Skip to main content

When employee handbooks don't tell the whole story.....


Written by Cynthia and Jennifer

The discussion of employer access to employee emails in our September 21 blog entry continues with another appellate court decision about workplace privacy rights.

In Stengart v. Loving Care Agency, Inc., the court completely rejected an employer's attempt to rely upon an email policy to gain access to an employee's confidential communications with her attorney conducted through the employer's email system. The court found that the employer could have no legitimate interest in reviewing an employee's private communications with her attorney, noting that "[p]roperty rights are no less offended when an employer examines documents stored on a computer as when an employer rifles through a folder containing an employee's private papers or reaches in and examines the contents of an employee's pockets; indeed, even when a legitimate business purpose could support such a search, we can envision no valid precept of property law that would convert the employer's interest in determining what is in those locations with a right to own the contents of the employee's folder of private papers or the contents of his pocket." The court went on to reject the notion that emails relating to an anticipated lawsuit against her employer would seem to be an illegitimate business use of the computer system: "the company had no greater interest in those communications than it would if it had engaged in the highly impermissible conduct of electronically eavesdropping on a conversation between plaintiff and her attorney while she was on a lunch break." Additionally, the court sanctioned the employer's law firm for not returning the emails to the employee as soon as the law firm became aware they were privileged communications.

This is a very interesting pro-employee decision but its lesson is clear: even email policies that notify employees that they are waiving certain privacy rights in the workplace do not give employers carte blanche to access or take ownership of all of those communications. Employers who access (intentionally or not) such information should promptly seek counsel before proceeding further.

Subscribe To Viewpoints


Cynthia J. Larose

Member / Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.