Can a company snoop on an employee’s e-mails with her attorney?

Shortly before a nursing director left her job at a home health-care agency, she contacted a lawyer about suing the agency for discrimination. She began e-mailing back and forth with the lawyer – using a laptop provided by the agency.

The employee didn’t use her work e-mail address; rather, she used a personal Yahoo! e-mail account with a password. But when the employee left, the agency scanned the hard drive of the laptop and found all the e-mails. It kept them for use in the lawsuit. Is this okay?

In general, the answer is unclear – but in this particular case, an appeals court in New Jersey sided with the employee. The agency had a policy (as many companies do) saying that the laptop was company property and it retained a right to access any communications sent via the computer.

The court said this was true – however, the company’s interest in snooping on the computer was limited to making sure the employee wasn’t doing anything wrong. In other words, the company had a right to access the computer to make sure the employee wasn’t goofing off, disclosing trade secrets, harassing colleagues, etc. But it didn’t have a right to keep and use the employee’s personal communications.

The court compared the laptop to a filing cabinet. A company would have a right to access an employee’s filing cabinet to retrieve work-related files and make sure the employee wasn’t keeping contraband in it. However, just because the company owned the filing cabinet, it didn’t have a right to confiscate and keep any personal items that an employee happened to put there.

In this case, a person’s communications with an attorney are normally considered private, and the agency’s computer policy didn’t trump the employee’s right to privacy.

However, the case provides some import lessons:

  • If you’re an employee, don’t communicate with your attorney via a company computer. Even if the company doesn’t have a right to keep your e-mails and introduce them in court, the company might still be able to read them, and might learn things it can use against you.
  • For that matter, if you’re an employee, don’t send or access anything on a company computer that might incriminate you or that could put you in a bad light.
  • If you’re an employer, be very careful how you word your computer use policy. And if you do come across personal information stored on an employee’s computer, be cautious in how you use it. Without legal guidance, it can sometimes be hard to draw the line between legitimate company interests and an invasion of a person’s privacy.