Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NJ Court Upholds Privacy of Personal Emails At Work

Soulskill posted more than 4 years ago | from the easier-said-than-done dept.

Privacy 172

chiguy sends word of a ruling from the New Jersey Supreme Court which found that a company did not have the right to read emails from an employee's personal account even through the account was accessed on a company computer. This ruling is likely to set precedent for other workplace privacy cases around the country. "'The court has recognized the very legitimate and real concerns with regards to privacy. This gives some guidance to employers in terms of how explicit (e-mail) policies need to be,' [attorney Marvin Goldstein] said. The ruling stems from a harassment and discrimination lawsuit Marina Stengart of Bergen County filed three years ago against Loving Care of Ridgefield Park. Stengart, then the executive director of nursing, sent her attorney eight e-mails from her company-loaned laptop about her issues with her superiors. Stengart used her Yahoo e-mail account. 'Under all of the circumstances, we find that Stengart could reasonably expect that e-mails she exchanged with her attorney on her personal, password-protected, web-based e-mail account, accessed on a company laptop, would remain private,' Chief Justice Stuart Rabner wrote in the decision, which upholds an appeals court’s ruling last year."

cancel ×

172 comments

Sorry! There are no comments related to the filter you selected.

I guess... (0)

Anonymous Coward | more than 4 years ago | (#31708492)

I guess they weren't giving her enough loving care.

Still probably violates company policy (3, Insightful)

sjbe (173966) | more than 4 years ago | (#31708554)

a company did not have the right to read emails from an employee's personal account even through the account was accessed on a company computer.

I agree with the general principle - if someone doesn't use the company account there should be a reasonable expectation of privacy for a personal webmail account. However she still may be violating company policy about using work assets for personal affairs. The computer is owned by the company and they have every right to reprimand her for making the emails regardless of the content.

Re:Still probably violates company policy (3, Insightful)

flaming error (1041742) | more than 4 years ago | (#31708600)

> ... they have every right to reprimand her for
> making the emails regardless of the content.

Ok. But if what she did was wrong "regardless of the content", why did the employer have to read them?

Reading not required (2, Insightful)

sjbe (173966) | more than 4 years ago | (#31708658)

But if what she did was wrong "regardless of the content", why did the employer have to read them?

They didn't. That was just stupid on their part - at least according to the judge. Unless they didn't have their usage policies written out (also stupid) they could have fired her, without reading the content, for violating corporate policy on acceptable use of company assets.

Court said she didn't violate the company policy (5, Informative)

Anonymous Coward | more than 4 years ago | (#31708950)

The company did have their usage policies written out and the court noted that they explicitly said "occasional personal use is permitted."

So she didn't violate the company's acceptable use policy.

If the company policy had said that personal use is never permitted, the court might well have ruled differently.

Re:Still probably violates company policy (4, Informative)

TubeSteak (669689) | more than 4 years ago | (#31709866)

Ok. But if what she did was wrong "regardless of the content", why did the employer have to read them?

Before she resigned, she was planning to sue the company.
After she resigned and filed her lawsuit, the company went back and dug through her work laptop.
Then the company lawyers quoted, to her, Yahoo e-mails between her and her lawyer...
Which is how the whole thing turned into a clusterfuck.

Unfortunately, this only sets a binding precedent in New Jersey (AFAIK).

Re:Still probably violates company policy (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31708706)

Yes of course. That doesn't mean they can go read the private emails.

Re:Still probably violates company policy (0, Redundant)

gangien (151940) | more than 4 years ago | (#31709632)

If you do something on someone else's property, they don't have a right to observe it?

Re:Still probably violates company policy (5, Insightful)

Anonymous Coward | more than 4 years ago | (#31709656)

If you do something on someone else's property, they don't have a right to observe it?

Like use their toilet?

Re:Still probably violates company policy (2, Insightful)

plague3106 (71849) | more than 4 years ago | (#31709724)

If I use your phone to make a private call, you do NOT have the right to listen in.

Re:Still probably violates company policy (5, Insightful)

Herkum01 (592704) | more than 4 years ago | (#31708734)

The company does not have the right to read her personal mail either, but if she wrote it using a company pen or paper she may be violating company policy about using work assets for personal affairs... Or maybe the company phone, or maybe the rental car when she decided to stop at a store on a business trip, etc...

The costs of the items involved, like a personal email, can be minimal to non-existent so it is not about money. These things are not being done in the companies name, so it is not about being a representative of the company. The person is probably an exempt employee, which means that the person is expected to do their job, whatever that is, not punch a clock. As long as the job is getting done, the so called time lost is irrelevant.

These policies are rules made by busy bodies that feel a need to insert their nose into someone's business. That it involves "Company property" is just the excuse. Why these people believe that the companies rights are so superior to the individual is rather pathetic. Especially since the Constitution was really set up to protect the individuals right to privacy, that the government seems so willing to defer that right because a business is involved is very scary.

Re:Still probably violates company policy (1, Informative)

Anonymous Coward | more than 4 years ago | (#31708842)

Most companies do not absolutely prohibit any personal usage, allowing some reasonable usage.

Re:Still probably violates company policy (1)

drsmithy (35869) | more than 4 years ago | (#31709016)

Most companies do not absolutely prohibit any personal usage, allowing some reasonable usage.

Usually right up until the point they want an excuse to get rid of you.

Companies are easier to regulate than governments (0)

sjbe (173966) | more than 4 years ago | (#31708948)

As long as the job is getting done, the so called time lost is irrelevant.

Possibly though we don't really know enough about the situation to say for certain.

Why these people believe that the companies rights are so superior to the individual is rather pathetic.

It has nothing to do with "superior" rights. Most employment in the US is "at will" meaning you can leave any time you like for any reason and the company can fire you any time they like for any reason. It doesn't even have to be a good reason with certain notable exceptions (mostly discrimination against a protected class of peoples). This lady probably violated a company policy and it's entirely reasonable that the company could elect to fire her for doing so. That doesn't mean the company has carte-blanche to do whatever they want to her. The extent of their powers is basically to fire her and possibly seek restitution for any damages they might have incurred by her actions (apparently none in this case).

