California Public Agency Labor and Employment Blog - Useful Information for Navigating Legal Challenges

Harvard University recently had some explaining to do.  Last fall, the University conducted an investigation into the source information leaked to the media about students at the Ivy League school who had cheated.  The investigation included searching the work e-mail accounts of 16 Resident Deans without telling them.  Although the University eventually told the one Dean who has been the “source” of the leak about the search, the rest of the Deans did not know that their e-mail accounts had been searched until a newspaper reported on the searches this month. 

Resident Deans live among students and act as their advisors.  However, they also teach courses but are not on track to become tenured professors.  Each Dean is given a personal Harvard e-mail account and one to use specifically in their role of Resident Dean.  It was the latter type of e-mail account that was searched by Harvard.       

Some of the Resident Deans reacted angrily to the search, calling it a breach of privacy and trust.  The Deans also said they should have been told about the search earlier pursuant to the University’s policies.  Harvard’s policies allow it to search employee e-mail accounts including those of faculty members.  However, faculty members must be told about the search either before it happens or immediately after it is completed. 

Harvard defended its actions, stating that it did not notify the Deans of the search in order to protect student privacy and the identity of the person who inadvertently leaked the information.  The University also insisted that only the “subject” lines of work e-mails were searched, not personal accounts, and that no e-mails were opened.  Interestingly, Harvard also said the e-mail accounts searched were associated with the Deans’ administrative roles as Resident Deans.  This raised the question of whether Harvard considers the Resident Deans faculty members for purposes of notification under its own policies.

While it is not known if any Resident Dean will pursue legal action against Harvard, this incident offers lessons for employers regarding e-mail communications in the workplace. 

Employers should adopt a written electronic communications resources policy that puts employees on notice that e-mails, texts and voicemails sent over employer owned property may be monitored, and that employees do not have a personal privacy right regarding such communications.  The persons who will be subject to the policy should also be clearly stated.  At Harvard, it appears the University did not define whether the term “faculty member” includes Resident Deans.  Thus, an employer’s electronic communications policy should clearly identify who is subject to the policy such as volunteers or part-time or seasonal workers.  The policy should also notify employees that the electronic communications systems belong to the employer and should only be used for legitimate business purposes.  Along those lines, employee should also be notified that any information learned from the employer’s electronic communications systems should only be disclosed to authorized employees. 

Finally, an electronic communications resources policy may only allow monitoring of electronic communications routed through the employer’s equipment and property.  In the event a third party provider is involved in the transmission or storage of electronic communications, employers should obtain the employee’s written consent  to access these communications in order to preserve the right to monitor them.  Third parties will likely not release the information to employers absent written consent from the employee.   

Maryland recently became the first in the nation to ban employers from asking job applicants and employees for their Facebook and other social media passwords.  The law was signed into legislation by Maryland’s Governor approximately one year after the ACLU took on the case of Robert Collins who claimed he was forced to turn over his Facebook password to the Maryland Department of Corrections during a job interview.  Collins claims he was required to give his password to the interviewer who then proceeded to log onto his account and look through his personal messages, wall postings and photographs while Collins sat there. 

The new Maryland law, which goes into effect in October, specifically prohibits employers from asking or requiring a job applicant or employee to disclose any user name, password or other means for accessing a personal account on a social media site through a computer, telephone, PDA or other similar device.  The law also makes it illegal for employers to refuse to hire an applicant or take any adverse employment action against an employee for refusing to provide their personal login information.

Supporters of internet privacy are applauding Maryland’s adoption of the nation’s first so-called “social media password law.”  Supporters say such legislation is important because it not only protects individual privacy but it also prevents employers from accessing information that they cannot ask about during the hiring process such as ethnicity, sexual orientation and religion.

