ALERT
ALERT is a periodic training guide provided without cost to the law enforcement community. Previous online editions include:
The increasing simplicity of e-mail, voice mail, fax machines, text pagers and electronic bulletin boards invite employee abuse and can enlarge employer liability problems. Public employees have used internal and external systems to run sports pools, to write racist and sexist messages, to send or receive pornographic graphics, to sexually or racially harass or threaten other workers, and to unlawfully corrupt, alter or transfer confidential data bases. {N.1}
Aside from the technical difficulties of discovering and proving misconduct, there are other issues facing public employers, such as unlawful search and invasion of privacy.{N.2}
In general, a public employer is entitled to open any "file" or storage "area" provided for the use of its employees, whether physical or electronic, provided its employees are so informed. Notification of the employer's right to "open" and view or hear the contents of audio or visual messages or conversations can diminish or remove any "reasonable" expectation of privacy that an employee otherwise might enjoy. {N.3}
Although state and federal laws regulate "eavesdropping," courts have held that employers who furnish communications systems are exempt as telecommunications providers. {N.4}
Law enforcement employees are commonly informed that personally-provided padlocks, if placed on employer-assigned storage/clothing lockers, desks or file cabinets, can be removed by management without further notice. The same right to inspect should apply to the removal of personally installed passwords, pin numbers or encryption programs that restrict management access to employer-provided electronic storage systems.
In addition to the adoption of a multimedia communications policy, management may be able to prevent or minimize entity liability by implementing a training program for its employees. The instruction should include information on the use of computers and e-mail, and how e-mail file attachments, freeware and shareware programs can capture and re-transmit confidential data, or might alter, corrupt or destroy archived records. Even an e-mailed "survey," supposedly submitted by an apparent public interest group, might contain hidden codes; once downloaded, the system could crash or a "back door" might be opened for hackers. {N.5}
Each law enforcement agency should designate a computer-literate subordinate to supervise the use of electronic messaging. No agency is too small to be affected. In 1996, a department of less than ten sworn members recently paid $90,000 to three employees who were offended by O. J. Simpson jokes posted on a bulletin board; the offender in that case was the chief of police! {N.6}
The person so designated should:
It is essential that every public agency adopt a communications policy, and instruct employees on what it means. It is also appropriate to add a warning that violations will implicate disciplinary sanctions. The policy can be brief, but it should cover those areas which might cause disciplinary or liability problems. To assist readers, a Specimen Policy is attached to this article. Before adopting an agency policy, management should consult with the official legal advisor for the jurisdiction, particularly in light of the fact that state constitutions, statutes, judicial decisions and collective bargaining agreements might restrict management rights.
In many states, the adoption of such policies will be a mandatory subject of additional bargaining, as a change in the "terms and conditions of employment." Although the creation of a communications system is usually a managerial prerogative, the adoption of a communications policy may necessitate additional bargaining, because (a) the policy will subject members of the bargaining unit to discipline, and (b) management will have the right to monitor their messages and conversations. {N.9}
It also should be noted in jurisdictions that bargain, a union has the right to communicate with its members and prospective members. A management prohibition on the use of the e-mail system for union communications has been held a mandatory subject of bargaining. {N.10}
NOTES
1. A male federal employee was disciplined for storing obscene images in a government-owned computer and displaying them in the presence of a woman coworker who later complained: Morrison v. N.A.S.A., 1994 MSPB Lexis 1642. In Pennsylvania, a superior sent sexually explicit e-mails to a subordinate, seeking her amorous attentions; the employer was sued in Federal Court: Rudas v. Nat. Mut. Ins. Co., 1997 U.S. Dist. Lexis 169 (E.D.Pa.).
2. In California, a defense worker sued his private employer and the Secretary of the Navy after obscene graphic and textual matter was seized from his office by plant security and Naval Investigative personnel; the complaint for damages alleged unlawful search and invasion of privacy: Schowengerdt v. General Dynamics, et al, 823 F.2d 1328 (9th Cir. 1987).