Especially since the Constitution was really set up to protect the individuals right to privacy, that the government seems so willing to defer that right because a business is involved is very scary.

First of all there is NOTHING in the Constitution explicitly protecting privacy. Nothing. Everything relating to privacy in the Constitution has been inferred. Go ahead and read it. You won't find the word privacy or anything like it mentioned even once.

Second, I can switch employers if I find a particular one odious or intrusive. It is MUCH harder to switch governments even in a voting democracy. That's why we need more protections from the government than from corporations in most circumstances and that starts with the Constitution. Regulating corporations is much easier than regulating governments.

Re:Companies are easier to regulate than governmen (4, Insightful)

Thinboy00 (1190815) | more than 4 years ago | (#31709182)

First of all there is NOTHING in the Constitution explicitly protecting privacy. Nothing. Everything relating to privacy in the Constitution has been inferred. Go ahead and read it. You won't find the word privacy or anything like it mentioned even once.

The fourth [wikipedia.org] and ninth [wikipedia.org] amendments taken together. See also the fourteenth [wikipedia.org] .

Re:Companies are easier to regulate than governmen (1)

nomadic (141991) | more than 4 years ago | (#31709296)

That's quite a penumbra.

Re:Companies are easier to regulate than governmen (2, Insightful)

corbettw (214229) | more than 4 years ago | (#31709308)

Can't forget the tenth. If it's not spelled out in the Constitution, the Federal government doesn't have it. Since there is no Amendment saying the government can poke its nose into your business, you still have your privacy with which you were born.

Re:Companies are easier to regulate than governmen (1)

nedlohs (1335013) | more than 4 years ago | (#31709466)

The topic isn't the federal government doing something, so that's irrelevant.

Re:Companies are easier to regulate than governmen (3, Informative)

plague3106 (71849) | more than 4 years ago | (#31709738)

Since Federal law always trumps state law, you're wrong. A State can no more restrict my freedom of speech any more than the Feds could.

Re:Companies are easier to regulate than governmen (1)

klapaucjusz (1167407) | more than 4 years ago | (#31709848)

Further, the USA are a signatory of the Universal Declaration of Human Rights [wikipedia.org] :

Article 12 No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

Re:Companies are easier to regulate than governmen (2, Interesting)

Anonymous Coward | more than 4 years ago | (#31709274)

When I read the Constitution I found this section called the Fourth Amendment. This is what is said:

Amendment 4 - Search and Seizure.

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

I think reading private, off-site, email that is completely separate from work with a password you found cached in work equipment is a violation the "security" of the person in the story. I find that "right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures" and privacy regarding a person's home and private correspondence to be synonymous. The article mentions no potato but it does say a thing or to about potato. (The words "potato" and "potato" should be treated as phonetically different in the previous sentence and may alternately, at your pleasure, both be replaced in whole by the two words "tomato" and "tomato")

For instance, if you leave a spare house key in your desk drawer (which is using work equipment for personal use again) can management take it an go looking through your underwear drawer?

Re:Companies are easier to regulate than governmen (0)

Anonymous Coward | more than 4 years ago | (#31709918)

Read the 4th amendment. I am protected against unreasonable searches; how does that not explicitly protect privacy?

Just because the searching is with the eyes doesn't make it less of a search than a search with the hands.

Re:Still probably violates company policy (2, Insightful)

arbiter1 (1204146) | more than 4 years ago | (#31709098)

what if she used her private email to send email with sensitive company info to a competitor? They have the right to monitor all data sent over their networks and any computer they own.

Re:Still probably violates company policy (2, Funny)

Anonymous Coward | more than 4 years ago | (#31709210)

Why even add "over their networks and any computer they own"? She is an asset of the company, an inventory item. Why should she be expected to have any privacy at all? The company owns here as soon as she signed her work contract.

Re:Still probably violates company policy (4, Interesting)

rsborg (111459) | more than 4 years ago | (#31709744)

what if she used her private email to send email with sensitive company info to a competitor?

What's stopping her from putting a file into her briefcase/backpack and taking it home and sending it there? What about thumbdrives or synched cell-phones (which allow file-storage)?

Face it, unless the worker is in a secured area, the "need to monitor all traffic to prevent leaks" is borderline paranoiac. There needs to be an appropriate level of trust (this includes carrots and threats-of-sticks) for any worker to be productive.

Re:Still probably violates company policy (0, Flamebait)

BitZtream (692029) | more than 4 years ago | (#31709236)

These policies are rules made by busy bodies that feel a need to insert their nose into someone's business.

No, these policies are made by people finding it increasingly difficult to get rid of shitty employees without getting sued. Now days if an employee does something that clearly isn't acceptable, but isn't in some handbook, you get sued for firing them ... so ... they have to make so many rules to cover all the retarded 'little' things people do that can occasionally cause major problems.

Especially since the Constitution was really set up to protect the individuals right to privacy, that the government seems so willing to defer that right because a business is involved is very scary.

Thats retarded. The person has an easy way to keep their privacy, don't do it on the work PC. Do it at home, on your own time, away from their resources. What you're saying is that basically its the companies responsibility to keep things private ... even if she walks in to the office and starts screaming about these private things at the top of her lungs. Okay, thats an obvious exaggeration, but the point remains, she gave up her privacy by using a shared non-private resource. The constitution is there to protect privacy, not stupidity. What she did was fucking stupid.

Does the company have a right to read her personal email? Not one bit.

Does the company have the right to do whatever it wants with its equipment and network? Beyond any shadow of a doubt, YES. Including reading emails left on the drive, be it in the browser cache or saved to files or in some email client. They can sniffer her web sessions to yahoo all day long when she's using their resources. If she wants to keep them out of it, she shouldn't be using their resources. Period.

Your rights end when they start effecting someone elses rights. Hers ended when she used equipment that wasn't hers.