Since Maryland’s passage of a social media password law, several states including California and the federal government are proposing similar legislation.  For example, there are currently two bills pending before Congress.  The Password Protection Act of 2012 was recently introduced in the Senate and House.  The PPA proposes to prohibit employers from forcing prospective or current employees to provide access to their own private account on social media sites as a condition of employment.  The PPA would also prohibit employers from discriminating or retaliating against a prospective or current employee because that employee refuses to provide his or her password.  In addition, the Social Networking Online Protection Act, which provides similar protections as the PPA, has been introduced in the House.  However, SNOPA goes further in that it would also protect students from being forced to disclose their login information to schools from kindergarten through the university level. 

The California Legislature is expected to vote this year on AB 1844.  This bill would ban employers from requiring a job applicant or employee to provide usernames and passwords to their personal social media accounts.  The proposed law defines social media as “an electronic medium where users may create and view user-generated content, including uploading or downloading videos or still photographs, blogs, video blogs, podcasts, or instant messages.”  In addition, because the proposed law bans employers from asking for login information, the law also prohibits employers from checking social media sites before hiring an employee.  Therefore, an employer could not later be held liable for negligent hiring if it did not search a prospective employee’s social media site.  The proposed law states that “an employer does not fail to exercise reasonable care to discover whether a potential employee is unfit or incompetent by the employer's failure to search or monitor social media” before hiring.

SB 1349, known as the Social Media Privacy Act, is also pending in the California Legislature.  This bill is similar to AB 1844 except that it goes further by banning public and private postsecondary educational institutions from requiring or requesting a current or prospective student from disclosing their usernames and passwords for a personal social media account or to provide the institution with access to that account. 

It remains to be seen whether the California legislature or Congress will adopt social media password laws.  Governor Brown has not taken a position on AB 1844 or SB 1349.  However, given the current trend favoring social media password protection laws, California employers may want to consider refraining from asking for social media login information from current and prospective employees unless there is a strong legitimate business reason for doing so.  Even then, employers should carefully weigh the potential risks associated with asking for such information.    

Please contact our Los Angeles, San Francisco, Fresno, or San Diego office for any assistance in reviewing social media policies.

This blog post was authored by Alison Carrinski

In May we reported on the case U.S. v. Nosal, in which the U.S. Ninth Circuit Court of Appeals examined whether an employee violates the federal Computer Fraud and Abuse Act (CFAA) when misappropriating data from an employer’s computer system in violation of the employer’s data use policies.  In general, the CFAA prohibits employees from knowingly, and with intent to defraud, accessing an employer’s computer without authorization or exceeding authorized computer access, to further their intended fraud.  Nosal, a former employee of an executive search firm, engaged three current employees to access the firm’s electronic database and misappropriate trade secrets.  While the employees used their own ID’s to access the databases, they violated clear employer policies restricting use of proprietary information.

The Ninth Circuit, in an opinion issued by a three judge panel, held that Nosal exceeded authorized access, for purposes of the CFAA, by misappropriating proprietary information in violation of the employer’s computer and data use policies.  Nosal argued that such a decision would broaden the scope of violations under the CFAA to include any employee who exceeds the authorization of an employer’s data use policy—for example, by checking personal email at work.  In response to this argument, the Court noted that liability under the CFAA only applies if the employee exceeds authorized access with the intent to commit fraud; for example, checking personal email or the latest news would not trigger liability, even if against employer policy, because there would be no fraudulent intent.

Recently, on October 27, 2011, the Ninth Circuit Court of Appeals voted to rehear this case en banc, which means that all of the justices will be present for the rehearing.  Because the Court granted rehearing en banc, its decision from May in U.S. v. Nosal may no longer be cited as precedent, as it will be superseded by the future en banc decision.  We will keep you posted on the status of this case.

In August we reported on a new Missouri law that regulated communications between teachers and students on social media websites.  We also reported on the Missouri State Teachers Association’s (“MSTA”) successful efforts to block this so-called “Facebook Law” by obtaining a preliminary injunction from a Missouri Court.  Now, Missouri’s Legislature has voted to repeal the controversial portion of the law which barred teachers from communicating with students on social media platforms that allow “exclusive access.”  The Legislature also extended the deadline for school districts to establish social media use guidelines from January 1 to March 1, 2012. 

