Capturing data happens more often than you might think across our everyday lives, from a company monitoring its employees’ emails to security footage filming you in a retail shop. Whether you are an employer, employee, or store patron, here’s what you need to know before peeking into someone else’s inbox or recording in public spaces.
One of the many side effects from COVID-19 was that businesses found themselves relying on a decentralized workforce spread across the city, state, or even international lines. Those companies who lost the centralized office are now investing in employee monitoring software to manage employee productivity and performance, protect confidential business information, ensure system security, and limit liability for employee misconduct. Again, when stated in such a manner, the software sounds like a reasonable business tactic to play a critical role in certain kinds of risk mitigation. But these systems can also significantly increase a business’ legal risk if not used properly.
Employers should take comfort in a monitoring company email. Texas’ common law does not recognize any right of privacy in the contents of electronic mail systems and storage provided to employees by the employer as part of the employment relationship. Id. McLaren v. Microsoft Corp., No. 05-97-00824-CV, 1999 WL 339015, at *4 (Tex. App.—Dallas May 28, 1999, no pet.) (holding that email messages contained on a company computer or sent over a company email system are inherently company-owned and not personal property). Therefore, an employee has no reasonable expectation of privacy in the contents of materials sent or stored on a company computer system. It is not limited to the company computer itself and goes to the less discrete storage system for email, the server-based “inbox.” Id. Meaning, emails sent over a company’s email server or domain belong to the company, not the individual. Even if the employee sends a personal email over the employer’s server, the employer has the right to review it (as the employer owns the domain and associated addresses).
Outside of the employer-employee context, intercepting or disclosing emails that are not yours carries severe civil penalties. “A person whose wire, oral, or electronic communication is intercepted or disclosed has a civil cause of action against the interceptor or discloser.” Texas Civ. Prac. & Rem. Code § 123.002. “Such a person is entitled to recover $10,000 for each occurrence, actual damages in excess of $10,000, as well as punitive damages and attorney fees and costs.” Texas Civ. Prac. & Rem. Code § 123.004.
Federal law is similar. Section 2520 of the Federal Wiretap Act (the “FWA”) creates a civil remedy for “any person whose wire, oral, or electronic communication is intercepted, disclosed, or intentionally used in violation of this chapter[.]” 18 U.S.C. § 2520(a). A violation of the FWA occurs when a person intentionally intercepts a wire, oral, or electronic communication, or discloses or uses the contents of such communication if the person knows the information was obtained unlawfully. 18 U.S.C. § 2511(a)–(d). Any endeavor, directly or through another person, to engage in such activity, is likewise unlawful. Id.; see Steve Jackson Games, Inc. v. U.S. Secret Service, 36 F.3d 45, 461–62 (5th Cir. 1994) (emails are electronic communications for the purposes of the FWA).
Tape recording or filming your employees at work is less clear. Texas, like the majority of states in the U.S., is a “one-party” consent state. This means that one party to the conversation must consent in order for it to be recorded. In short, if you are a party to the conversation, you may record it without informing the other party. If you are not, then one party to the conversation must give you permission to record it. Without this consent, it is a crime to intercept or record any “wire, oral, or electronic communication.” Texas Penal Code § 16.02. In addition to criminal prosecution, and as mentioned above, violating wiretapping laws can expose you to a civil suit for damages. Texas Civ. Prac. & Rem. Code § 123.002. It can also expose you to the invasion of privacy claims.
Yet, any civil claim for invasion of privacy requires that the plaintiff plead and prove at least one of the following four torts:
(1) Intentional intrusion upon the plaintiff’s seclusion or solitude or into the plaintiff’s private affairs (which would be highly offensive to a reasonable person);
(2) Public disclosure of embarrassing private facts about the plaintiff;
(3) Publicity which places the plaintiff in a false light in the public eye; or
(4) Appropriation, for the defendant’s advantage, of the plaintiff’s name or likeness.
When assessing the offensive nature of the invasion in (1) above, courts require the intrusion to be unreasonable, unjustified, or unwarranted. This type of invasion of privacy is generally associated with either a physical invasion of a person’s property or eavesdropping on another’s conversation with the aid of wiretaps, microphones, or spying.
Bottom line, intercepting or disclosing emails that are not yours and recording others without consent when you are not a party to the discussion are illegal acts under several statutes and carry criminal and civil penalties. If you intend to record conversations of employees, co-workers, people located in more than one state, or wholesale filming of interactions in your workplace, consult an attorney.