Over the last twenty years, the workplace has been the beneficiary (?) of a vast number of technological advances. This has made it much easier to not only amass information, but to sort, structure and "play" with it. But one of the major downsides of this technological advance has been that a recalcitrant employee, or an employee who is leaving for a competitor, now has a much easier time to appropriate confidential information (trade secrets, customer or client lists, pricing information or other sensitive data); harass co-workers; spend the day looking at some of the "more interesting" Internet sites (i.e. pornography); get involved in gambling; or engage in other nefarious conduct.
- With a thumb drive, an employee can amass the same amount of confidential information that would be equivalent to 20,000-inch thick notebooks "walking out the door" in the 1950s or '60s.
- An employee can use company-owned equipment to "check out" another employee's address or personal data.
- A "hook-up" to the Cayman Islands for a much-needed wager on the NFL is very handy and easy.
It is an absolute necessity for employers to begin to develop plans and incorporate these plans into their operations to stave off the data merely walking out the door or the other avenues of abuse.
It is crucial that employers create policies within their organizations on the how-and-why of employees using their electronic devices and on what sort of privacy workers can expect in their organizations. Workers must be told very clearly in a straight-forward policy that any information on their work-owned computers or phones is subject to being accessed by the company for any reason whatsoever. This access of information must include personal texts or e-mails that may be sent through a company network. It is also crucial that workers be clearly advised that the use of their personal computers and personal phones at work is subject to the same scrutiny. It is an absolute necessity that employees understand the reach or breadth of any employer technology policy.
Should an employer become concerned that confidential information is being removed from the company or company-related technology is being used for "other than business purposes," a thorough and complete digital investigation must take place. This digital investigation (i.e. computer forensic investigation) must involve information technology staff, human resources professionals and outside counsel. The employer must identify what rules may have been broken and what sort of privacy an employee can or should have under its forensic policies. As in every other case of alleged employee wrongdoing, documentation of the problem must be amassed and protected.
Often when a question arises with regard to technological misuse, a key factor is whether or not a company will use "inside" or "outside" personnel. In many cases, the use of outside experts is extremely beneficial. Very few companies have the financial wherewithal or expertise to make sure an investigation is handled pristinely. Outside experts have the tools and experience to make sure that all possible sources of data are found and - more importantly - that these sources of data are not accidentally corrupted or destroyed as part of the investigation. Outside investigators also document very clearly in their reports at the conclusion of an investigation what has occurred and how it occurred. This outside report can be extremely beneficial in substantiating the inappropriate or bad behavior of an employee during an investigative inquiry (i.e. EEOC; Department of Labor; etc.) or litigation scenario. In addition, if the case is handled correctly through the investigation, there will be less chance of possible invasions of employee privacy and the loss of employee morale.
There is and has been extensive litigation also regarding the clash of an employer's rights to protect its company equipment and property versus the invasion of employee privacy. This is truly a very unsettled area. What rights, if any, does an employee have to his/her "personal e-mails" on company computers? Does the employer have an absolute right to see everything? In fact, the United States Supreme Court in the case of City of Ontario v. Quon said it was difficult for it to make a broad ruling on the topic of technological advances because of the "rapid pace of technological change" and how this would impact workplace norms in the future.
As technology further advances in the 21 st century, the workplace will undergo even more significant changes. The employers who are able to incorporate and make the correct use of technological advancements while protecting their business assets in the workplace will be the ones that will be the most successful going forward.
Questions? Contact Walter J. Liszka in the Chicago office at [email protected] or by phone at (312) 629-9300.