The U.S. Supreme Court’s recent grant of certiorari in City of Ontario, Ontario Police Department, and Lloyd Scharf v. Jeff Quon, et al. highlights the effects new technologies continue to have on workplace privacy issues. One issue the Court will consider is whether a California police department violated the privacy of one of its officers when it read the personal text messages on his department issued pager. The U.S. Court of Appeals for the Ninth Court sided with the police officer when it ruled that users of text messaging services “have a reasonable expectation of privacy” regarding messages stored on the service provider’s network.

The underlying suit was filed by police Sgt. Jeff Quon, his wife, his girlfriend, and another police sergeant after one of Quon’s superiors audited his messages and found that many of them were sexually explicit and personal in nature.   Among the defendants were the City of Ontario, the Ontario Police Department, and Arch Wireless Operating. Co. Inc. Plaintiffs sought damages for alleged violation of their privacy rights.

While this case involves a public sector entity, its outcome is likely to affect electronic communications policies and practices across the country, whether by public or privacy employers.  

Arch Wireless contracted with the employer, the City of Ontario, California, to provide text-messaging services using pagers. The City distributed the pagers to various employees, including Jeffery Quon, a Sergeant in the Ontario Police Department. Quon, along with other employees, signed an "Employee Acknowledgment" of the City’s general "Computer Usage, Internet, and E-mail Policy" which stated that the City reserved the right to "monitor and log all network activity including e-mail and Internet use, with or without notice," and that "[u]sers should have no expectation of privacy or confidentiality when using these resources." Quon also attended a meeting during which a police Lieutenant stated that pager messages "were considered e-mail, and that those messages would fall under the City’s policy as public information and eligible for auditing." While each pager was allotted a certain number of characters per month, Quon exceeded his allotment on several occasions. The Lieutenant attempted to determine whether the overages were business-related and obtained transcripts of text messages for the employees with overages. After auditing the transcripts provided by Arch Wireless the matter was referred to the City’s Internal Affairs agency, which determined that Quon exceeded his monthly character allotment and many of his messages were personal and not business-related.

While the district court ruled that the plaintiffs had a reasonable expectation of privacy in their text messages, it held a trial on the issue of the employer’s intent in conducting the search. If the search was to uncover misconduct rather than to determine character allotment overages, it would be a violation of the plaintiffs’ privacy rights. The jury found that the employer’s intent was to determine character allotment overages, and the court entered judgment in favor of the employer. The plaintiffs appealed.

The Court of Appeals for the Ninth Circuit, addressing whether Quon had a reasonable expectation of privacy in the text messages, held that he did because the City:

·         had a practice of not reviewing the messages if employees paid the overage charges, and

·         did not review Quon’s messages even though he exceeded the character allotment several times. 

Significantly, the court held that the City’s practice trumped its own written policy, its employees’ acknowledgements that they had no privacy interest in electronic communications, and its statements in staff meetings that it viewed text messages as e-mail.

To determine if the search was reasonable, the court evaluated whether the search was "justified at its inception, and whether it was reasonably related in scope to the circumstances which justified the interference in the first place." Although the appellate court agreed that there were reasonable grounds for conducting the search, it found the scope of the search unreasonable. The court found overbroad the City’s review of the actual messages to determine the number of characters used. Because the City reviewed the content of all the messages, the search was excessively intrusive and violated the plaintiffs’ Fourth Amendment rights and rights under the California Constitution, the court held.

The Supreme Court will examine whether the Ontario Police Department’s employees should expect privacy for personal text messages they send and receive on police pagers and whether the Department’s official “no-privacy” policy conflicts with its informal policy of allowing some personal use of pagers. The Supreme Court will also look at whether the Circuit Court’s decision bypassed Supreme Court precedents and created a circuit conflict when it analyzed whether police brass could have used “less intrusive methods” of reviewing the officer’s text messages. 

Estimates are that 100 million people will utilize text messages in 2010. As a first step, employers must be prepared with comprehensive computer and electronic equipment usage policies. Further, as this case illustrates, it is critical that practices and policies be consistent, and that policies reflect current technologies. Employers also should consider requiring employees to acknowledge receiving and reviewing these and similar policies and procedures, particularly as new technologies are introduced.. While this area of the law remains unsettled, a well drafted policy will serve to lower an employee’s expectation of privacy when using employer owned equipment, although it remains to be seen what the Court will hold. 

