Employees Right to Privacy vs the Employers right to Monitor Electronic Communication in the Workplace: The European approach vs The United States approach
This article does not constitute legal advice and is for informational purposes only.
jhmarlin.com / Jennifer Harding-Marlin / Canadian & St.Kitts & Nevis Attorney/ JH Marlin Law / Citizenship by Investment & residency by investment specialists
- INTRODUCTION
The increased use of technology in the workplace raises privacy issues for employers and employees.[1] Technology has enabled employees to use emails and text messages to facilitate communication and save both time and costs for businesses. [2]As a result of the use of electronic communications at work, employers have increased access to employee data and have legitimate business reasons for monitoring employees’ workplace communications.[3] Employers may wish to monitor employees to “maintain a professional work environment; increase employee productivity; and control and limit the dissemination of trade secrets or other proprietary and confidential information.”[4]However, electronic monitoring in the workplace may cause stress and anxiety for employees and be counterproductive.[5]Tensions exist between employees’ rights to privacy, and the employer’s desire to monitor employees electronic communications.[6] Differences exist between the European Union (EU) and the United States (US) when it comes to privacy issues in the workplace.[7] This essay will compare and contrast the policy and legal frameworks of data privacy and employees’ right to privacy versus the employers’ right to monitor electronic communication in the workplace in the EU compared to the US. It will be argued that in the US, employers have more surveillance powers, and employees in the US have a limited reasonable expectation of privacy at work compared to the EU, where there is greater protection of employee privacy rights. Throughout all parts of this essay, case law, scholarly articles, and legislation will provide support for the findings and arguments. It is proposed that to help balance employee-employer privacy tensions in the workplace, the best approach is to apply proportionality and reasonableness principles, with no employer surveillance of employees being too intrusive.[8]It is proposed that it must be made clear to employees the level of privacy expectations and the degree of employer surveillance that will occur.[9]
- EUROPEAN ANALYSIS
In the European context, the privacy rights of employees in the workplace are mainly defined by the decisions of the European Court of Human Rights (ECHR) and the General Data Protection Regulations (GDPR) principles.[10] This section will explore the leading decisions of the ECHR to demonstrate that the EU provides strong protections of employee privacy rights.
In Europe, there is “no uniform body of European law” that deals with employee-employer privacy issues.[11] Several cases demonstrate how the EU provides strong protection for employee privacy rights.[12] Employee privacy cases brought before the ECHR often deal with employees’ alleged violation of the right to privacy in the workplace under Article 8 of the European Convention on Human Rights (Convention).[13] Article 8 (art. 8) of the Convention, reads as follows:
“1. Everyone has the right to respect for his private and family life, his home and his correspondence.
2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.”[14]
The case law examined in this paper will show how the ECHR has provided a broad interpretation of art 8. However, it is essential to note that it’s scope is not without limits.[15]
In addition to the Convention, another critical piece of legislation that shows strong protection of European employee privacy rights is the Charter of Fundamental Rights of the European Union 2000 that expressly provides for privacy rights under Articles 7 and Article 8.[16]
The case Niemetz v Germany reinforces EU privacy protection in the workplace.[17] This case concerned the search of a law office.[18] Mr.Niemietz alleged that the search of his law office was a violation of Article 8 of the Convention as he was entitled to the right to privacy at his place of work.[19] The ECHR held that the search of his law offices was an unjustified interference with his private life and that the right to privacy can extend to the workplace.