Missouri’s Governor signed the bill into law last Friday.  As a result, the MSTA said it would decide in the coming weeks whether to dismiss its case.  Currently, a court hearing is scheduled for February 20 to decide whether the original version of the law should be permanently enjoined.

Although the MTSA appears to be satisfied with the new bill, the ACLU expressed disappointment with the Governor’s failure to veto the bill.  Specifically, the ACLU is concerned that school districts will not be able to create social media policies that also protect free speech rights.  John Chasnoff, program director for the ACLU of Eastern Missouri, told the St. Louis Post Dispatch “We think the legislature kicked the can down the road on this issue and just passed the buck to local school districts.  It’s been so difficult for the legislature to hammer out a bill that meets the needs and is constitutional.  Imagine how difficult it will be for school boards.”

This post was co-authored by Elizabeth Arce

It seems that every time you turn on the news some new technological innovation is being announced.  For example, recent weeks have seen the unveiling of new tablet computers and smartphones.  In addition, social media platforms such as Facebook and LinkedIn are constantly announcing upgrades to their websites to improve the way users communicate with one another via the internet.  However, just as technology is rapidly changing, the law regulating the use of social media by employees also continues to evolve. 

Since our initial blog posts and article on legal developments regarding employee social media use, the National Labor Relations Board’s (NLRB) Office of General Counsel released a report analyzing various issues relating to social media use by employees and employer policies that attempt to regulate it.  In addition, two NLRB Administrative Law Judges (“ALJs”) issued decisions that provide further guidance in these areas. 

In Hispanic United of Buffalo (“HUB”), an ALJ ordered a nonprofit corporation to reinstate five employees who were fired after posting comments on Facebook criticizing workload and staffing issues.  The ALJ concluded that the employees engaged in protected concerted activity because they were discussing matters that involving terms and conditions of their employment. 

In Knauz BMW, an ALJ found that a car dealership’s employee handbook contained policies that restrict and limit an employee’s right to engage in concerted activity.  However, the ALJ upheld the employer’s termination of an employee who posted pictures of an accident at another dealership, also owned by his employer, with unflattering comments about the salesperson involved in it on the grounds that the posting was not protected concerted activity.

These recent pronouncements from the NLRB clarify the law regarding the scope of social media use by employees and provide the following guidance to employers:

1. Employees’ Social Media Postings With Each Other About The Terms and Conditions of Their Employment Are Protected.  Employees engage in protected concerted activity when they use social media to communicate with one another about work related issues.  Concerted activity will also be found when the employee posts comments that express the views of other employees or that attempt to initiate or induce coworkers to take group action.  This can include complaints among employees about commissions, tax withholding practices and workload and staffing issues.  Thus, posts that are not work related or that express individual gripes, frustrations or complaints are not protected. 
2. Work Related Postings That Are Sarcastic or Mocking in Tone May Be Protected.  In Knauz BMW, the ALJ considered two Facebook postings by the employee.  The first involved criticism of a sales event, including the inadequacy of the food being served, which employees felt could affect employee compensation.  The second posting involved an accident at another dealership.  The ALJ found that the posting concerning the accident was not protected concerted activity, and that the employer terminated the employee for that posting.  The decision discusses what language rises to the level of disparagement necessary find otherwise protected activities unprotected.  The NLRB has found statements that are mocking or sarcastic ,and terms such as “a-holes” and a “cheap son of a bitch” attributed to supervisors to be protected concerted activity when uttered in the course of otherwise protected concerted activity.  Employers must meet a very high threshold to prove language is disparaging and beyond protection in the context of employees acting together to challenge their working conditions.
3. Polices That Can Be Reasonably Interpreted to Restrict Employees’ Right to Engage In Concerted Activity Are Improper.  In evaluating whether a social media policy improperly limits an employee’s ability to engage in protected concerted activity, employers should ask whether the rule or policy explicitly prohibits the exercise of this right or would reasonably tend to chill the employee’s exercise of it.  In order words, policies that could be interpreted as discouraging an employee to discuss the terms and conditions of employment are likely improper.
4. Policies That Can Be Reasonably Interpreted to Protect the Relationship Between the Employer and Its Customers Are Proper.  In Knauz BMW, the ALJ determined that language in an employee handbook stating “[a] bad attitude creates a difficult working environment and prevents to [employer] from providing quality service to our customers” was proper.  The ALJ reasoned that the employer had a right to demand that its employees not display a bad attitude towards customers in order to protect the employer’s relationship with its customers.

