Legal Report May 2006
U.S. JUDICIAL DECISIONS
EMPLOYEE MONITORING. The New Jersey Superior Court has ruled that a company may be held liable if it fails to investigate suspicions that an employee may be accessing child pornography from a company computer. In these cases, the employer has a duty to investigate these activities and then take action to stop them.
XYZ Corporation employed 250 workers in Somerset County, New Jersey. (The names of those directly involved in the case have been changed to protect the identity of the victim.) One of the employees, John, worked for the company as an accountant. He worked in a cubicle, which was located along a wall in a line of cubicles. The cubicles had no doors and opened onto a hallway.
In late 1998, the company’s IT manager, George Griesler, conducted a standard computer log review and noted that John had been visiting pornographic Web sites. Griesler told John to stop visiting the sites but did not tell John’s supervisor, Keith Russinoff, about the incidents.
In early 2000, Russinoff also began to suspect that John was visiting pornographic sites. The supervisor asked Griesler to track John’s Internet use. Griesler conducted a two-day investigation and found that John visited several pornographic sites, repeatedly, each day.
Griesler reported the results of the investigation to Russinoff and Jessica Carroll, the director of IT. Rather than discipline John, Carroll reprimanded Griesler for accessing John’s computer logs. Carroll noted that senior executives had decided to prohibit the monitoring or reporting of the Internet activities of employees. Those violating this rule could be disciplined
or even fired.
In December 2000, John’s coworker, Mary Carlson, complained to her supervisor, Jill Ray, that John was acting strangely. Carlson reported that John was shielding his computer screen and minimizing the items on the screen when people walked by. Ray reported John’s actions to the department’s director, Suzanne Colon, but nothing was done.
In late March 2001, Carlson went to Russinoff to report that she saw John looking at pornography on his computer. While John was at lunch, Russinoff went to John’s computer and clicked on “Web sites visited.” Russinoff printed the list and reviewed it with Colon. The list contained numerous sites that sounded pornographic and a few that sounded as if they could contain child pornography. They did not view any of the sites to confirm these suspicions. The two decided that Russinoff should confront John.
Russinoff told John to stop visiting pornographic sites at work. John said that he would. On March 7, 2001, Russinoff sent an e-mail to Colon outlining the conversation with John.
However, in early June 2001, Russinoff saw that John was slipping back into his old habits. Russinoff did not tell anyone before leaving on a business trip.
John had been taking nude photos of his 10-year-old stepdaughter Jill for five months. He transmitted three of these photos over the Internet from his workplace computer to a child pornography site. He also threw some photos of Jill in the trash at work. Someone saw the photos and called police.
The police searched John’s work computer on June 19. They found more than 1,000 pornographic images stored on his computer, e-mails to pornographic Web sites, and e-mail discussions with others about child pornography. On June 21, the police arrested John for possession and transfer of child pornography.
Jill’s mother, named as Jane Doe, sued XYZ for negligence, claiming that it knew or should have known that John was using his computer to view and download child pornography. The lawsuit also alleged that XYZ had a duty to report John’s activities to the police. According to Doe, this negligence led to the continued exploitation of her daughter.
XYZ filed a motion for summary judgment—a hearing based on the facts of a case, without a trial. The trial court granted it, ruling that there was no evidence the company knew that John’s conduct was dangerous to others. Further, according to the judge, the company had no duty to investigate the private communications of its employees.
Because most of the exploitation of Jill occurred in the home, the judge concluded, more rapid action on the party of XYZ would not have protected the child.
On appeal, the New Jersey Superior Court disagreed with the lower court, finding that XYZ could be held liable. The court determined that XYZ could have implemented software to monitor employee activity on the Internet. It also found that the company could conduct investigations into computer use.
The company had a written policy stating that the employee had no right to privacy in e-mail communications or Web searches at work and that those who used the system for “improper purposes” could be disciplined or discharged. All employees were supposed to read and sign the policy. There is no record of John signing the policy but, according to the court, there is no suggestion that he was unaware of the policy.
And though Griesler was told not to monitor John’s activities, that order was based on a misinterpretation of company policy, the court found. Senior executives had deemed that “no employee should monitor any other employee’s computer use just for the sake of monitoring.” Given the facts presented, noted the court, it was clear that the monitoring of John’s activities was based on a suspicion of wrongdoing, not just for the sake of monitoring.
In addressing the defendant’s claim that stopping John’s activities at work would not have protected Jill, the court disagreed. “The record and reasonable inferences therefrom support the conclusion that defendant had knowledge that employee was engaging in activities that posed the threat of harm to others, although not necessarily Jill. We see no unfairness in the imposition of a duty on defendant in these circumstances.” (Doe v. XYZ Corporation, Superior Court of New Jersey, No. A-2909-04T2, 2005)
CARGO SECURITY. The Coast Guard has issued an interim rule defining new items as dangerous cargo that requires the vessel owner to transmit notice of arrival before it docks.