One earlier European case interpreting art 8 of the Convention in the employment context is Halford v the United Kingdom. This case concerned an employee’s right to privacy in the workplace.[20] The ECHR used a “reasonable expectation of privacy” in interpreting Article 8 of the Convention.[21] Ms. Halford filed a sexual discrimination case, and as a result, her phones were then monitored without any warning.[22] Ms. Halford made phone calls from her office using her employer’s telephone. The Court concluded that she had a reasonable expectation of privacy’ and that there was a violation of her right to privacy.[23]
In Copland v United Kingdom, the ECHR held that a violation of the employees’ right to privacy under Article 8 of the Convention occurred.[24] In Copland, the applicant worked at a college, and her telephone, emails, and internet use were monitored by her employer without her knowledge.[25] As the applicant was given no warning that she would be subject to monitoring, she had a reasonable expectation of privacy. The collection and storage of her personal information by her employer interfered with her right to privacy.[26]
One of the most recent ECHR decisions demonstrating strong EU privacy rights of employees is Bărbulescu v Romania. In this case, the ECHR found that the employer had violated Mr.Bărbulescu’s privacy rights in an employment relationship whereby Mr.Bărbulescu was dismissed for ‘using the internet for personal purposes’.[27] In this case, all employees of the private company were notified that they could be ‘dismissed for using the internet for personal purposes’.[28] Mr.Bărbulescu, during his employment, opened a Yahoo messenger account at the request of his employer to respond to client enquiries.[29] Mr.Bărbulescu was later dismissed after his employer determined that he had used the internet (the Yahoo account) for personal purposes in breach of the company’s internal policies.[30] Mr.Bărbulescu challenged the termination before the Courts for the employer’s access to electronic communications in breach of the Criminal Code and Constitution.[31] The Court found that there was a violation of Article 8 of the Convention and that previous Court decisions failed to properly ‘strike a balance’ between the employee’s right to private life and the employer’s right to monitor employees in the workplace.[32] The Court emphasized the need for employee monitoring to be proportionate and identified factors to consider when striking a balance between the right to privacy and the ability to allow employers to monitor their employees.[33] Many academic commentators highlight this case as a victory for employee privacy rights citing that this case establishes that Article 8 can be applicable even if ‘there is no reasonable expectation of privacy’ in the workplace context.[34]
Another art 8 employee privacy case is Antic and Mirkovic c Montenegro. This case concerned the invasion of privacy of two professors who were surveilled by video cameras when teaching.[35] The national Courts initially held that because the video cameras were installed in public areas, the right to privacy was a non-issue.[36] However, the ECHR held that the use of camera surveillance was an interference of their right to privacy under Article 8 of the Convention.[37] This case is another example of the ECHR deciding in favour of employees right to privacy in the workplace context.
Libert v France is another European case that dealt with privacy issues at work.[38] The applicant employee was a French national who had worked at a national railway company and was subsequently suspended for making false accusations against another employee.[39] There were proceedings for the false allegations that were discontinued, and the suspended employee wished to return to his original work position.[40]Upon returning to work, the employee discovered that his work computer had been confiscated.[41] His employer informed him that the hard disks were discovered on his computer that contained pornographic content and that he would be dismissed.[42] The employee alleged that his employer had violated his right to privacy of his private life by accessing his personal computer files while he was absent.[43] The employees claim was dismissed and the Court found that it was reasonable for the employer to consult the files on the work computer.[44] The personal files were not clearly identified as private and the employer had an interest in ensuring employees were using computers appropriately in accordance with their contractual obligations.[45]
One recent decision of the Grand Chamber of the ECHR is López Ribalda and Others v. Spain.[46] By following the proportionality test of article 8 of the Convention, it was held that the use of hidden surveillance cameras was justified to reveal employee theft.[47] The employer had installed a combination of visible and hidden cameras in his supermarket after discovering inconsistencies between sales figures and stock supply.[48] Employees were notified of the visible cameras, and a sign was put up indicating video surveillance.[49] In assessing proportionality and employee notification, the Court noted “that the provision of information to the individual being monitored and its extent constitute just one of the criteria to be taken into account in order to assess the proportionality of a measure of this kind in a given case.”[50]This recent case in favour of the employer suggests that art 8 does have limitations. However, it is important to note the three dissenting judges opinion, “with the growing influence that technology has on our society, we cannot afford to let individuals take justice into their own hands and allow the right to a private life under Article 8 of the Convention to remain insufficiently protected when faced with such new challenges.”[51] While this recent case is in favour of the employer, there are many other EU cases that have upheld employees rights to privacy in the workplace.
