Do employees have any privacy at work? The short answer is no. Employers can legally monitor a worker’s e-mail, text messages and website visits that take place on a company-owned device or network.
As personal data collection from major tech firms has sparked privacy concerns in recent years, it’s worth examining how much monitoring, electronic or otherwise, employers may conduct in the workplace.
Employee Monitoring in the Digital Age
Technological advances have often put workers beneath a microscope. Companies can monitor employee movement, location, computer usage and more.
Surveillance tools are sometimes installed — to prevent employee theft, for example — but workers must know they are being filmed.
Emails and phone calls using company systems and equipment can be monitored. If you’re using your personal phone or tablet but also using the business’ email system, employers can monitor the transmissions.
Likewise, desks and offices are generally considered employer property, meaning they can be searched.
Limits to Employee Monitoring
Generally, employers are not allowed to listen to or record conversations of their employees without the consent of the parties involved. The Electronic Communications Privacy Act (ECPA) allows employers to listen in on business calls, but are not allowed to record or listen to private conversations.
However, employers may install audio recording devices in any location that is used for work, though cafeterias, break rooms and locker rooms are off limits.
Meanwhile, video cameras can be installed in areas only where there is no “reasonable expectation of privacy,” i.e., common work areas. Surveillance cameras are not allowed in restrooms or locker rooms.
Do Workers Have Privacy ‘Off the Clock’?
While the law is fairly straightforward on privacy in the workplace, it’s less clear when it comes to usage of company-owned devices at home and after business hours.
For example, when an employee uses a laptop supplied by the employer can the employee “reasonably” expect privacy? Not always.
Employee Personal Information or Files on Company Computers
It should be no surprise that IT staff occasionally need to make computer updates or repairs. In doing so, they will be able to view any information stored on the computer. That information, should it be questionable, has the potential of making its way back to the employer.
Related Resources for Compliance Teams
Webcam Surveillance on Company Computers
Most modern laptops are equipped with webcams. Some anti-theft software is designed to use those webcams to take still images from the laptops front-facing camera without the knowledge of the user. Webcams can be remotely activated — also without the knowledge of the user.
This is where we reach a gray area.
The company-supplied laptop could be inside the employee’s home, yet companies are not required to disclose when they activate the camera or how often, unless they are in a state with specific laws against webcam surveillance.
For example, in California, it’s a crime to secretly capture photo or video images of people in places and situations in which they have an expectation of privacy, such as in a restroom, shower, fitting room or locker room.
Even school children are not protected from webcam monitoring in their own homes.
Years ago, the FBI investigated an incident (Robbins v. Lower Merion School District) involving laptop computers issued to high school students. An IT tech was caught activating the webcams of more than 1,000 school-issued laptops while they were in the students’ homes, capturing hundreds of images. After the investigation, the FBI concluded that no laws had been broken. However, the school district settled out of court with families.
In states where marijuana is legal, some lawmakers have introduced bills that prevent employers from discriminating against workers based on the drug’s presence in a screening.
Similar measures have been enacted for prospective hires, as well.
Social Media Usage
The rise of social media usage in recent years has added another layer to the employer-employee privacy relationship.
Some workers might think their posts, especially if done off-site, can’t get them in trouble with their employer. That’s incorrect. Personal opinions, griping about the company or violations of company policy can lead to termination.
Employee Rights under the NLRA
While the rules around employee privacy in the digital age are always in flux, employees do have rights.
The National Labor Relations Act (NLRA), enacted in 1935, is a federal law that “protects the rights of employees and employers, to encourage collective bargaining, and to curtail certain private sector labor and management practices, which can harm the general welfare of workers, businesses and the U.S. economy.”
Section 7 of the NLRA protects employees who engage in “concerted” activity for the purpose of mutual aid or protection. Section 8 of the NLRA makes it unlawful for an employer to “interfere with, restrain, or coerce” an employee for engaging in such activity.
Protected Concerted Activity gives employees the right to act together to try to improve their pay and working conditions, with or without a union. Conversations among employees are generally protected when they consider group action.
However, the contemplation of group action is not required when the conversation is “inherently concerted.” Conversations about job security and wages are vital conditions of employment and the NLRB maintains that they are inherently concerted.
What Can Employers Do?
Make sure to communicate clearly that you have the capability to monitor and track company-owned devices to your employees. Establish policies and procedures that clearly explain what your IT technicians are allowed to do and train all employees on those policies.
This blog was originally posted in June 2015 and has been updated with new developments in employee privacy.