Our company policy is simple: You can use your PC for anything that is non-disruptive to work, is not a violation of your employement contract specific (i.e. no selling secrets and all that standard stuff), and its not illegal. However, the computers and everything on them are company property and you have no privacy on them. You sign a document (more detailed of course) stating the rules and that you've been made aware of them, THEN you get a PC.

You don't have to sign the document. You also don't have to work for us. Its okay, we don't mind if you don't, there are plenty of people who aren't so retarded as to think someone else's equipment is their private playtoy.

This has become an issue once. We found after an employee was released and brought back their laptop that they had been making deals on the side and essentially prepping customers to be stolen when they left the company. After several weeks of telling the person to return their laptop they finally did, at which point we dissected it with a fine tooth comb, not actually looking for anything (we suspected nothing at the time) its simply standard procedure to try and find loose ends with customers so nothing gets left hanging. The employee had 'formatted' the drive, which of course we promptly recovered.

The judge didn't care about any of it or how it happened, all he cared was that we found the evidence on our equipment. To which we explained to him that yes we had, both on the laptop and on our own mail servers.

We were 'sued' because we saw documents relating to his divorce settlement. The judges response was something along the lines of 'you signed a document stating you were aware that company equipment can be monitored and is not considered private, why are we here exactly?'

and that was that ...

If we had hacked into his yahoo account with no prior knowledge of it, we'd be wrong. But the instant the data hit our equipment or services we get full right to it.

Simple solution ... DON'T USE COMPANY EQUIPMENT FOR PRIVATE MATTERS DUMB ASS.

Of course, these are the same morons that sue when their facebook photos get 'leaked to the web' because they were 'private'.

Re:Still probably violates company policy (0)

Anonymous Coward | more than 4 years ago | (#31709504)

No, these policies are made by people finding it increasingly difficult to get rid of shitty employees without getting sued. Now days if an employee does something that clearly isn't acceptable, but isn't in some handbook, you get sued for firing them ... so ... they have to make so many rules to cover all the retarded 'little' things people do that can occasionally cause major problems.

Perhaps you're not familiar with the concept of "at will" employment, which covers many states. You can be fired for any reason whatsoever, or no reason at all, except for a few prohibited criteria.

And as for getting sued, well, that's life in the USA. You can be sued for doing anything (or not doing something). Whether they win (and how much it costs you to defend yourself) is a different question. I suggest you read overlawyered [overlawyered.com] , it's a great blog about the excesses of the legal system.

Re:Still probably violates company policy (1)

Herkum01 (592704) | more than 4 years ago | (#31709696)

To clarify a point for "At will" employment. You can be fire for "NO Reason", but you cannot be fired for "ANY Reason". Simple examples would be Age, Race though there is a huge area dictating what is acceptable and what is not.

An example that I had in business school was an VP accidentally left a paper who was copying. The paper was an advertising for a gay party(he was in the closet). The company fired him for violating the Company Usage Policy for him making a personal copy. The company lost the lawsuit that was filed by the VP, because they fired him for an invalid reason, not for ANY reason.

Re:Still probably violates company policy (1)

stonewallred (1465497) | more than 4 years ago | (#31709694)

IANAL, but if she wrote a snail mail letter, used her stamp and her envelope, with her pen and her paper, on her time, and then brought it into work and stuck it in the outgoing mail tray, would we be having this conversation or law suit? The law is pretty clear about opening mail not addressed to you, with very few exceptions. All this ruling does, IMNSHO, is extend some of the same privacy that is protected by law for pen and paper letters into the digital medium. I agree however, she was a stupid cunt for using a company computer to send letters to her lawyer about her complaints about the company.

violates company policy (0)

Anonymous Coward | more than 4 years ago | (#31709290)

...These policies are rules made by busy bodies that feel a need to insert their nose into someone's business. That it involves "Company property" is just the excuse. ...

Company buys laptop -- $700.00

Company pays for Bandwidth(per employee per hour) -- $5.00

The cost to clean up a virus infection because an employee can not resist clicking on the latest shiny thing -- $200.00

"Busy Bodies" get up in arms about how the companies equipment and bandwidth are being misused. -- Priceless.

For doing your work during work time there is the supplied company equipment, for everything else there's your own damn laptop with a wireless modem or cell phone during your break.

Re:Still probably violates company policy (4, Insightful)

SlippyToad (240532) | more than 4 years ago | (#31708914)

"However she still may be violating company policy about using work assets for personal affairs."

Maybe. That's another can of worms. I use my personal computer to work from home. I'm expected to be available every few weeks for a week of "on-call" activity where work can intrude quite firmly into my home.

The line between working at home and "homing" at work, to badly coin a phrase, is getting blurrier every year.

And companies have a choice of either shutting people out of their personal lives completely for 8-10 hours a day (and getting the exact same shutout when those people go home) or learning to be modestly flexible. So far the trend is that companies are learning to bend just a bit.

Re:Still probably violates company policy (2, Insightful)

civilizedINTENSITY (45686) | more than 4 years ago | (#31708988)

If company policy states that personal use is OK (as was the case according to TFA) then she wasn't violating company policy.

Re:Still probably violates company policy (0)

Anonymous Coward | more than 4 years ago | (#31709776)

>The computer is owned by the company and they have every right to reprimand her for making the emails regardless of the content.

One might argue that communication with a lawyer about work-related matters is not something that can, or should be reprimandable.

Soon To Be Overturned! (3, Interesting)

Nickodeemus (1067376) | more than 4 years ago | (#31708574)

The data exists on the company's computers, likely passed through their network and servers, and because of these things they are legally accesible by the company. Unless the company accessed her email account at Yahoo using this data, there doesn't seem to be an issue to me. Unfortunately, the article is sparse on the details. Only an idiot would think, in these times, that the things they do on their company PC or laptop would not be accisible by the company. Just because they issue you a system doesn't make that system yours - its theirs, including all its contents.