The European Regulation (EU) 2016/679 General Data Protection Regulations (GDPR) has been in force since 2018 and has strengthened individual rights to privacy and increased the obligations placed on employers.[52] GDPR Data protection principles include ‘transparency, proportionality, legitimacy, purpose limitation, and integrity, and confidentiality’.[53] The GDPR applies to the processing of individual European Citizen’s personal data through partly or wholly automated or non-automated means and requires the data subject’s consent.[54] Article 88 more specifically applies to employers who collect data within the employment context.[55] Employers must ensure that they ‘safeguard employees human dignity and fundamental rights while ensuring the transparency of data processing’.[56] There are fines and penalties for non-compliance.[57] The implementation of the GDPR demonstrates a strong data and regulatory privacy regime in Europe.
3. UNITED STATES ANALYSIS
In the United States context, the privacy rights of employees in the workplace are mainly defined by US case law. This section will explore the leading US case law decisions to demonstrate that the US provides weak protections of employee privacy rights.
The Constitution, common law and statutes are the main sources of privacy protection in the United States.[58] When compared to other countries, the US government intervenes in ‘limited areas’ when it comes to privacy law in the workplace.[59]
In the United States, the general right to privacy is derived from the Fourth Amendment of the US Constitution, which provides for “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.”[60] Despite no explicit right to privacy in the Federal Constitution, many states have enacted the right to privacy in either their State Constitutions or statutes.[61] For example, the right to privacy is embedded in the State of California’s Constitution.[62]Massachusetts and Connecticut have statutes providing rights to privacy amongst only a few other states that have similar laws.[63]
In the United States, Katz vs the United States decision extended the scope of the Fourth Amendment protections to include the surveillance of electronic communication.[64] The case established a two-pronged test for a person’s “reasonable expectation of privacy” that consists of two steps “first that a person has exhibited an actual (subjective) expectation of privacy and, second, that the expectation is one that society is prepared to recognize as “reasonable.””[65] In a subsequent Supreme Court decision, in O’Connor v Ortega, it was determined that the Fourth Amendment applies to public employees only.[66]
Hill v National Collegiate Athletic Association [67] is a California court decision that shows how there are weak protections of employee privacy rights.[68] The Court reversed the decision of the lower courts that had previously allowed a permanent injunction against the defendant, an athletic association.[69] The defendant had implemented a drug-testing program to further the interest of maintaining integrity and fairness in its college athletics programs.[70] The plaintiffs who were college athletes alleged that the drug testing violated the California Constitution, which provided a constitutional right to privacy.[71] The court held that there was no violation of the plaintiffs’ privacy rights.[72] The defendants had banned the use of drugs by college athletes, and through advance notice of drug testing procedures, athletes had a diminished expectation of privacy.[73]
Shoars v Epson Inc and Flanagan v Epson Inc are two similar cases dealing with employees’ limited right to privacy.[74] Shoars was an employee who discovered that her supervisor had read all her emails; she believed that her emails were confidential and would not be read by her supervisor.[75]After this discovery, she requested a private email that her supervisor would not have access to the email.[76] Her supervisor found out about her request and dismissed her for insubordination. Shoars claimed a violation of the California Penal Code (a law similar to the Electronic Communications Privacy Act (ECPA)) for wiretap invasion of her privacy.[77] The Court concluded that there was ‘no clear expectation of privacy’ and that without an expectation of privacy, there was no invasion of privacy.[78] Despite the broad language of the California Penal Code Section 631 that was invoked, it did not apply to emails.[79] The Flanagan case was based on the same set of facts, and employees brought a class action against their supervisor for intercepting and reading their emails.[80] The Court reached the same decision as Shoars and dismissed their class action.[81] The Flanagan case demonstrated the Court’s refusal to extend the right to privacy to cover employees’ emails.[82]
Weak employee privacy protections were demonstrated in Bohach v City of Reno. In this case, two officers of a Police Department exchanged messages over the department’s message system.[83]An internal investigation was launched based on the content exchanged between the two police officers.[84] The two officers alleged that the storage of their messages and retrieval from the department’s computer system violated their constitutional right to privacy and violated the federal wiretapping statutes.[85] It was determined that they had a subjective expectation of privacy, but it was essential to decide if their privacy expectation was objectively reasonable.[86] The Court concluded that the access and retrieval of the messages did not violate the officers’ right to privacy. The Police Department provided the electronic communication service and, therefore, could access the employee communications. This case suggested a service provider exception.[87]
