Friday, October 4, 2013

Employers who Solicit Facebook Friend “Snooping” Could Face Liability Under Federal Stored Communications Act


Facebook postings by employees have increasingly become a factor in employment discrimination lawsuits.  In some of my recent cases, employers were made aware of an employee’s threats of violence, workplace misconduct or other inappropriate actions when a co-worker, who also was a Facebook “friend”, brought the Facebook post to the employer’s attention.  Such posts can be powerful evidence in defending against a discrimination lawsuit and proving that any adverse employment action was for a legitimate non-discriminatory reason.
However, a recent ruling by a federal District Court in New Jersey strongly suggests that employers who actively solicit Facebook friends to disclose the postings of an employee could be in violation of the Federal Stored Communications Act (“SCA”), 18 U.S.C. §§ 2701-11.
The SCA provides that whoever "(1) intentionally accesses without authorization a facility through which an electronic communication service is provided; or (2) intentionally exceeds an authorization to access that facility; and thereby obtains, alters or prevents the authorized access to a wire or electronic communication while in electronic storage in such a system" shall be liable for damages. The statute further provides that "[i]t shall not be unlawful . . . [to] access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public." In other words, the SCA covers: (1) electronic communications, (2) that were transmitted via an electronic communication service, (3) that are in electronic storage, and (4) that are not public.
In Ehling v. Monmouth-Ocean Hospital Service Corp. , the plaintiff was a nurse who maintained a Facebook account and had approximately 300 Facebook friends. Plaintiff selected privacy settings for her account that limited access to her Facebook wall to only her Facebook friends. Plaintiff did not add any hospital managers as Facebook friends. However, Plaintiff added many of her coworkers as friends. Unbeknownst to Plaintiff, a hospital paramedic who was one of her Facebook friends was taking screenshots of Plaintiff's Facebook wall and printing them or emailing them to Plaintiff’s manager.
The evidence in the case showed that the paramedic independently came up with the idea to provide Plaintiff's Facebook posts to the manager, who had never asked the paramedic for any information about Plaintiff and had never requested to be apprised of Plaintiff's Facebook activity.
Plaintiff was subsequently temporarily suspended when the hospital learned of her Facebook post where she criticized paramedics in Washington, D.C. for saving the life of a gunman involved in a fatal shooting.  The post read as follows:

 An 88 yr old sociopath white supremacist opened fire in the Wash D.C. Holocaust Museum this morning and killed an innocent guard (leaving children). Other guards opened fire. The 88 yr old was shot. He survived. I blame the DC paramedics. I want to say 2 things to the DC medics. 1. WHAT WERE YOU THINKING? and 2. This was your opportunity to really make a difference! WTF!!!! And to the other guards....go to target practice.

The plaintiff received a memo from the hospital explaining the reason for the suspension was the hospital’s concern that her Facebook comment reflected a "deliberate disregard for patient safety." In response, Plaintiff filed a complaint with the National Labor Relations Board ("NLRB"). After reviewing the evidence, the NLRB found that the hospital did not violate the National Labor Relations Act. The NLRB also found that there was no privacy violation because the post was sent, unsolicited, to hospital management.  The plaintiff subsequently filed suit in federal court, alleging the hospital violated her rights under the SCA.
In its ruling, the District Court held that that non-public Facebook wall posts are covered by the SCA, because: (1) Facebook wall posts are electronic communication, (2) they are transmitted via an electronic communication service, the Facebook wall posts are in electronic storage, and (4) Facebook wall posts that are configured to be private are, by definition, not accessible to the general public, and that the touchstone of the SCA is that it protects private information.
However, the District Court ruled that the hospital was not liable because one of the SCA’s exceptions applied, which exempted conduct authorized (1) by the person or entity providing a wire or electronic communications service; [or] (2) by a user of that service with respect to a communication of or intended for that user." 18 U.S.C. §2701(c).
The Court held that exception applied because the plaintiff had authorized the paramedic to have access to her Facebook wall by making him a “friend” and that the information the paramedic supplied to hospital management was completely unsolicited.
The District Court implicitly held that if the hospital had directed the paramedic or any other of the plaintiff’s Facebook friends to monitor and keep them appraised on Plaintiff’s Facebook activity, it would have constituted a violation of the SCA due to the hospital seeking unauthorized access.  The SCA provides for civil liability under the statute and an employer would be subject to monetary damages.
While it may be tempting for employers to utilize the Internet to monitor employees’ conduct, the lesson from this case is that employers should never request that co-workers or any other individuals access an employee’s private social media.  As related in previous articles, employers also need to be aware that overly broad social media policies could expose them to potential liability under the National Labor Relations Act.
Mark Fijman is a labor and employment attorney with Phelps Dunbar, LLP, which has offices in Louisiana, Mississippi, Florida, Texas, Alabama, North Carolina and London. To view his firm bio, click here.  He can be reached at (601) 360-9716 and by e-mail at fijmanm@phelps.com.