Re:Soon To Be Overturned! (1)

Nickodeemus (1067376) | more than 4 years ago | (#31708618)

oops! Accesible instead of accisible.

Re:Soon To Be Overturned! (5, Insightful)

Stone Rhino (532581) | more than 4 years ago | (#31708684)

I could use company paper and company pens to write my letter, and mail it with a company stamp. I would be misusing company resources for personal business, but that doesn't give the company the right to read its contents. I could sit on the company toilet and use company water to take a shit, but that doesn't give them the right to watch. I could even be masturbating in there, misusing the time, and they still wouldn't have the right to monitor my activities. They would be in their rights to discipline an employee for taking long breaks and doing who knows what in the restroom, but they wouldn't be allowed to watch their employees to check just how they're spending their time in there. In this case, they can discipline her for misusing company resources, but can't violate the privacy that she has a reasonable expectation of.

On a closer note, it's the same privacy standard as if she'd had the conversation with her lawyer on the company phone -- a misuse of resources, but not within their right to listen in.

Re:Soon To Be Overturned! (1)

YourMissionForToday (556292) | more than 4 years ago | (#31708738)

I could even be masturbating in there, misusing the time,
Either you're masturbating or you're misusing the time. It can't be both!

Re:Soon To Be Overturned! (4, Informative)

Jah-Wren Ryel (80510) | more than 4 years ago | (#31708960)

On a closer note, it's the same privacy standard as if she'd had the conversation with her lawyer on the company phone

I'm too lazy to get you a citation, but the "lawyer" half isn't necessary - the courts long ago ruled that an employer can not snoop on her phone calls to ANYONE even if she is using a company phone.

Re:Soon To Be Overturned! (2, Insightful)

civilizedINTENSITY (45686) | more than 4 years ago | (#31709062)

And thus all the arguments regarding "they own the hardware, they can do whatever they want" fail.

Re:Soon To Be Overturned! (1)

BitZtream (692029) | more than 4 years ago | (#31709266)

I'm too lazy to get you a citation

Translation: Bullshit

The only time that has ever held true is when a company has specifically said the conversation ARE private.

Re:Soon To Be Overturned! (0)

Anonymous Coward | more than 4 years ago | (#31709856)

You have it backwards. I'm sure wiretapping laws cover this. Double so in those states that require permission from both parties to record a conversation.

Re:Soon To Be Overturned! (0)

Anonymous Coward | more than 4 years ago | (#31709666)

I'm too lazy to get you a citation, but the "lawyer" half isn't necessary - the courts long ago ruled that an employer can not snoop on her phone calls to ANYONE even if she is using a company phone.

Lies. In fact, in some cases (like US investment banks) the employer is obligated to record your phone communications with clients.

Re:Soon To Be Overturned! (-1, Flamebait)

BitZtream (692029) | more than 4 years ago | (#31709258)

I could use company paper and company pens to write my letter, and mail it with a company stamp. I would be misusing company resources for personal business, but that doesn't give the company the right to read its contents.

Yes, actually it does. Sorry to disappoint but what you think and reality are not the same. You lost privacy when you said 'used company'.

doesn't give them the right to watch

Yes, actually it does, though they'd be short a staff really quick if they did it. There are companies that do, they've been to court, they've won. Precedent is not on your side.

ut can't violate the privacy that she has a reasonable expectation of.

True, but there is no reasonable expectation of privacy in the workplace, only misguided ignorance and stupidity.

You don't have to work there if you don't like their rules, its rather simple.

Re:Soon To Be Overturned! (2, Informative)

Anonymous Coward | more than 4 years ago | (#31709396)

True, but there is no reasonable expectation of privacy in the workplace, only misguided ignorance and stupidity.

(Glances at the discussion title...)

It appears that you are mistaken, at least according to the Supreme Court of New Jersey, and I think they know more about following the precedents than you do.

Re:Soon To Be Overturned! (4, Insightful)

Reverberant (303566) | more than 4 years ago | (#31708686)

The data exists on the company's computers, likely passed through their network and servers, and because of these things they are legally accesible by the company

How far do we take this logic? Does the company have a right to search an employee's pocketbook because it's sitting in a company-owned office? Can the company take samples of an employee's lunch for drug testing (or health insurance purposes_ because it's sitting in a company-owned refrigerator, powered by company-paid-for electricity? Can a company search an employee's car because it's sitting on a company-owned parking lot?

Re:Soon To Be Overturned! (1, Informative)

Nickodeemus (1067376) | more than 4 years ago | (#31708790)

Your examples refer to property that is not owned by the company - just because its on their property doesn't give them rights over it. The article and this discussion pertains to company owned property.

Re:Soon To Be Overturned! (3, Insightful)

idontgno (624372) | more than 4 years ago | (#31708940)

Company owned property (parking lot, refrigerator, network) which contains non-company-owned property (employee's car, employee's lunch, employee's email). The analogy is perfect.

Re:Soon To Be Overturned! (1)

icebraining (1313345) | more than 4 years ago | (#31709004)

But it's her data; just because it's being transmitted through their property doesn't give them rights over it.

They have the right to prevent the communication, just like they have the right not to allow the lunch box to sit in their refrigerator, but they don't have the right to inspect it.

Re:Soon To Be Overturned! (1)

Reverberant (303566) | more than 4 years ago | (#31709012)

Your examples refer to property that is not owned by the company - just because its on their property doesn't give them rights over it. The article and this discussion pertains to company owned property.

The implication here is that the employee's information and data aren't 'property' and therefore is fair game to be accessed by the owner of whatever resource it travels over. Again, how far do we take this? Does Comcast have the implicit right to read the emails in my Gmail account because the data goes over their pipes? Does the government have the right to read emails that may pass through a Fed-owned router in some AT&T closet out there?

Re:Soon To Be Overturned! (1)

civilizedINTENSITY (45686) | more than 4 years ago | (#31709088)

While no one would suggest that they don't own the hardware, without doubt copyright on the email material belongs to the woman. What gave the company the right to make copies of her material?