Employers who have adopted social media policies should review them with the above guidelines in mind.  Finally, because the law in this area continues to rapidly change, employers should stay tuned to this blog and our Twitter (@lcwlegal and hashtag #lcwsocialmedia) for further updates.

As the summer draws to an end, parents and students are beginning to prepare for the start of the school year.  For many parents, sending their children off to school can be both a joyous and fearful occasion.  The worry experienced by parents is fueled, in part, by news headlines of teachers having inappropriate sexual relationships with their students.  In order to address these concerns, the Missouri Legislature recently signed into law the Amy Hestir Student Protection Act.  This so-called “Facebook Law,” which was named after a student who was sexually abused by her junior high school teacher, regulates communications between teachers and students on social media websites such as Facebook and Twitter.  State Senator Jane Cunningham, who sponsored the bill, said the purpose of the law is to discourage teachers and students from engaging in exclusive communications with each other through social networking platforms because such contact with each other “is a pathway into sexual misconduct.”

The new law requires school districts to develop a written policy concerning teacher-student and employee-student communications that include guidelines on the appropriate use of electronic media including text messaging and social networking sites.  In addition, the new law prohibits teachers from establishing, maintaining, or using a work-related website unless it is available to school administrators and the child's parents or legal guardian. Finally, the law prohibits teachers from establishing, maintaining, or using a nonwork-related website that allows exclusive access with a current or former student. 

Passage of the “Facebook Law,” which is believed to be the first of its kind in the country, drew immediate criticism.  Opponents argue that the law will cause teachers to communicate less with their students resulting in weaker teacher-student relationships.  Opponents also argue that the law chills free speech.  However, those in favor of the law insist that it does not restrict speech between educators and students.  Rather, the law merely provides transparency to the process by giving parents, guardians, and social administrators access to the websites where teachers and students are communicating with one another.

It remains to be seen how long Missouri’s “Facebook Law” will remain in effect and whether it will prompt other states such as California to adopt similar legislation.  Opponents of the law have already started a campaign to repeal the law.  The law may also be subject to court challenges on constitutional grounds.

Regardless of whether the “Facebook Law” survives, the reality is that teachers and students are increasingly using social networking sites as a vehicle to communicate with each other.  Consequently, school districts should adopt policies and guidelines regarding the appropriate use of social media platforms.  This may include deciding whether to allow teachers and students to communicate through social media at all, or to prohibit it altogether.  If the district allows such contact, then guidelines should remind teachers and school staff to consider the content on their social media sites including their profile, pictures, and postings on their wall.  Anything that they would not feel comfortable sharing in a classroom setting or in the presence of parents, should not be shared with students via social media.  Educators should be trained on using social media to foster learning and enhance the educational experience.  Finally, educators should be trained about separating their professional from their private life, and they should be reminded that their relationships with students, both in and out of the classroom, must be appropriate and comply with legal and professional standards. 

From time to time we are asked by clients whether they can place Global Positioning System (GPS) units on company or agency owned cars in order to keep track of employees whom they believe are misusing the vehicles to engage in unauthorized or excessive travel unrelated to their job.  The concern has been whether use of these devices in this manner invades the privacy rights of the employees.  Can employers place GPS devices on their own vehicles in order to track employee movement? 

In a decision coming from a New Jersey appeals court reminiscent of a 1948 film noir, the answer may be yes.  In Villanova v. Innovative Investigations, Inc., the New Jersey court held that, as long as the car is not driven to a secluded location, there is no right of privacy. 

This case arose not from an employment situation but one involving a marital dispute.  Mrs. Villanova believed her husband was having an affair and she hired an investigative firm, Innovative, to follow him.  Innovative suggested that she buy a GPS device and place it on the family car he drives.  She did so and Mr. Villanova eventually brought a lawsuit against Innovative for invading his privacy.  The New Jersey court held that Villanova had no right of privacy as long as he was driving on public streets.