Thygeson v US Bancorp is another US privacy decision that was held in favour of the employer. In Thygeson vs US Bancorp, the plaintiff employee was fired for the personal use of the internet while at work. [88] The employee alleged an invasion of privacy. However, the Court held that there was no invasion of privacy because there was a policy that prohibited the use of work computers for personal use.[89] The invasion of privacy was reasonable even if the employee had indicated that the content was personal.[90]
Another recent decision implicating employee privacy rights is the US Supreme Court case Nasa v Nelson.[91] In this case, employees alleged that their privacy rights had been violated when NASA as the employer conducted intrusive background checks.[92] The Court held that the government did not violate the employees’ right to privacy, and the government was not prevented from conducting extensive background checks.[93] Justice Scalia in his reasoning indicated that “a federal constitutional right to “informational privacy” does not exist.”[94]
A more recent decision demonstrating how employees have limited privacy protection in the US is the case City of Ontario v Quon.[95]established underlying principles for the employer’s ability to monitor employee communications with a “standard of reasonableness under all circumstances” to be applied.[96] In Quon, the police department had issued pagers to its employees to assist with emergency responses. The police department had notified employees that they should not expect for their emails to be private.[97] While the employer policy did not explicitly include text messages, it was shown that employees were informed that text messages were considered in the same way as emails.[98]The Court held that despite any expectation of privacy, the search of the employer pager was reasonable.[99] This case demonstrates how employees in the US have weak privacy protection.
The use of the internet raises liability concerns for employers.[100]An employer can be subject to liability under tort, contract, or copyright violations for an employees’ use of the internet.[101] Burlington Industries, Inc. v Ellerth[102] and Faragher v City of Boca Raton [103] are two US Supreme court decisions where it was held that an employer could be vicariously liable to an employee who has been a victim to a hostile work environment.[104] Given that employers in the US may be exposed to liability there is an increased desire in the US for employers to monitor their employees use of electronic communications.[105]
In common law torts, to establish an invasion of privacy, two aspects must be met: firstly, that there was a “reasonable expectation of privacy” and the defendant intruded and secondly that the intrusion is deemed “highly offensive to a reasonable person.”[106] Invasion of privacy claims in the workplace often fails because an employee is often given notice that the employer is monitoring the employee.[107] Therefore, the employee has no reasonable expectation of privacy.[108]Not all instances where notification of employer monitoring is given will electronic surveillance be permitted.[109] Trujillo v City of Ontario[110] is a similar case to Doe by Doe v BPS [111] and Liberti v Walt Disney World Co [112] whereby persons were videotaped undressing at work and the court determined that there was a violation of the employees’ constitutional and common law rights to privacy.[113]
The Electronic Communications Privacy Act of 1986 (ECPA) updated the Federal Wiretap Act 1968 and applies the interception of wire, oral, and electronic communications. [114] The ECPA “is the only federal statute that offers workers protections in communications privacy” and “loopholes exist” whereby employees can be monitored. [115] There is a general prohibition on the interception, disclosure of wire, oral or electronic communications as per Title I of the ECPA 18 U.S.C 2501–21. There is also a restriction on accessing stored communications as per Title II of the ECPA (the Stored Communications Act) 18 U.S.C 2701–11. However, exceptions can exist for operators and service providers “in the normal course of his employment while engaged in any activity which is a necessary incident to the rendition of his service.”[116]
In the US, it appears that there is starting to be a shift towards individual rights. The recently enacted California Consumer Privacy Act (CCPA) that will be taking effect soon does not deal directly with employee data but does appear to give individuals substantial rights to control the collection of their personal information similar to the GDPR. [117] Both the States of Washington and New York have debated heightened privacy laws[118], which demonstrate steps towards protecting individual rights, and perhaps eventually, employee interests. Despite a possible shift in the US towards heightened privacy laws, US employers continue to have broad surveillance powers, and employees have weak privacy protections with little reasonable expectation of privacy at work.