Re:Soon To Be Overturned! (1)

corbettw (214229) | more than 4 years ago | (#31709338)

(Checks username of GP, ensures it's not BAG.) No, that's probably a good analogy.

Re:Soon To Be Overturned! (3, Insightful)

Zumbs (1241138) | more than 4 years ago | (#31708870)

The data exists on the company's computers, likely passed through their network and servers, and because of these things they are legally accesible by the company. Unless the company accessed her email account at Yahoo using this data, there doesn't seem to be an issue to me.

From that logic, it follows that if you send a letter by snailmail, where the letter exist in the offices of the postal service, the postal service workers have the right to open and read your letter. In my opinion, my employers have no more right to read my personal email than a postal worker has reading my letters. Usage of company email may be a gray zone, but my personal email account is not. They may argue that I sent a mail during work hours and fire me for that (if it is against company policy), but that is something very, very different.

Re:Soon To Be Overturned! (1)

pixelpusher220 (529617) | more than 4 years ago | (#31708984)

The Post Office's JOB is to transport your mail. So no they don't have a right to open and read it. Besides the Constitution and laws specifically exist to prohibit this; no such law exists for doing things with a private companies assets.

Your employer is not tasked with sending/delivering your electronic mail. Therefore anything going over their *private* network is indeed fair game for them. They do not have a right to access her yahoo mail account itself, but certainly they can intercept and read anything traveling over their network to and from that yahoo email account.

If my lunch is in my company's fridge, they can access it. If it is in my personal bag, they cannot unless they have some sort of policy allowing for blatant search and seizure; i.e. default is for personal privacy. But using the company resources opens up their right to see what you are doing.

If you access yahoo email via your personal laptop over your personal wi-fi connection (not over company network) then no they can't see it because you aren't using anything of theirs. Extreme cases of argument could involve whether the laptop was plugged in using company electricity, but obviously that's extreme as I said.

Re:Soon To Be Overturned! (1)

civilizedINTENSITY (45686) | more than 4 years ago | (#31709128)

"But using the company resources opens up their right to see what you are doing. "

Well but if they can't listen to your personal phone call even though its a company phone, why should email be different?

Re:Soon To Be Overturned! (2, Informative)

pixelpusher220 (529617) | more than 4 years ago | (#31709254)

Are they prohibited from listening to personal calls made on a company phone?

Linky [privacyrights.org]

"An important exception is made for personal calls. Under federal case law, when an employer realizes the call is personal, he or she must immediately stop monitoring the call. (Watkins v. L.M. Berry & Co., 704 F.2d 577, 583 (11th Cir. 1983)) However, when employees are told not to make personal calls from specified business phones, the employee then takes the risk that calls on those phones may be monitored."

So if they tell you not to do it, they can monitor if you make calls. Decidedly a gray area me thinks which means, yes they can.

Re:Soon To Be Overturned! (1)

vux984 (928602) | more than 4 years ago | (#31709400)

If my lunch is in my company's fridge, they can access it. If it is in my personal bag, they cannot

That makes no sense. What if your lunch is in your personal bag, and your personal bag is in the company fridge?

If you access yahoo email via your personal laptop over your personal wi-fi connection (not over company network) then no they can't see it because you aren't using anything of theirs.

What if you are explicitly allowed to use the company laptop and network for personal use during breaks provided within an acceptable use policy framework?

And is this a two way street? If I take the company backups to an offsite location via my personal car, am I now entitled to go through all the contents and make copies for myself? After all, they are using something of mine to transmit the data.

Re:Soon To Be Overturned! (1)

pixelpusher220 (529617) | more than 4 years ago | (#31709598)

That makes no sense. What if your lunch is in your personal bag, and your personal bag is in the company fridge?

Case in point, it's in the company fridge so it's fair game. What it is inside is irregardless at that point. Your personal bag is your personal property, not like the fridge. You have no expectation of privacy in a communal refrigerator, period.

What if you are explicitly allowed to use the company laptop and network for personal use during breaks provided within an acceptable use policy framework?

You may be 'allowed' to do many things, however that doesn't forfeit the company's right to do what they wish with *their* property. If you have a signed legal agreement that will certainly be a mitigating factor, but that is not the case here I don't believe.

And is this a two way street? If I take the company backups to an offsite location via my personal car, am I now entitled to go through all the contents and make copies for myself? After all, they are using something of mine to transmit the data.

If you are taking backups offsite, I'm quite sure you have signed non-disclosure agreements rendering your 'rights' less useful. Likewise, that would be in execution of your corporate duties which is not the case when you are reading personal email on a company computer. If your company was using your internet connection to route traffic, then barring agreements to the contrary, yes you can snoop on that traffic moving back and forth. It's *your* network.

Or more simply, if your neighbor uses your wifi connection, he has no expectation of privacy even if you granted him permission to do it.

Narrow interpretation (1, Insightful)

religious freak (1005821) | more than 4 years ago | (#31708596)

Interesting, but I'm not going to get too worked up about it without reading the actual ruling. Attorney / Client communication is the one of the most privileged under the law. Unless the court wrote the opinion in such a way as to explicitly broaden the scope of "privileged information from personal email accounts", this is likely to be interpreted narrowly (or, at least, an argument can be made that the decision should be narrow).

Re:Narrow interpretation (5, Informative)

TubeSteak (669689) | more than 4 years ago | (#31708810)

MARINA STENGART v. LOVING CARE AGENCY, INC., [and others]
http://www.employerlawreport.com/uploads/file/Steingart%20v_%20Loving%20Care.pdf [employerlawreport.com]

As part of the employment relationship, the company
provided plaintiff with a laptop computer and a work email
address. Prior to her resignation, plaintiff communicated with
her attorneys
, Budd Larner, P.C., by email. These communications
pertained to plaintiff's anticipated suit against the company
,
and were sent from plaintiff's work-issued laptop but through
her personal, web-based, password-protected Yahoo email account.
After plaintiff filed suit, the company extracted and
created a forensic image of the hard drive
from plaintiff's
[New Page]
computer. In reviewing plaintiff's Internet browsing history,
an attorney at Sills Cummis
discovered and, as he later
certified, "read numerous communications between [plaintiff] and
her attorney from the time period prior to her resignation from
employment with [the company]."
Sills Cummis did not advise
Budd Larner that the image extracted from the hard drive
included these communications.

