Privacy Abuse and Protection

Privacy and Abuse Protection Efforts of Businesses Facts Many workforces in most nations all over the world are increasingly becoming global. These workforces cooperate, communicate, and link up in multinationals and global marketplaces via web-based applications across countries and territories. The phenomenon of globalization has removed quite a number of differences amongst peoples and nations both in workplaces and in other areas[footnoteRef:2]. However, some questions have been raised on the origins of workplace privacy. For instance, the U.S. (United States) and the E.U.

(European Union) have quite a number of differences with regards to workplace privacy. Such kinds of differences bring about significant challenges for an employer whose workforce is global in nature or who manages human resources using technologies and processes that go beyond borders. [2: Determann and Lothar (2011)] Employers have accessibility to personal data of their workforce. This data might be insightful and so the workforce might want to avoid disclosing this data[footnoteRef:3].

As a result American employers practice quite a number of workplace-related monitoring activities for an even wider range of legitimate reasons. Overall, the right to privacy in the U.S. is based on the reasonable expectation of privacy; an expectation which is based on reasonable views of an individual or the circumstances specific to that situation. Employees in the U.S. expect minimal protection of their privacy in workplaces.

American employers frequently remove all shreds of expectations through cautions or notices informing employees that that they are being monitored via training books, in familiarization tours, on employee login flash-screens, network use policies among others1. However, newer technologies are emerging that can monitor employees and catch them by surprise and challenge employers efforts so that the employees are aware of newer technologies. Such new technologies destroy any little expectations that employees have with regards to their privacy rights being upheld and not being watched by any surveillance technology.

Therefore, there is a need to look into privacy rights in workplaces and to find and document ways to prevent violations of these rights via surveillance and other methods. [3: Workplace Privacy] The degree of workers' workplace privacy rights is based on whether they work in the private or public sector. Since constitutional rights largely work to protect individuals against illegal government actions, such state actions must occur for one to invoke a constitutional right.

Thus, since the majority of the American workforce is employed in the private sector, the U.S. constitution, particularly the 4th amendment that deals with privacy protection cannot be invoked in email monitoring cases in the private sector3. The constitutions of eight states offer more protection of rights for public employees compared to the U.S. constitution. However, similar to the U.S.

constitution, all of these rights protect only public sector workers and offer little protection for those in the private sector except the constitution of the state of California, whose privacy rights clause extends to private employees too.

Issues Should businesses carry out surveillance activities on their employees? Should they monitor them? If so, what should be the limits of such monitoring activities? Where should we draw the line? According to the United States Office of Technology Assessment, computerized performance monitoring is the gathering, storage, assessment and reporting of data on the productive activities carried out by employees using computers. The act of monitoring employees is a controversial practice that is increasingly becoming common8. The issue of employee monitoring is a grey area in law8.

The law doctrines in use imply that employee monitoring is legal, yet Businesses must monitor their workers to protect themselves and their employees, while concentrating on giving them ethical treatment. Thus, there is a dilemma. According to Bhatt, many businesses are of the opinion that concentrating on people, techniques, and technologies help them to monitor employees and knowledge management. Such an approach, however, will not enable a company to have a competitive edge. For organizations to perform, they must create workplaces where there is maximum transparency and accountability8.

In the late 1990s, the world led by Western nations particularly the U.S. was moving from the industrial age to the information age. At the beginning of the information age, which was characterized by increase in computer companies and internet access and use, employers and business faced challenges of misuse of internet by employees for which the company would be liable.

To circumvent such challenges, Frayer noted that employers started using monitoring tools, which allowed them to clandestinely see, record and note almost everything that workers were doing using their computers. Today more and more workers rely on computers to carry out their responsibilities. It was estimated that out of 50 to 75% of employees who use computers at work, about 85% of them have internet access8.

The availability of computer and internet access to employees in different companies and workers having different personalities, knowledge, intentions, and ethics, makes it mandatory for the employers to monitor their employees' online activities.

Take this case, for instance, a nurse working with children at a certain hospital, referred to the disabled child she was caring for, as her "little handicapper," she commented on the a newspaper blog about how she was caring for the child, in her port she mentioned identifying information, such as the age of the child and his use of a wheelchair.

One of the newspaper's readers read the blog and filed a complaint with the BON (Board of Nursing) arguing that the nurse was violating the child's and his family's privacy laws. Even without taking into account the unethical and insensitive language, the BON could, if they wanted, take disciplinary measures against the nurse for her failure to hold the patient information in confidence2.