3. Bohach v. City of Reno, 932 F. Supp. 1232 (D. Nev. 1996); Smyth v. The Pillsbury Co, 914 F. Supp. 97 (E.D.Pa. 1996).
4. Title 42, U.S. Code Sec. 2510(5)(a) allows the "provider" of a "wire or electronic communications service" to intercept and monitor employee communications made in the "ordinary course of its business." Other federal statutes include: Access Fraud Device, 18 U.S. Code 1029; Computer Fraud and Abuse, 18 U.S. Code 1030; No-Knock entries, 18 U.S. Code 3109; Privacy Protection, 42 U.S. Code 2000a; Stored Communications Access, 18 U.S. Code 2701; Telecommunications Decency Act of 1996, 47 U.S. Code 223; Wire and Electronic Communications Interception, 18 U.S. Code 2510. State statutes are reprinted in the Individual Employment Rights Manual, a looseleaf service of the Bureau of National Affairs, Inc. (available in major law libraries).
5. A Government Accounting Office study concluded there are as many as 250,000 attacks on Dept. of Defense computers every year, and that these are successful 65% of the time. For example, tactical intelligence data was sent to foreign internet sites from the Air Force's command and control center at its Rome Laboratory facility. Worse, as few as 1 in every 150 attacks may be detected. See Information Security: Computer Attacks at Dept. of Defense Pose Increasing Risks, GAO Report No. AIMD-96-84 (5/22/96), and is available on-line for downloading, at: {http://www.securitymanagement.com/.} A Michigan State University study found that employees posed a greater threat to computer security than outside hackers (same source).
6. Avedano et al v. City of Belvedere (Calif.), 1997 Fire & Police Personnel Rptr. 25, 7/6/77 San Fran. Examiner A12, 7/7/96 San Fran. Chronicle A2 (on-line editions).
7. One major source is the Electronic Privacy Information Center { http://epic.org}; see also, {http://www.cyberlaw.com} and {http://dir.yahoo.com/law/privacy/}.
8. Useful publications on disaster recovery, encryption, ethics, firewalls, systems security and viruses may be obtained from the National Computer Security Assn. {http://www.ncsa.com}.
9. Management policies involving searches and privacy infringements were ruled mandatory subjects of bargaining in Stockton Teachers v. Unif. School Dist., 1997 PERC (LRP) Lexis 3. In general, policies containing or implicating disciplinary sanctions and procedure are bargainable and arbitrable. Auburn Police Local 195, AFSCME v. Helsby, 46 N.Y.2d 1034, 389 N.E.2d 1106 (1979).
10. Sayre v. Univ. of Calif., 20 PERC (LRP) p27,052, 1996 PERC (LRP) Lexis 48.
Specimen Policy
Law Enforcement Communications Systems
I - In General:
Various "communications systems" may be utilized by, or provided
to our employees. They are for the mutual benefit of you and your employer.
They include both contemporaneous and pre-recorded communications; some
of these are:
Ordinarily, you should not access communications intended solely for
another employee or person unless requested to do so by the intended recipient,
or directed to do so by a management representative. Unless the other party
does not speak or read the language, all communications shall be in English,
and no encryption program(s) shall be used without management approval.
II - Some Prohibitions:
A. Inappropriate Use:
Except when incidental to an investigation, or as a part of an official
inquiry/response or report, communications systems must never be used:
4.
B. Secrecy:
Classified, confidential, sensitive, proprietary or private information
or data must be not disseminated to unauthorized persons or organizations.
III - Privacy Advisory:
You are warned that you do NOT have a reasonable expectation of privacy
when you use a computer or communications system that is employer- authorized
or is provided for the mutual benefit of you and your employer. Management
has the right to monitor your telephone conversations, to read your messages
and to inspect mail or documents sent to or by you, including the deciphering
of encrypted text and the removal or inspection of software installed by
you on employer-provided computers.
Management representatives also may access, without notice: data or text caches, pager memory banks, e-mail and voice-mail boxes or accounts, and other employer-provided electronic storage systems. Management does not need to obtain prior judicial approval and your continued employment waives any claims you might have for an infringement of your privacy.
Note: This sample policy was written by the AELE Law Enforcement Legal Center in Chicago, and may be adopted or reprinted, but not for profit, without further permission. Check with your legal advisors for any limitations on adoption in your jurisdiction. You can e-mail AELE at AELE@aol.com