4. COMPARISONS AND DIFFERENCES BETWEEN THE US AND EU ON PRIVACY RIGHTS IN THE WORKPLACE
Fundamental differences exist between the US and EU privacy regimes.[119] In Europe, employees have a reasonable expectation of privacy, whereas in the United States, this is not the case, and employees do not have a reasonable expectation of privacy.[120] In the United States, only when a reasonable expectation of privacy exists can privacy be legally protected.[121] Employers in the US can eliminate employees’ expectations of privacy by providing notices or warnings of employee monitoring, and only in a few limited circumstances is the notice insufficient.[122]The US Courts have often provided a broad interpretation of employer notices.[123] US Courts have often held in favour of the employer when the employer is pursuing monitoring that is in the employers ‘legitimate business interests’.[124]
As demonstrated in the cases, EU employers unlike US employers, cannot rely on notices to defend their surveillance practices.[125] For example, in the European case Bărbulescu v Romania, the Court held that despite the employer warning employees that they would be dismissed for ‘personal use of the internet’, there was a violation of the employees’ privacy rights under Article 8 of the Convention.[126] The Court found that the lower Courts failed to properly ‘strike a balance’ between the employee’s right to private life and the employer’s right to monitor employees in the workplace.[127]Additionally, in the EU provided employers monitoring employees’ use of email and telephone without notifying employees would likely violate Article 8 of the Convention. [128]
The EU has detailed data protection laws that can apply to the collection and processing of individual data.[129] In the EU, employees can withdraw their consent of employer monitoring programs[130]and under EU law, email interception is illegal.[131]In comparison, in the US, there are almost no limits to the collection and use of personal data.[132]
In Europe, employers are ‘not encouraged to use intrusive monitoring techniques’. [133] In contrast, in the United States, many intrusive employee monitoring techniques are used such as GPS tracking, keystroke logs, monitoring of internet and telephone amongst other surveillance methods. [135]
The EU provides greater protection of employee privacy rights when compared to the US, as demonstrated in the comparison of the EU case of Barbulescu v Romania [135] and other cases and the US City of Ontario v Quon [136] amongst other cases. The US provides more favourable decisions towards employer surveillance of employees compared to the EU. The EU can be seen as taking an approach where privacy is a human right,[137] whereas the US approach is different, and privacy is not a human right.[138] The case law analyzed shows that in the EU, employees are placed on a more equal footing with employers compared to the US.
The case law, scholarly articles, and legislation discussed in this essay have provided support for the findings that sharp contrasts in approach exist between employee-employer privacy rights in the US and EU.
5. CONCLUSION
In conclusion, monitoring employees and access to private employee information in the workplace is made easier through the introduction of new technologies in the workplace.[139] Company risks could potentially be mitigated through the use of employer surveillance. [140]Employers could measure employee productivity and in turn this could potentially increase company efficiency.[141]However, considerable debate exists as to what extent employees are entitled to privacy at work.[142] Key differences exist between EU and US privacy rights. The EU model and the US model for workplace privacy are different. In the US, employers have more surveillance powers, and employees have little reasonable expectation of privacy at work.[143] In contrast, the EU provides greater protection of employee privacy rights.
