US MySpace ruling indicates need for employer caution over privacy

In the first case of its kind, the US District Court in New Jersey has ruled an employer that requested access to an online discussion group devoted to employee complaints may have violated its employees’ rights to privacy.

The two plaintiffs, Brian Pietrylo and Doreen Marino, were dismissed by restaurant chain Houston’s after their employer accessed their comments on a MySpace group page called Spec-Tator. The page was used by employees to rant about Houston’s management and made reference to violence and illegal drug use at restaurants.

Senior management heard about the site and asked an employee to provide personal login information to enable access to it.

In rejecting the employer’s claim, the court decided that it was open to a jury to find that the employee had provided her access information under duress, and that the employees involved had a “reasonable expectation” of privacy, which their employer had illegally violated.

What’s the UK legal position on this sort of issue?

This case involves familiar issues for employers in the UK. Just last year, Virgin Atlantic dismissed 13 members of its cabin crew for making inappropriate comments – such as referring to passengers as “chavs” – on Facebook.

In the UK (as in the US), the primary issue for employers in deciding whether to intrude into an employee’s use of a networking site is one of privacy. Article 8 of the Human Rights Act 1998 provides that every person has the right to respect for his private life, his home and his correspondence. This right shall not be interfered with unless it is “in accordance with the law and is necessary in a democratic society… for the protection of the rights and freedoms of others”.

While this is not directly binding on employers, it is open to a court or tribunal, as a public body subject to the provisions of the Act, to exclude altogether evidence gathered by an employer in breach of Article 8. Therefore, an employer could find itself with no means of defending an action by an employee.

Employers should also be aware that it is potentially a criminal offence to intercept employees’ communications. Monitoring should only occur with consent, and purely to determine whether the e-mail forms part of the employer’s legitimate business.

In Copland v UK [2007] ECHR 253, the European Court of Human Rights emphasised the need for clear workplace policies as a means of managing employees’ expectations of privacy.

For UK employers, the key is to set out a comprehensive policy covering issues such as the use of social networking sites and a clear indication of the sanctions for unacceptable behaviour. This applies equally to job applicants, who should be informed if the employer intends to search for information about them online.

A balanced approach is one aimed at protecting against reputational damage, harassment and breaches of confidentiality. A tribunal is unlikely to side with an employer concerned because an employee’s Facebook profile states they are bored with their job.

Michael McCartney, senior associate, Dechert

Comments are closed.