“In the absence of evidence that he drove the vehicle into a private or secluded location that was out of public view and in which he had a legitimate expectation of privacy, he had no claim for invasion of privacy.”

New Jersey law, like California’s, contains a constitutional right of privacy.  However, tracking an individual’s driving with a GPS device no more invades that individual’s privacy than does simply observing or following him “or even taking his photograph while he is walking on a public highway since he is not then in seclusion and his appearance is public and open to the public eye.”  Further, a person traveling in an automobile on public thoroughfares “has no reasonable expectation of privacy in his movements from one place to another.”

Issues regarding use of GPS devices are likely to come up in other contexts such as whether an employer must negotiate with its employees’ union before placing GPS devices on the employer’s own vehicles.  (We think the answer is “no.”)  We understand the U.S. Supreme Court is considering whether law enforcement violates a suspect’s Fourth Amendment privilege against unreasonable searchers by covert GPS tracking.

Under California law, employers may track the use of vehicles they own or lease.  The firm’s Privacy Issues in the Workplace workbook has a section on GPS tracking devices, as well as a sample Vehicle Electronic Tracking Technology Policy.

The cell phone, in particular the so-called “smartphones” (e.g. iPhones, Blackberrys, Android phones) are amazing.  These devices allow us to be in contact no matter where we are on a 24/7 basis.  Some employers issue these devices to their employees both as a benefit to the employee but primarily as a benefit to the employer for the same reason: it allows contact at all hours of the day and night when necessary.

But when employees use these devices for work-related phone calls, text messages and emails while off-duty, should they be paid for this time?  This issue may be resolved in a case currently pending in the federal court in Illinois entitled Allen v. City of Chicago.

We normally do not report on a case pending in a trial court and certainly not about the ruling on a motion, which did not result in a judgment.  But this case seems of such particular significance that it merits a report.  Indeed, a number of other blogs have already commented on this case.

Here’s the situation.  The Chicago Police Department issued Blackberrys to a number of its officers including a Sergeant named Jeffrey Allen.  Sergeant Allen claims that he and other officers are required to use their Blackberrys to perform off-duty work including responding to telephone calls, emails, voicemails, and text messages.  Allen filed a purported class action lawsuit against the City alleging that he and other officers are entitled to overtime pay under the U.S. Fair Labor Standards Act for these phone based off-duty activities.  The City moved to dismiss the action but the trial court denied the motion and the matter will now proceed forward towards trial.

How this case will be resolved remains to be seen.  However, the novelty of this claim and the wide publicity the decision has received, may well result in a new cottage industry of FLSA litigation.

In order to minimize the likelihood of being the subject of such a case, the following steps are recommended:

1. If possible, limit issuance of such devices to employees who are truly FLSA exempt and thus not entitled to overtime pay.
2. If such phones must be issued to non-exempt hourly employees because of business necessity or operational demands, require employees to keep detailed time records of each phone related activity together with date, time of day, content description and actual duration of the call, email, text message, etc.  Be sure that the billings received from the service provider, such as AT&T, Verizon, etc., are maintained and reviewed and checked against the employee’s time reports for confirmation.  Keep in mind that FLSA requires the employer, not the employee, to keep accurate time records.  However, the employer can delegate that assignment to the employee as an additional part of their job.  Indeed, employees could be terminated for failure to keep accurate time records although they still must be paid because the employer receives the benefit of their services.
3. If such phones must be issued to non-exempt hourly employees, limit their issuance to those who really do have a bona fide job related necessity to have them.  That is, only give phones to those hourly employees when their jobs truly require them to be available on an instantaneous basis even while off-duty.
4. Some employees may need to have these phones while working but not while off-duty.  In these cases, issue a written policy prohibiting these employees from using their devices off-duty or institute a requirement that they reimburse the employer for personal use of the devices.  Another possibility is to require the employee to leave the phone at their job site, whereby they pick it up at the beginning of their work shift and leave it at the end.

