A terminated executive who accessed co-worker emails in the process of reporting possible company wrongdoing lost his appeal on several grounds. In Brown Jordan Intl, Inc. v. Carmicle, the Eleventh Circuit found that the employee violated both the Stored Communications Act (SCA) and the Computer Fraud and Abuse Act (CFAA).

Carmicle reported to the company concerns about the preparation of a second set of financial projections to the detriment of shareholder value. Carmicle acknowledged that he obtained much of the information by secretly accessing co-worker emails. He did so by using a universal password issued as part of an email conversion after employees failed to create their own personal password. Carmicle subsequently was terminated after an investigator found his allegations of impropriety were without merit (among other reasons).

The appellate court upheld the ruling that Carmicle violated the CFAA despite his argument that Brown Jordan suffered no “loss” as required by the law. Carmicle argued that there was no damage because the company did not experience an “interruption of service” and there was no damage to the computers.   However, the company maintained it suffered a loss by, among other things, engaging an outside consultant to assess how Carmicle accessed the emails. Based on this expense, the appellate court found the company sustained a “loss” under CFAA. The court held that “loss” can include the reasonable costs incurred in connection with responding to a violation, assessing the damage done, and restoring the affected data to the condition prior to the violation.

Finally, the court rejected Carmicle’s argument that his access was authorized under the SCA based on a company policy stating that employees have no expectation of privacy and that the company has the right to monitor email communication. The Eleventh Circuit found that it would be “unreasonable” to permit someone to exploit a generic password to access emails without prior authorization and without any suspicion of wrongdoing.

Notwithstanding the outcome in this case, companies are reminded to take steps to ensure privacy protocols are in place and up-to-date. In this day and age, it is reasonable to assume that someone – whether from outside the company or within – may seek access to your network.

Tags: 11th Circuit, email access, password, password sharing, privacy practices, terminated employment
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Jeffrey M. Schlossberg Jeffrey M. Schlossberg

Jeffrey M. Schlossberg is a Principal in the Long Island, New York, Office of Jackson Lewis P.C. Mr. Schlossberg has devoted his entire career to the employment law field. He is a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy…

Jeffrey M. Schlossberg is a Principal in the Long Island, New York, Office of Jackson Lewis P.C. Mr. Schlossberg has devoted his entire career to the employment law field. He is a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy Professionals and is an editor of the firm’s EPL Risk Mitigation Blog.

Mr. Schlossberg has extensive experience in handling all aspects of the employer-employee relationship. Areas of concentration include: employment discrimination prevention and litigation; workplace harassment policy development and compliance; social media and information privacy in the workplace; family and medical leave; disability matters; wage and hour investigations and litigation; non-competition agreements; and corporate mergers and acquisitions.

Mr. Schlossberg has defended against claims such as sexual harassment, age, race, national origin and disability discrimination for public and private companies in industries such as media, technology, airline, aircraft components, restaurants, supermarkets, securities, medical, manufacturing, cosmetics, food processing, software, clothing, vitamins and nutritional products, and many other employers of varying size throughout the metropolitan area and across the country.

Mr. Schlossberg lectures frequently about various topics to trade and professional associations, such as the Hauppauge Industrial Association. Mr. Schlossberg is also an active member of the Nassau County Bar Association and is a Past Chair of the Nassau County Bar Association Labor & Employment Law Committee.

Mr. Schlossberg is an appointed member of the Employment Law Panel of arbitrators for National Arbitration and Mediation.

Read more about Jeffrey M. Schlossberg
Show more Show less
Related Posts
Colorado Expands Protections for Biometric Information under the Colorado Privacy Act
June 4, 2024
Virginia Passes Legislation Prohibiting the Use of Employees’ Social Security Numbers as Identifiers
April 19, 2023
NLRB General Counsel Memo on Electronic Monitoring of Employees
November 2, 2022