Many months later, in answering plaintiff's
interrogatories, the company referenced and included some of
plaintiff's emails with her attorneys
.

That sounds like the type of shit that should get the company lawyer disbarred.
Reading the facts of the case, I'm not at all surprised the Judge ruled the way he did.

Re:Narrow interpretation (-1, Troll)

arbiter1 (1204146) | more than 4 years ago | (#31709126)

the info was stored on the laptop when she Gave it back so sounds like she pretty much handed the emails over to them, cause she didn't have the brains to know pretty much anything you do on a computer is stored on the drive for a period of time is no excuse.

Re:Narrow interpretation (1)

corbettw (214229) | more than 4 years ago | (#31709352)

This is why, whenever I've turned in a company laptop (even if just exchanging it for a new one), I'll boot off a CD (or floppy, back in the day) and run "dd if=/dev/zero of=/dev/hda" or the equivalent. Gets rid of everything on there, incriminating or not.

Sounds like they read her CACHE (0)

Anonymous Coward | more than 4 years ago | (#31709384)

Here is something new that nobody has talked about. The company didn't monitor her private emails. Instead, here emails were left on here computer by her.

So technically, the information was saved in the company's asset and although it may not be ethical, I don't see how accessing the files could be seen as illegal. Anything inside the company's computer legally belong to the company.

After all, a company can get sued because an ex-employee installed his personal software on a computer, software for which the company didn't pay a license. That means that the courts already decided that the company owns and is responsible for any data in their computers.

Re:Narrow interpretation (1)

TubeSteak (669689) | more than 4 years ago | (#31709924)

Oops, that was the Appellate Court decision
Here's the NJ Supreme Court decision:
http://www.judiciary.state.nj.us/opinions/supreme/A1609StengartvLovingCareAgency.pdf [state.nj.us]

FYI: The actual opinion is prefaced by a Clerk's summary which tells you where in the opinion to look.
Spoiler: The NJSC sent the case back to the Appellate Court to decide what, if any, sanctions to impose on the company's lawers.

Course the government could just ask to see it. (1)

sabs (255763) | more than 4 years ago | (#31708604)

How does this mesh with the other ruling that says that you have no expectation of privacy if your email is stored on a third-party server?

Re:Course the government could just ask to see it. (2, Informative)

demonlapin (527802) | more than 4 years ago | (#31708620)

This is her company, not the government.

Re:Course the government could just ask to see it. (1)

proslack (797189) | more than 4 years ago | (#31709068)

The branch of the federal government that I work for has no problem with employees using government equipment to check personal emails (as long as it isn't abused). Porn, logging into personal financial sites, and trading stocks are about the only things specifically proscribed. Web-use at work is logged but not reviewed (there's too much of it and, being a research center, the sites accessed can be a bit eclectic), but there isn't anybody reading over my shoulder if I use my laptop at home. Of course there isn't a time-clock here and most of us happily work more than 40 hours a week (science research), so my situation may be an anomaly. That said, one of my buddies is an Army Major and he uses his laptop for personal stuff too, so maybe not. I guess it's kind of like a fringe benefit. I've worked in the private sector and things weren't any different there; people use the internet throughout the day for a variety of purposes, private and business. A company that has a policy against its employees using assigned laptops for personal internet use (especially after hours) is out of touch with reality. Most people are working more than 40 hours, so it isn't reasonable to expect them not to take care of personal business periodically during the work day.

Re:Course the government could just ask to see it. (1)

BitZtream (692029) | more than 4 years ago | (#31709288)

The policy isn't against the use, its simply a statement that what you do on your company issued laptop isn't private, regardless of what it is.

Re:Course the government could just ask to see it. (1)

Itninja (937614) | more than 4 years ago | (#31709524)

But all it takes are a couple knobs playing some FPS during company time, and getting caught by the CEO. Then, in typical EMT style, there's an overreaction and everyone gets hit with the personal use ban-hammer. Kind of like dress codes. They are usually pretty relaxed until that one weirdo in the office (and every office has one) wears Daisy Dukes to work and POW! It's business attire only for a couple of years....

Re:Course the government could just ask to see it. (1)

stonewallred (1465497) | more than 4 years ago | (#31709790)

Sort of silly saying you work over 40 hours therefore you should be allowed to steal from the company; by doing personal business while being paid to work. I have employees, and I do understand them using the laptop to check their emails, or stopping by the bank during the day. But both of those activities are something I allow, not something I am required to permit. And my techs work over 40 hours, usually closer to 60, at least 9 months out of the year. Guess what, I have to pay them for those hours. They are not doing it out of kindness, or because they love the job. They do it because they get compensated for their work. Get out of the office and put in a few 14-18 hour days working in a -30deg F freezer, trying to fix a TXV while wearing a full arctic suit, or spending 8 plus hours on a black rubber roof on a 100 deg F day working on replacing a refrigeration system. Then you can complain about working over 40 hours. Until then, what you do is not "work", it is employment which involves mostly sitting on your ass.

This is ridiculous!!! (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#31708612)

THE COMPANY OWNS THE MACHINE! SHE USED IT FOR A PURPOSE SHE WAS NOT AUTHORIZED!

Charge the bitch with hacking, conversion, theft, etc. She deserves to spend time in jail for her crimes.

Re:This is ridiculous!!! (1)

MobileTatsu-NJG (946591) | more than 4 years ago | (#31709894)

One man's flamebait is another man's satire.

This Is Good News (1)

DarkKnightRadick (268025) | more than 4 years ago | (#31708624)

In an era where privacy is slowly being eroded online, it's good to see a judge take a stand and at least draw the line somewhere.