The best advice is to develop a comprehensive written policy on the use of these devices so that employees are on clear notice of their entitlements and of their employer’s expectations of them.

LCW provides sample forms of Sample Electronic Communications Resources Policy and Authorization for Release of Information by Electronic Communications Service Provider in our Privacy Issues in the Workplace workbook for public agencies.  Additionally, LCW discusses the FLSA and strategies for complying with it in its Public Sector FLSA Compliance Guide workbook.

Keep visiting this website, as we shall update you on the progress of this case as it moves through the court system.

Photo Credit: Verizon Logo by methodshop.com, on Flickr

This guest post was authored by Alison Carrinski

The U.S. Ninth Circuit Court of Appeals recently held in U.S. v. Nosal that an employer may sue for damages under the federal Computer Fraud and Abuse Act (CFAA) when an employee’s computer or data use exceeds authorization provided by the employer.

Section 1030(a)(4) of the CFAA prohibits employees from knowingly, and with intent to defraud, accessing an employer’s computer without authorization or exceeding authorized computer access, to further their intended fraud.  The Ninth Circuit held for the first time that employees exceed authorized access whenever they violate the employer’s computer and data access policies.

Nosal, a former employee of an executive search firm, engaged three current employees of the firm to help him start a competing business.  The employer had a clear policy that allowed use of its proprietary information only for legitimate business reasons.  The company notified employees that accessing electronic information without authority may lead to discipline or criminal prosecution.  In violation of this policy, these employees accessed the firm’s trade secrets and proprietary information by using their user accounts to access the employer’s electronic database.  Nosal argued that they could not be liable under the CFAA because the employees were not accessing the computer system without authorization, i.e., they were not hacking into the system.  The Ninth Circuit disagreed with Nosal, reasoning that, by violating the employer’s clearly stated policy, the employees had exceeded their authorized computer access and may be liable under the CFAA.

Consider the difference between this example and LVRC Holdings LLC v. Brekka, where an employee who sent confidential work emails to his and his wife’s personal email accounts was not liable under the CFAA.  In that case, as opposed to Nosal, the employer never notified the employee of any computer restrictions, either through a policy or in an employment contract.  Brekka teaches an important lesson:  if an employer does not publish a written policy, it will be unable to hold employees liable under the CFAA when the employee uses a computer in an unauthorized manner with the intent to commit fraud.

Therefore, it is important for employers to maintain a written, up-to-date computer access policy that limits use of work computers to work activities only, and that limits access to confidential and sensitive data to only those employees who need such information to perform their jobs.

The National Labor Relations Board (“NLRB”) is the federal counterpart of the Public Employees Relation Board (“PERB”). The NLRB is the body that oversees the administration of federal labor law, and PERB is the body that oversees the administration of California labor law.

Recently, the NLRB prosecuted a complaint brought by its Connecticut regional office regarding Dawnmarie Souza, an emergency medical technician, who was fired by American Medical Response after she criticized her boss on her personal Facebook page. After conducting an investigation into the termination of Souza, the NLRB issued a complaint. The thrust of the NLRB complaint was that the termination was in violation of federal labor law, that the company’s internet usage policy was “overly broad” because it prohibited employees from posting disparaging remarks about the employer and its supervisors, and that enforcement of the policy interfered with employees’ rights to engage in protected activity. 

Section 7 of the National Labor Relations Act (“NLRA”) restricts employers’ attempts to interfere with employees’ efforts to work together to improve the terms or conditions of their workplace. The NLRB has long held that Section 7 was violated if an employer’s conduct would “reasonably tend to chill employees” in exercising their NLRB rights and that’s what prompted the complaint. It is noteworthy that California’s Meyers-Milias-Brown Act (“MMBA”) has a similar provision that restricts employers from interfering with employees’ rights to improve the conditions or terms of employment, so this NLRB case is relevant to public agency employers as well. 

