Jeremy Masys

Erotic Data on Employee Smartphones: What Can an Employer Do?

The topic of teachers getting into trouble over sex-related matters has become almost a sub-genre of American journalism for several decades now. In the late 1990’s, Washington schoolteacher Mary Kay Letourneau became a tabloid feature and served six years in prison after it was discovered she had engaged in sexual relations with her 12-year old student (who she later married), and, since then, the media have picked up on what feels like a never-ending exposure of similar stories, so much so that SNL spoofed the phenomenon last year (which some thought was in extremely poor taste).

In more recent years, however, the predominant narrative played out in the media has been teachers being penalized for racy images of non-school related activities becoming known via the internet. Just a sampling of these include:

  • A Florida high school English teacher was fired when photos of her posing as a lingerie and swimsuit model were brought to the attention of the school principal
  • A NYC special education teacher was fired after it was discovered that he used his school email account to arrange sexual liaisons via Craigslist and posted racy videos of himself on Youtube
  • A 37-year-old Manhattan guidance counselor was fired after 12 years of service when lingerie photos she had modeled for between the ages of 18 to 20 popped up on unauthorized photo sites

Note that, with all the above instances, the affected employee voluntarily allowed the image of themselves to be made public, at least at some point in time. This week, however, Leigh Anne Arthur, a teacher in South Carolina was forced to resign over semi-nude photos that she never intended to circulate, and that she had merely stored on her phone. The pictures came to the school’s attention when a 16-year old student took the teacher’s phone off her desk while she was way, found the photos, then texted them to others and uploaded them to social media. On the one hand, Arthur was the victim of a student’s illegal actions, and the pictures would never have been seen but for the student’s theft of them. On the other hand, though, Arthur did bring a device into school carrying the photos and left it in a place where students could gain easy access to them.

If a teacher had brought in a Penthouse magazine in a sealed brown paper bag, and left it on his desk, only to have the bag stolen and opened by a student, would we feel it would be wrong to penalize him? Or is there something different about digital images stored on a phone? The story raises questions about how employers should deal with the data brought into the workplace every day on employee’s phones and other devices.

What Right Do Companies Have to Inspect Data on Their Employees’ Phones, Tablets, and Laptops?

With the advent of smartphones equipped with 1) cameras, 2) hard drives, 3) constant access to the internet, and 4) various rapid communication abilities (texting, emailing, etc.), employees are bringing a whole universe of data into work with them, including all kinds of images and media that would get them sent straight to HR if it were sitting out on their desk, or even if it were found in their files or on their hard drive.

There is of course a difference in keeping tabs on what employees store digitally on their phones at work compared to what’s out for others to see and what’s kept on company property. Although what that difference is exactly can be hard to pinpoint. Even hazier are the legal and professional issues that are implicated.

The Fourth Amendment and the Reasonable Expectation of Privacy

Employees certainly have a heightened expectation of privacy in regards to the data that is on their phones. But whether that expectation translates into an enforceable right to privacy is a whole other question. The Fourth Amendment, which protect individuals from unreasonable searches and seizures, applies to government action and not to private actors. This means that, unless the employer is a government entity, the employee cannot argue that his or her constitutional rights are violated by the employer reading their personal emails or pursuing their photo collection on their phone. But for employees of governmental employers, they may successfully argue for a Fourth Amendment right against their employers gaining access to personal data on their phones. In the 2010 case of City of Ontario v. Quon, the Supreme Court affirmed that such a right existed for government employees, but found that the plaintiff in the case – a police sergeant who had been disciplined for sending sexually explicit text messages on a work-issued pager –  could not successfully assert a Fourth Amendment violation claim as the audit into his pager activities was “reasonable” as it related to his work. The late Justice Scalia, in a concurrence, criticized the court for giving far too vague of a sense of guidance for what exactly constitutes a reasonable search, and many commentators have agreed.

Private Employer Leverage and When to Exercise It

At any rate, private employers have a wider latitude than public employers with regard to accessing data from a constitutional perspective, but this of course does not mean private employers may simply grab an employee’s personal property and examine its contents without the employee’s consent. If the employee does not want to hand over a non-work personal phone, tablet, or laptop,  then the employer cannot demand that it be turned over, short of a court order. Nor can the employer monitor those devices without the employee’s consent (unless the employee’s communications are held out for others to observe, as in the case of a phone call in the break room or a printout of an email left on the copier).

But the employer of an at-will employee can certainly use continued employment at the company or other benefits as leverage to induce the employee to hand over a device for inspection by the company and/or its attorneys. If the employee would rather leave the company than turn over the contents of his or her cellphone, that is of course the employee’s right as well.

All of this discussion of employer and employee rights leaves out the very real matter of the ramifications for employee morale should  the employer demand access to an employee’s phone. People commonly treat their smartphones as both their security blanket and inner sanctum, thus employee fear of having a boss or HR professional reading through their phone’s contents can have a chilling effect that might best be reserved for use in situations where the company has serious stakes in discovering whatever might be on the phone.