Not surprised.... (0)

Anonymous Coward | more than 4 years ago | (#31708640)

This isn't a shock. Even if the employee implicitly granted access to his employer you would still then have to deal with the employer gaining access to a service without authentication from its actual owner (e.g. Google, Yahoo!, Hotmail).

Or to put it another way:
Google Mail grants Bob Smith one mailbox.
Bob Smith grants (implicitly) his employer's use of his one mailbox
However Google Mail never granted Bob Smith's employers any access rights (so thus they're unlawfully accessing Google's services)

So EVEN IF the employee did give their employer access it is still illegal and still "hacking."

Networks and proxies and firewalls oh my (0, Troll)

Stargoat (658863) | more than 4 years ago | (#31708644)

Networks and proxies and firewalls oh my.

A person has no reason to expect anonymity on a computer or network that is not their own. Any key tracking software cannot differentiate between personal e-mail and work. Further, any firewall will not be able to differentiate either.

And what happens when a person uses personal e-mail addresses for work related happenings?

These sorts of nonsensical babblings are what happens when antediluvian luddites make important and lasting decisions in regards to technology they are in no way capable of comprehending - let alone understanding.

Instead, the court should have asked: if Stengart had left a written letter to her attorney in her desk when she left Loving Care, could Loving Care have used that letter in preperation for court cases?

But no. These ignorant technophobes said, "If there is a password, you should expect privacy." Moronic. Perfectly Moronic.

Expectations of privacy (5, Insightful)

sjbe (173966) | more than 4 years ago | (#31708702)

A person has no reason to expect anonymity on a computer or network that is not their own.

That's rather like saying you have no reason to expect privacy because you rent an apartment instead of owning a house. You send letters through the postal service which is a network you don't own either but you still have an expectation of privacy in many cases. I'm not sure the logic of your argument is on solid footing there.

I agree that she was probably naive in assuming that the company couldn't read her correspondence. Many people assume email is much more private than it actually is. Ignorant but probably nothing worse.

Re:Expectations of privacy (-1, Offtopic)

Stargoat (658863) | more than 4 years ago | (#31708818)

When you rent, you have entered into a contract that you control the apartment you are in. That is to say, you have a reason to expect privacy.

But if you live in someone else's house without paying rent, and they walk on you on the crapper, then that's kinda to be expected.

Re:Expectations of privacy (1)

icebraining (1313345) | more than 4 years ago | (#31709060)

When you are an employee, you usually enter a contract too. And just because it's not explicit in the contract, doesn't mean it's OK for them to trample your privacy.

Re:Expectations of privacy (1)

drsmithy (35869) | more than 4 years ago | (#31709166)

But if you live in someone else's house without paying rent, and they walk on you on the crapper, then that's kinda to be expected.

If you have someone boarding with you, and you setup a hidden camera to watch them on the toilet, I sincerely doubt the law is going to come down on your side if it goes to court based on the argument "it's my house, I can do what I want".

Re:Expectations of privacy (1)

Imagix (695350) | more than 4 years ago | (#31708902)

You send letters through the postal service which is a network you don't own either but you still have an expectation of privacy in many cases. I'm not sure the logic of your argument is on solid footing there.

Flawed analogy. When you send your postal mail, you contracted with the postal service that they won't open your letter. Not so with most corporate computers and networks that I've heard of. Most corps that I know/heard of pretty much explicitly state they they can and will monitor their network.

REASONABLE privacy (2, Insightful)

sjbe (173966) | more than 4 years ago | (#31709054)

Flawed analogy. When you send your postal mail, you contracted with the postal service that they won't open your letter.

All analogies are flawed. Doesn't mean they are useless. To address your criticism however, you missed the point of my analogy which is that just because you don't own a network does not mean you have no expectation of privacy at any time. It's just not that simple.

Most corps that I know/heard of pretty much explicitly state they they can and will monitor their network.

That's a FAR different thing from saying the corporations have a right to monitor anything they want without limitation. Companies generally don't have a right to install a camera to watch me take a crap. It violates the principle of reasonableness. There are limits to how intrusive monitoring can get. This ruling says that this company violated one of those limits.

Re:Expectations of privacy (2, Insightful)

icebraining (1313345) | more than 4 years ago | (#31709084)

Most corps that I know/heard of pretty much explicitly state they they can and will monitor their network.

They can say what they want. Doesn't mean it's legal.

Re:Expectations of privacy (0)

BitZtream (692029) | more than 4 years ago | (#31709322)

That's rather like saying you have no reason to expect privacy because you rent an apartment instead of owning a house

No its not, not even a little. The home owner/apartment dweller is paying for services. Interestingly enough, landlords do have access to apartments, given notice.

The employee is getting paid for services, and most certainly part of the employement contract makes it clear that work equipment is works property to do with whatever it wants.

The post office is a special network, with special laws governing it. Its not a company its a government organization. FedEx and UPS are not bound by those rules except by volunteering to do so. Its a federal crime to screw with someones mail, its not to do it with fedex or ups.

Rental agreements are another special case as you are basically 'the owner' as long as you honor your contractual obligations. I assure you, the instant you don't pay your rent and get evicted, you've lost every bit of 'privacy' you had, and they'll be cops at your door to tell you just how much privacy you've lost as they physically remove you from the property so someone else can come in and go through your shit, throw away stuff, sell stuff, whatever.

You really are confused about the way the world actually works.

Re:Networks and proxies and firewalls oh my (3, Insightful)

jjoelc (1589361) | more than 4 years ago | (#31708972)

Instead, the court should have asked: if Stengart had left a written letter to her attorney in her desk when she left Loving Care, could Loving Care have used that letter in preperation for court cases?

Actually, if the letter was still in a sealed, addressed envelope... Then she could reasonably expect that the company would not be able to open it and read the contents, much less use anything they read in court. If the letter was NOT sealed it would be a different story.

IANAL, but I would think that the correlation of sealed envelope -> password protected personal email account would be an easy one to make.

