employees' privacy interests.

The facts presented in this case are likely to recur and there is a dearth of authority on application of the unclean hands doctrine to such facts. Based on this case, employers may want to consider the following:

• Policies and notifications concerning the company's right to access personal materials on company computers, including reminders to (i) log out of any personal apps and websites, and (ii) clear all password history.
• Retention policies that secure the computer and electronic information of a departing employee if there are concerns that he or she is leaving under potentially litigious circumstances.
• Monitoring "private" or "personal" communications of employees or former employees is fraught with potential issues that differ from state to state and should be reviewed with counsel before implementation. ⁴

Footnote

1 See II Pomeroy Equity Jurisprudence § 397 (5th ed. 1941).

2 Id. § 399.

3 Scherer Design Grp., LLC v. Schwartz, Civ. No. 18-3540, 2018 WL 3613421, at *6 (D.N.J. July 26, 2018) (Complaint ¶ 82).

4 Scherer Design Group, LLC v. Ahead Eng'g LLC, No. 18-2835, 2019 WL 937176 (3d Cir. Feb. 25, 2019), aff'g, Scherer Design Grp., LLC v. Schwartz, Civ. No. 18-3540, 2018 WL 3613421 (D.N.J. Jul. 26, 2018).

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.