As a final note, to help diminish employee-employer workplace privacy tensions, it is proposed that it is essential to ensure that both employees and the employer clearly understand employer practices monitoring employees. It is proposed that employees’ expectations about privacy in the workplace should be made clear and that employer surveillance should not be too intrusive.[144] Any surveillance should follow outlined business objectives.[145]
[1] Ifeoma Ajunwa and Kate Crawford and Jason Schultz, “Limitless Worker Surveillance” (2017) 105 Calif L Rev 735
[2] Rebecca M Chory, Lori E Vela, Theodore A Avtgis, “Organizational Surveillance of Computer-Mediated Workplace Communication: Employee Privacy Concerns and Responses (2016) Employ Respons Rights J 28:23–43
3] Kathy Eivazi, “Computer use monitoring and privacy at work” (2011) Computer Law & Security Review 516–523
[4]Mary Ellen Callahan et al, “Reading Your Employees Text Messages May Get You Into Hot water” (2008) Privacy Tracker Vol 1(6) 208.
[5]Flanagan Julie A, “Restricting Electronic Monitoring in the Private Workplace” (1994) Duke Law Journal Vol 1256 at 1263
[6]Saby Ghoshray, ‘Employer Surveillance versus Employee Privacy: The New Reality of Social Media and Workplace Privacy’ (2013) 40 N Ky L Rev 593
[7] Lothar Determann & Robert Sprague, “Intrusive Monitoring: Employee Privacy Expectations are Reasonable in Europe, Destroyed in the United States” (2011) Berkeley Technology Law Review Vol 26
[8]Nicola Lugaresi, “Electronic privacy in the workplace: Transparency and Responsibility” (2010) International Review of Law, Computers & Technology Vol 24(2) 163–173
[9]Nicola Lugaresi, “Electronic privacy in the workplace: Transparency and Responsibility” (2010) International Review of Law, Computers & Technology Vol 24(2) 163–173
[10]Lothar Determann & Robert Sprague, “Intrusive Monitoring: Employee Privacy Expectations are Reasonable in Europe, Destroyed in the United States” (2011) Berkeley Technology Law Review Vol 26
[11]Lothar Determann & Robert Sprague, “Intrusive Monitoring: Employee Privacy Expectations are Reasonable in Europe, Destroyed in the United States” (2011) Berkeley Technology Law Review Vol 26
[12]Example: Bărbulescu v Romania (2017) ECHR 742 Strasbourg (5 September 2017) (no. 61496/08)
[13]Example: Bărbulescu v Romania (2017) ECHR 742 Strasbourg (5 September 2017) (no. 61496/08)
[14]Article 8 of the European Convention on Human Rights
[15] European Court of Human Rights, “Guide on Article 8 of the European Convention on Human Rights: Right to respect for private and family life, home and correspondence” (2019) Council of Europe
[16] Articles 7 & 8 Charter of Fundamental Rights of the European Union 2000
[17]Niemietz v. Federal Republic of Germany (1992). 251 Eur. Ct. H.R. (no. 13710/88)
[18]Niemietz v. Federal Republic of Germany (1992). 251 Eur. Ct. H.R. (no. 13710/88)
[19]Niemietz v. Federal Republic of Germany (1992). 251 Eur. Ct. H.R. (no. 13710/88)
[20]-[23]Halford v. United Kingdom, (1997) ECHR 32 (25 June 1997) (20605/92)
[24]-[26]Copland v The United Kingdom (2007) ECHR (3 April 2007) (62617/00)
[27]-[33] Bărbulescu v Romania (2017) ECHR 742 Strasbourg (5 September 2017) (no. 61496/08)
[34]Joe Atkinson, “Workplace Monitoring and the Right to Private Life at Work” (2018) The Modern Law Review 673–700
[35]-[37]ANTOVIĆ AND MIRKOVIĆ v. MONTENEGRO (2017) ECHR (28 November 2017) (no. 70838/13)
[38] -[45]Libert v France (2018) ECHR 072 (February 22 2018) (no.588/13)