  • Diversity, Employment Discrimination and Inclusion

    September 17, 2015

    Diversity in the workplace, a totally laudable goal, is actually harder to achieve than many employers appreciate, and ill-conceived or badly executed efforts can actually make things worse, opening the door to legal liability.  To …

  • The Consequences of Scraping Data From A Competitor [e221]

    September 07, 2015

    The guys discuss the lawsuit filed by PhantomAlert against Waze concerning accusations of data scraping a database. Transcript: NASIR: All right. Welcome to our podcast where we cover business in the news and add our legal twist. …

  • Nine Legal Strategies to Protect Your Brand

    June 25, 2015

    Perhaps you’re never dreamed of a Google or Facebook-sized business empire – multiple products generating multiple streams of income that seem to semi-magically renew themselves. Something a bit more modest might be fine as well. Whatever …

  • Product Liability 101 for Small Importers

    September 16, 2014

    Global sourcing has lots of exciting potential. The recent entry of Alibaba.com onto the global stage along with others such as the FITA Buy/Sell Exchange, Euro Pages and Global Sources seems to presage a new …

  • Must-Reads if You Are Thinking About Buying a Business

    September 18, 2014

    If you are thinking about buying a business, you must have lots of questions. Of course, you should get some help with this process -- from your banker, your attorney, your accountant, and possibly a …

  • What to do When a Customer Accuses an Employee of Theft

    July 02, 2015

    This is one of those managerial headaches that may make life on a desert island look attractive. You don’t want to lose the customer or expose your business to accusations of wrongdoing, but you also …

  • How One Business Was Awarded Money From An Untrue Yelp Review [e226]

    September 30, 2015

    Nasir and Matt talk about a judge in New York awarding a business owner $1,000 as a result of a bad Yelp review left by a disgruntled customer.  They also discuss a recent lawsuit appeal …

  • Can You Get Fired For Being Racist? [e215]

    August 17, 2015

    Nasir and Matt discuss how racism led to employees getting fired and another instance where a judge overturned a decision to terminate a racist employee. Transcript: NASIR: Okay. Welcome to our podcast where we cover business in …

  • How Businesses Can Fight Back Against Negative Social Media [e246]

    January 11, 2016

    Nasir and Matt kick off 2016 by discussing how one Indianapolis bar responded to a negative post on its Facebook page. Transcript: NASIR: Welcome to our podcast where we cover business in the news and add our …

  • When the Boss Sells the Company

    December 11, 2014

    I once worked for a company that had been rumored, maybe, at some distant time in the future, possibly, but not certainly, perhaps in connection with a potential sale or not, to be tentatively considering …

When the Employee or a Third-Party Circulates Personal Data

The above discussion relates to a company’s actions in retrieving the contents of an employee’s device, but, frankly, the far more common scenario is that an employee or a third-party with access to the employee’s data intentionally, inadvertently, or carelessly lets their private data out into the world on a small- or large-scale, and the images or other media comes back to reflect poorly on the organization, either internally or externally. This was the case with the South Carolina teacher and so many of the other examples we’ve seen in the media. In such cases the employer may still face legal and ethical issues over how it handles the matter, and specifically the actions it takes toward the employees. Here are a few areas of concern to think about:

Does the Data Provides Indicia of an Employee’s Protected Class? 

The EEOC has taken the position that the sex discrimination provisions of Title VII protect gay, lesbian, bisexual, and transgender employees from being fired or otherwise penalized at work based on their sexual orientation. Thus, if racy photos surface on the internet suggesting the employee belongs to one of these classes, then a company cannot legally fire or penalize an employee simply based on the fact that the images reveal the employee to exhibit a certain sexual orientation. If the organization would have taken the action toward the employee based on the photos regardless of the sexual orientation exhibited, then it is on safer ground, but the legitimate basis for the employment action should be made apparent.

Does the Released Data Highlight Security Problems Within the Company?

The hacking attack on Sony Pictures in December 2014 revealed many embarrassing details about Sony employees and others associated with Sony. While not an attack on data from personal devices, the hack revealed significant deficiencies with the company’s internal security systems, and Sony Pictures ultimately reached an undisclosed settlement with employees affected by the hack. In the case of an employee’s data being breached by having damaging information floating around, the company will want to look at the nature of the breach, and determine whether company employees or deficient security systems are at fault in the release of the employee’s data.

Does the Released Data Suggest the Employee is a Victim? 

Related to the above concern, an overall question to be addressed in determining how to deal with an employee whose questionable photos or similar data is publicly available is to inquire into who exactly posted the info and why. We live in a time when online harassment and stalking is rampant, and this is particularly sickening in the area of so-called “revenge porn,” a practice by which individuals post private nude photos of others without their consent and often with their full names as a means of intimidation and/or harassment. Victim’s lives have been significantly damaged by such acts, and numerous states have acted to criminalize the practice. While a company may not be legally in the wrong for taking action against an employee whose photos were posted against their will, it may want to consider the implications and optics of taking adverse action against a party based on the tortious and/or criminal act of making an unauthorized post of a private photo.

Protecting Employees and Employers in the Digital Age

Prior to the smartphone and social media age, it was easier for both employees and employers to keep personal and professional matters separate. What happened in Vegas stayed in Vegas. But with iPhones and Instagram, that’s no longer the case, and both employers and employees need to adjust. Employees must become more careful about the images they bring into the workplace (for starters, turn on your passcode locks…) and employers are advised to be more direct in communicating corporate policies regarding the use and spread of private images and media inasmuch as it reflects upon the organization as a whole.

 

 

Read More