Just about every company has the provision in its employee handbook that its employees have no expectation of privacy when using computers provided by the employer. However, to what extent these provisions are enforceable differs between jurisdictions.
For instance, in Curto v. Medical World Communications, Inc., 2006 WL 1318387 (E.D.N.Y. 2006), the court found that an employee has a right to privacy (at least as to attorney-client communications) in information recovered forensically from an employer’s computer. In Curto, the employee handbook stated: (a) employees have no expectation of privacy in anything they create, store, send or receive on the computer system; (b) the computer system may only be used for business purposes; (c) anything on the computer belongs to the company; and (d) the company may use human or automated means to monitor use of the computer system. The policy even had the employees expressly waive any right to privacy to information on their computers.
The court, while noting these facts, found that other factors supporting privilege/privacy were controlling, including but not limited to: (a) the employee’s computer was not connected to a network; (b) the computer was used solely in a home office; and (c) the employee deleted her personal files prior to returning the computer to the company.
In Banks v. Mario Industries of Virginia, Inc., 2007 WL 2683509 (Va. 2007), the court found that an employee has no right to privacy (including attorney-client communications) even though the company permitted employees to use work computers for personal matters. The employee handbook at issue stated that there was no expectation of privacy for anything created on a work computer. The court found that this statement waived the employee’s right to privacy.
Even though both of these cases deal with attorney-client communications, the holdings teach valuable lessons:
(a) Prior employee’s computers may contain a wealth of forensically recoverable information relevant to a lawsuit; and
(b) Provisions related to privacy in an employee handbook may or may not permit the use of such information in litigation.
Given the evolving law regarding electronic information in each jurisdiction, it may be prudent for companies to review and modify, if necessary, their policies regarding privacy expectations in order to ensure the best access to such information.