The BON however decided that a warning was enough for the nurse[footnoteRef:4], the warning was indeed sufficient and the nurse learnt her lesson about positing such information online. A look at another example where a nurse arrived at work to find a photograph of a patient whose backside was exposed, in her emails. The nurse not knowing the source of the photograph, forwarded it to her workmates, who had not yet seen it, in an effort to find the source.

In a few hours, the photograph became a topic of debate among the hospital employees with some of them expressing their disgust and concern while others finding it hilarious. None of the hospital's employees took the initiative to report the matter to the administration. In a few short hours, the hospital's management got the news about the picture making rounds and commenced their own investigations since they thought that the patient's privacy rights had been infringed.

It was not long before the town's local media became aware of the incident and the issue gained nationwide coverage. The police interrogated into the matter as to whether the case was of sexual exploitation. Hospital administration then reacted by sending the nurses on an administrative leave and elected to review the hospital's patient protection, dignity and rights2. [4: Spector and Kappel (2012)] Management also decided to report the matter to the Board of Nurses.

The BON then opened a case file into the incident to determine whether any rights including national or local regulations that they had a mandate to enforce, had been violated. Lastly, the patient whose picture was doing rounds was identified and the hospital faced possible legal ramifications. If the nurses had in the first place acted professionally, the situation could not have unfolded as it did2.

While employers and boards of management have handled cases involving malicious misuse of internet services, most of the times the disclosure of confidential information is often not intentional. Depending on the jurisdiction, some management boards and employers have specific legislations that deal with the improper use of social media.

In cases where specific laws do not exist, boards may use other related laws to look into cases of2: Unethical conduct Unprofessional conduct Immoral conduct Disclosure of company secrets Violation of confidentiality There can be a couple of implications as well for individuals who violate federal or state laws, including possible criminal prosecution or civil liability. Some of the laws that are related with the issue of workplace privacy include: confidentiality laws in various fields, state privacy laws or legislations related to criminal harassment2.

Case law could also result in tort liability, for instance privacy invasion or even libel. Before the advent of internet, organizations allowed the utilization of radios and telephones for their employees' personal benefit[footnoteRef:5]. The standards that were used when resources such as telephones were being misused resulted in loss of productivity of the employees and were purposefully left unclear.

However, in the modern day world, where businesses are increasingly trying to increase the productivity of their employees, more and more businesses are looking towards latest technologies to achieve that objective. Moreover, most of those technologies such as computers, tablets and other computer-based applications require internet connection to operate as communication tools. This creates quite a number of legitimate reasons for organizations to monitor their employees' internet activity and computer usage including: [5: MONITORING EMPLOYEE E-MAIL: EFFICIENT WORKPLACES VS.

EMPLOYEE PRIVACY] So as to make sure the organization's professional image is not tainted To ensure the employees' productivity is not compromised To discourage or completely cut out any sexual or other kinds of harassments at the workplace To block online-stalking of employees To stop any potential defamation lawsuit To avoid the disclosure of company secret information To prevent copyright infringement resulting from employees illegally downloading music or software through the company's internet network. There are several different types of regulations and monitoring.

Some businesses utilize CCTV surveillance to monitor their workers' conduct. Some cameras are often visible while others may be placed in secret locations where workers may not be aware that they are being recorded. The secret cameras often go unnoticed for months and provide very important surveillance data[footnoteRef:6]. One of the main reasons why employers use video surveillance on their employees is that they want to keep track of employee safety standards, horseplay, or pilferage.

A recent survey by the SHRM group revealed that approximately 40% of surveyed workers were of the opinion that it was the right of their employer to use CCTVs. Another type of monitoring is visual, when a member of the management or an individual assigned by the management clandestinely observes and reports other employees or even administration staff4. [6: Mishra and Crampton (1998)] The individuals being investigated are not aware of it.

For instance, there was an incident where a security guard in California was asked to spy and even to "wiretap" the phones of two executives who were thought to be having homosexual activities during company time. The security guard had also been informed to spy on the executives' homes. The case came to the public limelight when the guard was forcefully fired when he felt that such activities were not part of his job description.

Another kind of employee monitoring is through the use of active badges (a badge that workers wear on their clothing so that their movement can be captured using computer systems and their unique employee identification numbers) 4. The badge works through a minute electronic transmitter attached to it. Sensors that can recognize the electronic transmission are placed in areas around the company. Several sensors can triangulate to find the location of the employee. Lately internet blogs and social media sites have also become powerful tools to spread information around the internet.