Re:Networks and proxies and firewalls oh my (2, Insightful)

MontyApollo (849862) | more than 4 years ago | (#31709018)

From reading the article, it looks like it has nothing to do with networks and proxies and firewalls (oh my). They scanned her hard-drive and probably found them in the browser cache. Since it was a laptop, it entirely possible, if not likely, that she emailed her attorneys from home using her own network.

Still company's asset (0)

Anonymous Coward | more than 4 years ago | (#31709450)

In that case, it is still the company's asset she was using. The cache files kind of belong to the company when she didn't erased them.

what you CAN do vs. what you are ALLOWED to do (3, Insightful)

civilizedINTENSITY (45686) | more than 4 years ago | (#31709198)

If she left a sealed, stamped letter to her lawyer I would expect them NOT to open it. If she talked to her lawyer and the company overheard the conversation, I would expect their knowledge gained to be like unto "fruit of the poisoned tree", and disallowed. There is a big difference between what you CAN do and what you are ALLOWED to do. People who do what isn't ALLOWED because they realize they CAN, in a country under the rule of law, should expect to be punished when they are caught.

This is why I like gmail (0)

Anonymous Coward | more than 4 years ago | (#31708776)

While I might not like that google reads all my email, at least I can be sure that it gets from their servers to my computer without being read by snoopers.

(Obviously endpoint security is questionable, especially using a company laptop.)

Re:This is why I like gmail (1)

franl (50139) | more than 4 years ago | (#31709216)

While I might not like that google reads all my email, at least I can be sure that it gets from their servers to my computer without being read by snoopers.

Unless you verify that the cert your browser gets for mail.google.com has not been replaced by SSL interception software, you cannot be certain your mail isn't being snooped by your employer (or even your employer's upstream provider). A nice tool for detecting changed SSL certs is the Certificate Patrol add-on for Firefox (https://addons.mozilla.org/en-US/firefox/addon/6415).

Consent to Monitor? (1)

stewbacca (1033764) | more than 4 years ago | (#31708794)

IANAL, but don't I give consent to monitoring when prompted by nearly any government computer system (and any private corporations who do something similar)? If I don't want to be monitored, I don't use that system...seems simple enough.

l2federalism (1)

Rydia (556444) | more than 4 years ago | (#31708806)

"ruling from the New Jersey Supreme Court ... is likely to set precedent for other workplace privacy cases around the country."

No, it's likely (100% likely, in fact!) to set precedent for other workplace privacy cases in New Jersey. For the rest of the country, it sets nothing, even if it might be useful for other courts dealing with similar problems.

Unless, of course, poster is just being ridiculous optimistic and think that the logic of this ruling is so impressive that all other judges will simply bow in awe and follow it. To which the only response is: d'awwwwww.

Re:l2federalism (2, Insightful)

Attila Dimedici (1036002) | more than 4 years ago | (#31709066)

Actually, other state courts are likely to follow this precedent for two reasons. One, it applied to attorney-client communication (judges are lawyers, as such they tend to favor rulings that protect lawyers). Two, it appears to be a carefully worded and reasoned ruling with a fairly specific, limited scope (judges are human, as such if there is an easy way to make a ruling that they can do by little more than cut and paste, they will).
As my second point notes this is a narrow ruling, as such even if it does influence courts in other states that influence is likely to be limited to very similar cases. Ultimately, the primary result of this ruling will be a re-wording of company policies to allow them to do what this company did.

Re:l2federalism (1)

nomadic (141991) | more than 4 years ago | (#31709348)

One, it applied to attorney-client communication (judges are lawyers, as such they tend to favor rulings that protect lawyers).

Actually attorney-client privileges are intended to protect the client, not the lawyer. The privilege belongs to the client, in fact, who may waive it if he or she wishes.

New jersey did something right (1)

slimjim8094 (941042) | more than 4 years ago | (#31708906)

Finally my home state shows some common sense. Though this is a state supreme court, not federal, so I don't know how much precedet it will be.

This is a special case, not the norm. (1)

jtownatpunk.net (245670) | more than 4 years ago | (#31709014)

It's communication between an individual and their attorney. That's legally protected six ways from Sunday far beyond normal communication. I'm pretty sure that is the thing that saved her.

It's absolutely dumb to be sending and receiving personal mail on work computers. Doubly so if you're communicating with a lawyer, discussing the possibility of filing a lawsuit against your company. I've seen some seriously dumb email usage in my day. Like using a company account to communicate with a mistress. That's my current favorite. :P I'm pretty sure I won't be allowed to filter out "my widdle pookie-wookie" if our email ever gets subpoenaed. In fact, there's a better chance of a subpoena requesting that phrase than excluding it.

Yey Privacy... (1)

gabereiser (1662967) | more than 4 years ago | (#31709036)

I doubt that this case would have gotten the attention it did had it not been for the fact that she emailed her lawyer. Attorney / Client privilege is something that US law takes seriously so kudos for her and kudos to the judge that recognized this, even if it was a battle over privacy...

Plxus 2,r Troll) (-1, Troll)

Anonymous Coward | more than 4 years ago | (#31709094)

and 3oders

NJ vs. rest of US states (1, Redundant)

MountainLogic (92466) | more than 4 years ago | (#31709134)

Is this tied close to something unique in NJ law or will this likely have broader influence with other state supreme courts?

I just gotta say... (1)

MrKaos (858439) | more than 4 years ago | (#31709698)

legalities and ethical issues aside...

when, the fuck, are people going to learn to use encryption for important stuff. I mean, seriously, it's not *that* hard.

Supreme Court (1)

DeanFox (729620) | more than 4 years ago | (#31709880)


I got excited when I glanced and read Supreme Court... I'm thinking NO WAY - they actually did the right thing?!?!?! Then realized it was just the New Jersey Supreme Court.

If this get appealed I'm prepared for it to be overturned by the U.S. Supreme Court. They're not one's to let personal privacy get in the way of well... anything.

-[d]-
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>