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Jason C. Gavejian Jason C. Gavejian

Jason C. Gavejian is a principal in the Berkeley Heights, New Jersey, office of Jackson Lewis P.C. and co-leader of the firm’s Privacy, Data and Cybersecurity practice group. Jason is also a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy…

Jason C. Gavejian is a principal in the Berkeley Heights, New Jersey, office of Jackson Lewis P.C. and co-leader of the firm’s Privacy, Data and Cybersecurity practice group. Jason is also a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy Professionals.

As a Certified Information Privacy Professional (CIPP/US), Jason focuses on the matrix of laws governing privacy, security, and management of data. Jason is co-editor of, and a regular contributor to, the firm’s Workplace Privacy, Data Management & Security Report blog.

Jason’s work in the area of privacy and data security includes counseling international, national, and regional companies on the vast array of privacy and security mandates, preventive measures, policies, procedures, and best practices. This includes, but is not limited to, the privacy and security requirements under state, federal, and international law (e.g., HIPAA/HITECH, GDPR, California Consumer Privacy Act (CCPA), FTC Act, ECPA, SCA, GLBA etc.). Jason helps companies in all industries to assess information risk and security as part of the development and implementation of comprehensive data security safeguards including written information security programs (WISP). Additionally, Jason assists companies in analyzing issues related to: electronic communications, social media, electronic signatures (ESIGN/UETA), monitoring and recording (GPS, video, audio, etc.), biometrics, and bring your own device (BYOD) and company owned personally enabled device (COPE) programs, including policies and procedures to address same. He regularly advises clients on compliance issues under the Telephone Consumer Protection Act (TCPA) and has represented clients in suits, including class actions, brought in various jurisdictions throughout the country under the TCPA.

Jason represents companies with respect to inquiries from the HHS/OCR, state attorneys general, and other agencies alleging wrongful disclosure of personal/protected information. He negotiates vendor agreements and other data privacy and security agreements, including business associate agreements. His work in the area of privacy and data security includes counseling and coaching clients through the process of investigating and responding to breaches of the personally identifiable information (PII) or protected health information (PHI) they maintain about consumers, customers, employees, patients, and others, while also assisting clients in implementing policies, practices, and procedures to prevent future data incidents.

Jason represents management exclusively in all aspects of employment litigation, including restrictive covenants, class-actions, harassment, retaliation, discrimination, and wage and hour claims in both federal and state courts. He regularly appears before administrative agencies, including the Equal Employment Opportunity Commission (EEOC), the Office for Civil Rights (OCR), the New Jersey Division of Civil Rights, and the New Jersey Department of Labor. Jason’s practice also focuses on advising/counseling employers regarding daily workplace issues.

Jason’s litigation experience, coupled with his privacy practice, provides him with a unique view of many workplace issues and the impact privacy, data security, and social media may play in actual or threatened lawsuits.

Jason regularly provides training to both executives and employees and regularly speaks on current privacy, data security, monitoring, recording, BYOD/COPE, biometrics (BIPA), social media, TCPA, and information management issues. His views on these topics have been discussed in multiple publications, including the Washington Post, Chicago Tribune, San Francisco Chronicle (SFGATE), National Law Review, Bloomberg BNA, Inc.com, @Law Magazine, Risk and Insurance Magazine, LXBN TV, Business Insurance Magazine, and HR.BLR.com.

Jason is the co-leader of Jackson Lewis’ Hispanic Attorney resource group, a group committed to increasing the firm’s visibility among Hispanic-American and other minority attorneys, as well as mentoring the firm’s attorneys to assist in their training and development. He also previously served on the National Leadership Committee of the Hispanic National Bar Association (HNBA) and regularly volunteers his time for pro bono matters.

Prior to joining Jackson Lewis, Jason served as a judicial law clerk for the Honorable Richard J. Donohue on the Superior Court of New Jersey, Bergen County.