[46]-[51] LÓPEZ RIBALDA AND OTHERS v. SPAIN (2019) ECHR (17 October 2019) (no 1874/13 and 8567/13)
[52] Eddie Keane (2018) The GDPR and Employee’s Privacy: Much Ado but Nothing New, King’s Law Journal, 29:3, 354–363, DOI: 10.1080/09615768.2018.1555065
[53](EU) 2016/679 General Data Protection Regulations (GDPR)
[54]Article 4(2) and 6 General Data Protection Regulations (GDPR)
[55] Article 88 General Data Protection Regulations (GDPR)
[56]Article 88 General Data Protection Regulations (GDPR)
[57]General Data Protection Regulations (GDPR)
[58] Lothar Determann & Robert Sprague, “Intrusive Monitoring: Employee Privacy Expectations are Reasonable in Europe, Destroyed in the United States” (2011) Berkeley Technology Law Review Vol 26
[59]Laura Evans, “Monitoring Technology in the American Workplace: Would Adopting English Privacy Standards Better Balance Employee Privacy and Productivity” (2007) 95 California Law Review 115
[60] United States Constitution, Fourth Amendment
[61] Laura Evans, “Monitoring Technology in the American Workplace: Would Adopting English Privacy Standards Better Balance Employee Privacy and Productivity” (2007) 95 California Law Review 115
[62]Laura Evans, “Monitoring Technology in the American Workplace: Would Adopting English Privacy Standards Better Balance Employee Privacy and Productivity” (2007) 95 California Law Review 115
[63]Laura Evans, “Monitoring Technology in the American Workplace: Would Adopting English Privacy Standards Better Balance Employee Privacy and Productivity” (2007) 95 California Law Review 115
[64]-[65] Katz v. United States, U. S. 362 (1967) (Harlan, J., concurring)
[66]O’Connor v Ortega, (1987) 480 US 709
[67]- [73] Hill v. National Collegiate Athletic Assn., (Ca. 1994) 865 P. 2d 633, 641–642
[74]-[82] Peter Schnaitman, “Building a Community Through Workplace E-Mail: The New Privacy Frontier” (1999) Michigan Telecommunications and Technology Review Vol 5 (Iss 1)
[83]-[86] Bohach v. City of Reno, 932 F. Supp. 1232 (D. Nev. 1996)
[87]Martha Otto, “The Right to Privacy in Employment: A Comparative Analysis” (2016) Hart Publishing
[88]Phil Thygeson v US Bancorp et al, (2005) US Dist Oregon CV 03 467 BR
[89]-[90]Phil Thygeson v US Bancorp et al, (2005) US Dist Oregon CV 03 467 BR
[91]-[94]NASA v Nelson, (2011) 562 US 134
[95]-[99]City of Ontario, California et al v Quon et al (2010) 560 US 746
[100] Marian K, Riedy & Joseph H Wen, “Electronic surveillance of internet access in the American workplace: implications for management” (2010) Information & Communications Technology Law 19:1
[101]Saby Ghoshray, ‘Employer Surveillance versus Employee Privacy: The New Reality of Social Media and Workplace Privacy’ (2013) 40 N Ky L Rev 593
[102]Burlington Indus., Inc, v Ellerth, 524 U.S. 742,
[103] Faragher v City of Boca Raton, 524 U.S. 775
[104]Lothar Determann & Robert Sprague, “Intrusive Monitoring: Employee Privacy Expectations are Reasonable in Europe, Destroyed in the United States” (2011) Berkeley Technology Law Review Vol 26
[105]-[109]Marian K, Riedy & Joseph H Wen, “Electronic surveillance of internet access in the American workplace: implications for management” (2010) Information & Communications Technology Law 19:1
[110]Trujillo v City of Ontario, (2006) 428 F Supp. 2d 1094
[111]Doe by Doe v BPS Guard Services Inc., 945 F.2d 1442 (8th Cir 1991)
[112]Liberti v Walt Disney World Co., (M.D. Fla 1995) 912 D. Supp 1494
[113]Trujillo v City of Ontario, (2006) 428 F Supp. 2d 1094