The NLRB’s investigation determined that the Facebook postings constituted “protected concerted activity” and that the employer’s internet usage policy was overly restrictive because it prevented employees from making any negative remarks when discussing supervisors or the company. The matter was set for hearing earlier this year, but the issues were settled before the hearing. The employer agreed to revise its internet usage policy to ensure that it did not restrict employees’ rights to communicate freely about working conditions. Further, the employer agreed to not fire employees for engaging in such activity.

Although it is settled under California labor law that employees have the right to engage in discussions about their wages, hours, and working conditions, this federal NLRA case signals to both union employers that this right goes beyond the actual workplace and extends to employees’ personal Facebook pages. Further, this case serves as a cautionary tale to California public employers of a growing trend to protect employees’ use of the internet as a forum to engage in protected speech activity, even where the speech is less than respectful. 

The lesson here is that public agencies should remain sensitive to employees’ right to communicate with one another regarding their wages, hours and working conditions, and their ability to even do this on the internet with the protection of the law. Employers will also want to consider this case when drafting internet usage policies, so as to ensure that such policies cannot be construed as interfering with protected employee rights.

Can a public employer be held liable for negligence or for a section 1983 claim because the employer accidentally disclosed the names, addresses, telephone numbers, marital status and social security numbers of 1,750 former employees?  An Illinois appellate court doesn’t think so.

Cooney v. Chicago Public Schools was brought to my attention by the IAPP Daily Dashboard.  This featured a blog post by the Information Law Group which noted this may be the first published decision to hold there exists no common law negligence claim exists against an employer for disclosure of personal information such as address, telephone number, date of birth and even social security numbers.  Plaintiffs were 1,750 former employees of Chicago Public Schools governed by the Board of Education of the City of Chicago.  The Board retained a printing company to print, package and mail a COBRA open enrollment list to plaintiffs to inform them that as COBRA participants, they could change their insured benefit plans. The package, however, ended up containing the names of all 1,750 plaintiffs, as well as each of their addresses, social security numbers, marital status, medical and dental insurers and health insurance plan information. When the Board learned of the disclosure of information, it sent a letter to the former employees asking them to return the COBRA list or destroy it and offered plaintiffs one year of free credit protection insurance.

Plaintiffs filed individual and class action lawsuits alleging various state and federal causes of action including: (1) violation of the common law right to privacy; (2) negligent infliction of emotional distress; (3) negligence; (4) breach of fiduciary duty; and (5) violation of their U.S. Constitutional rights vis-à-vis 42 U.S.C. section 1983.  The trial court granted, and the Illinois appellate court affirmed, the dismissal of plaintiffs’ claims against both the Board and the printing company. 

Continue Reading

Recently, the Supreme Court reversed a decision of the Ninth Circuit and upheld the federal government’s ability to conduct employee background checks in an 8-0 decision (Justice Kagan did not participate) in NASA v. Nelson (No. 09-530).

The National Aeronautics and Space Administration (“NASA”) is an independent federal agency which has a workforce consisting of both federal civil servants and contract employees who are employed by Government contractors.  The Jet Propulsion Laboratory (“JPL”), a NASA facility, is staffed exclusively by contract employees.  In 2007, twenty eight JPL employees objected to mandatory background checks on the grounds that some of the inquiries violated their constitutional right to “informational privacy.”  The employees objected to a form questionnaire that asked them about treatment or counseling for recent illegal drug use.  They also objected to a form which was sent to their designated references that asked “open-ended” questions about the applicant’s “suitability for government employment and security,” “honestly and trustworthiness,” “financial integrity,” and “mental and emotional stability.”  At the time they were hired many years ago, the JPL employees were not subjected to a background check because background checks were only required for federal civil servants.  However, this changed when a recommendation by the 9/11 Commission prompted the Government to begin requiring contract employees with long-term access to federal facilities to complete background checks.  JPL management informed employees that anyone failing to complete the background check would be denied access to JPL and face termination.

The Ninth Circuit had enjoined the forms as likely being unconstitutional because  the questions about drug treatment and counseling did not serve a legitimate government interest and the open ended questions for references were not narrowly tailored to meet the government’s security interests.

Continue Reading