Some people post comments on social media against their employers[footnoteRef:7]. These anonymous posts and comments range from releasing trade secrets of the companies and do not show any loyalty to their employers. And in such cases, employers have a right to file a lawsuit claiming an infringement of duty of loyalty against anyone who posts such comments and the anonymity should not protect the authors of such posts or comments because harmful anti-employer comments are not protected by law.

[7: Lee (2006)] Thus, anti-employer blogs and social media pages are a huge threat to all kinds of employers who seek to protect legitimate business relationships with customers and partners. In fact, in some instances, anti-employer comments on blogs or social media have resulted in very negative consequences for stock prices.

So as to protect themselves against threats posed by negative comments on chat rooms, social media and message boards, employers have started hiring internet scouring agencies such as eWatch to search all over the internet for any negative employee comments against them5. After they have learnt of anything negative written against them employers often move to pursue breach of the duty of loyalty liability cases against such workers and unions or governments or privacy organizations should not protect them because harmful anti-employer speech is not protected by law.

Analysis Besides the options given by the ECPA and other state legislations, workers could also file breach of privacy claims against their employers, if their employers engage in monitoring electronic communications in a manner that is unwarranted. There are 4 primary torts for the breach of privacy in jurisdictions that practice common law[footnoteRef:8]: [8: Watson (2001)] Unreasonable intrusion when another is secluded Commercial use of an individual's likeness or name; Public revealing of secret facts Portrayal of someone in a false light For instance, in the 1996 case of Restuccia v.

Burk Technology in the state of Massachusetts that was filed by the employees of the company. The facts of the case were that a worker noted that another worker (one of the plaintiffs) was spending quite a lot of time of the organization's emailing system and informed the supervisor (the defendant) 4. The same evening after everyone had left, the supervisor using a company provided master password opened the email system and accessed employee emails and read them for about 8 hours4.

The email messages were between two employees of Burk Technology and entailed nicknames for the supervisor and had mentions of his marital affairs. The employees were immediately fired, and the supervisor mentioned that the reason for their firing was too much email messaging and not the content. For that reason the employees, filed a lawsuit against their employers and claimed a number of causes of action, which included illegal interception of electronic communications, invasion of privacy and wrongful termination4. In another case, Smyth vs.

The Pillsbury Company, that was filed in the Federal Eastern District of Pennsylvania, the plaintiff, Mr. Michael Smyth filed a lawsuit against the company he formerly worked for, The Pillsbury Company, claiming that he was wrongfully discharged, after the company fired him for sending electronic mails, that the company considered unprofessional and inappropriate, through the company's internet system.

The defendant (the Pillsbury Company) had repeatedly assured and reassured its staff that all their email messages would be completely privileged and confidential and would not be tapped and used against the employees as a basis for termination or disciplinary actions4. The plaintiff (Smyth) received emails from his supervisor through the company's system on his PC and had also communicated via email with his advisor. The defendant (Pillsbury Company) intercepted these emails, which they deemed inappropriate and used their content as the reasons for terminating Smyth.

In the year 1986, the U.S. congress reacted to the lack of constitutional protection for all employees against privacy rights violations by employers by passing amendments to the ECPA (the Electronic Communications Privacy Act). ECPA also known as the Federal wiretapping statute, initially prohibited the unpermitted interception of either oral or wire communications only in conditions where such information could be audibly overheard.

In 1986 however, the statute was amended to include the interception of even electronic communications including intelligence, data, sound, images, writing, signals and signs either completely or in part through any means that affected interstate business. This law offers protection for employees against interception of their communications. Another legislation NEMA (Notice of Electronic Monitoring) is being currently worked on, as a tool against unwarranted surveillance.

The proposed Act if passed will mean that employers will have to notify/inform their workers of any kind of surveillance or monitoring that they will be under. Under 2014's version of the bill, employers would have to inform their workers at the time of employment about the monitoring policies and also remind them annually and notify them when any significant changes are made to the monitoring practices3.

The monitoring notifications should include: the means that will be used for monitoring; the information that will be gathered; the frequency that the information collection will take place; and the intended purpose of the collected information. While the change looks small from what has been the case, the act strikes a balance between the employers' right to monitor employees and the protection of employees' privacy rights4.

If the act was to be passed, employers would be prevented from unwarranted forms of monitoring since such forms would require notification, this would protect employees interest. On the other hand, giving notice would also be of advantage to employers, since such notices would deter workers from misusing employer-supplied internet access and emails5. Other bills such as the proposed "Privacy for Consumers and Workers Act of 1991" that never went through, would have helped with employee privacy protection.

According to experts, the bill could have severely restricted and/or prohibited employers from electronically monitoring their employees4. The bill had also proposed hefty fines for non-compliance. The bill, as.