[114] Electronic Communications Privacy Act of 1986 (ECPA), 18 U.S.C. §§ 2510–2523.https://it.ojp.gov/PrivacyLiberty/authorities/statutes/1285 [online accessed 23 December 2019]
[115]Electronic Privacy Information Centre, “Workplace Privacy” https://epic.org/privacy/workplace/ [online accessed 23 December 2019]
[116] Electronic Privacy Information Centre, “Workplace Privacy” https://epic.org/privacy/workplace/ [online accessed 23 December 2019]
[117] California Consumer Privacy Act (CCPA)
[118]Jeffrey D Neuburger, “Reflections on 2019 in Technology Law, and a Peek into 2020” (23 December 2019) online available: https://www.natlawreview.com/article/reflections-2019-technology-law-and-peek-2020 [accessed 23 December 2019]
[119]-[125] Lothar Determann & Robert Sprague, “Intrusive Monitoring: Employee Privacy Expectations are Reasonable in Europe, Destroyed in the United States” (2011) Berkeley Technology Law Review Vol 26
[126]-[127] Bărbulescu v Romania (2017) ECHR 742 Strasbourg (5 September 2017) (no. 61496/08)
[128] Halford v. the United Kingdom, (1997) ECHR 32 (25 June 1997) (20605/92)
[129]Eddie Keane (2018) The GDPR and Employee’s Privacy: Much Ado but Nothing New, King’s Law Journal, 29:3, 354–363, DOI: 10.1080/09615768.2018.1555065
[130] Colin J Bennett, “The European General Data Protection Regulation: An instrument for the globalization of privacy standards?” (2018) Information Polity 23 239–246
[131]Sylivia Mercado, “Reading Your Keystroke: Whose Mail is it?” (2005) Springer Vol 3592
[132]Laura Evans, “Monitoring Technology in the American Workplace: Would Adopting English Privacy Standards Better Balance Employee Privacy and Productivity” (2007) 95 California Law Review 115
[133]Laura Evans, “Monitoring Technology in the American Workplace: Would Adopting English Privacy Standards Better Balance Employee Privacy and Productivity” (2007) 95 California Law Review 115
[134]Janet Ford, Lorrie Willey, Barbaa Jo White, Theresa Domagalski, “New Concerns in Electronic Employee Monitoring: Have you Checked Your Policies Lately?” (2015) Journal of Legal, Ethical and Regulatory Issues Vol 18(1)
[135] Bărbulescu v Romania (2017) ECHR 742 Strasbourg (5 September 2017) (no. 61496/08)
[136]City of Ontario, California et al v Quon et al (2010) 560 US 746
[137] Monica Gheorghe, ‘Considerations on the Conditions under Which the Employer May Monitor Their Employees at the Workplace’ (2017) 7 Juridical Trib 62
[138] example; City of Ontario, California et al v Quon et al (2010) 560 US 746
[139]Park, Susan, “Employee Internet Privacy: A Proposed Act that Balances Legitimate Employer Rights and Employee Privacy” (2014) American Business Law Journal Vol 51(4) pp. 779–841
[140]Janet Ford, Lorrie Willey, Barbara Jo White, Theresa Domagalski, “New Concerns in Electronic Employee Monitoring: Have You Checked Your Policies Lately? (2015) Journal of Legal, Ethical and Regulatory Issues Vol 18(.1)
[141] Kathy Eivazi, “Computer use monitoring and privacy at work” (2011) Computer Law & Security Review 516–523
[142]Marian K. Riedy & Joseph H Wen, “Electronic surveillance of internet access in the American workplace: implications for management” (2010) Information & Communications Technology Law, 19:1 87–99
[143]D. Solve, M Rotenberg & P Schwartz, “Information Privacy Law” (2006) New York Aspen Publishers, 798–868
[144]-[145]Nicola Lugaresi, “Electronic privacy in the workplace: Transparency and Responsibility” (2010) International Review of Law, Computers & Technology Vol 24(2) 163–173