The new substances added to the definition are ammonium nitrate, in bulk; ammonium-nitrate-based fertilizers, in bulk; and propylene oxide, alone or mixed with ethylene oxide, in bulk. These substances can be used in the making of explosives.
The required notice of arrival includes information about the vessel, cargo, crew, and any other person on board. The Coast Guard then reviews this information to screen the vessel for safety and security purposes.
U.S. CONGRESSIONAL LEGISLATION
PATRIOT ACT. The Patriot Act reauthorization bill was signed into law (P.L. 109-177) by President Bush one day before 16 key provisions were set to expire. The new law makes permanent 14 of the 16 provisions of the original Patriot Act, which was passed by Congress several months after the 9-11 terrorist attacks. The act makes permanent the power of the FBI to issue National Security Letters (NSLs) to financial institutions, car dealerships, jewelers, hotels, casinos, and real estate agencies. These letters require businesses to turn over information about their customers. Businesses must agree to nondisclosure orders that forbid business owners from telling customers that their information has been given to the FBI. These letters do not require the approval of the courts, and the FBI need not prove that there are any specific facts that connect the records being sought with a suspected foreign terrorist.
The law also makes the “sneak and peek” provision permanent. This provision allows federal law enforcement officials to search homes or businesses without revealing this fact to the property owner or inhabitants. Under the measure, law enforcement must either reveal the search warrant or apply for an extension within 30 days. However, law enforcement need only request such an extension—there are no requirements set out to obtain an extension nor is there any limit to how many extensions may be given in relation to a secret warrant. Also, the warrants can be issued for any type of crime; they are not limited to terrorism cases.
Another measure made permanent is the forfeiture of an organization’s assets if it is deemed to be engaged in or supporting domestic terrorism. The definition of domestic terrorism in the bill is any activity that violates state or federal criminal law—even if that crime has not yet been proven in court—or involves acts dangerous to human life or intended to subvert government policy or harm civilians by intimidation or coercion. Assets may be seized without notifying the organization in question, without a criminal conviction, and without a hearing.
Two of the most controversial provisions have been extended for four more years, after which they must be renewed by Congress or they will expire. The first of these is roving wiretaps. Unlike conventional wiretaps, which are attached to a certain phone, roving wiretaps are connected to a person and allow wiretaps of any phone that the target might use. Such wiretaps are currently available in criminal investigations provided that law enforcement can identify that the person under surveillance is using the phone at the time it is tapped. The Patriot Act extended the power to allow roving wiretaps without identifying the target or ascertaining that the target is using the telephone.
The second measure that was extended for four years is known as the library records provision. However, it applies to any “tangible thing” including medical, tax, gun, and education records. The government may seize such information without first proving that the documents have any connection to terrorism. The person whose information has been gathered may file a challenge to the order in the FISA Court—so called because it was established under the Foreign Intelligence Surveillance Act. However the FISA Court records are sealed to the public.
Three new items demanded in the name of civil liberties were added to the new law. The original Patriot Act prohibited recipients of government-issued subpoenas from telling anyone that they had been subpoenaed. Under the new law, individuals and organizations may challenge this gag order in court.
Another issue relates to NSLs issued by the government to obtain records. The original Patriot Act required that those issued the letters provide the government with the names of any attorney consulted about the matter. The new law eliminates this requirement.
The controversial provision allowing the government to obtain an individual’s library records was altered in the new law. The new law does not allow the government to obtain records from libraries that provide information “in a traditional capacity,” including providing basic Internet access. However, libraries that serve as an ISP could still be subject to record seizures.
A series of new provisions have also been added to the law. For example, one provision increases penalties for fraudulent access to seaports and waterfronts as well as for destruction of vessels or maritime facilities. Penalties are also increased for stowaways, smugglers, and those who attempt to bribe public officials to influence the conduct of port security.
The law also contains a new section devoted to fighting methamphetamine production. It restricts the sale of chemicals that are used to make the drug, such as over-the-counter cold medicines. The measure will also regulate the import and export of such drugs.
IDENTITY THEFT. A bill (H.R. 4244) introduced by Rep. Darlene Hooley (D-OR) would establish grants for regional task forces designed to investigate and prosecute identity theft and other economic crimes. The task forces would comprise federal, state, and local law enforcement agencies.
Under the bill the Attorney General would be charged with selecting grant recipients based on the population of the region and the rate of economic crime. After three years, the Attorney General would have to evaluate the task forces and make a report to Congress on the value of the program. Also, the Attorney General would have to develop a standard form to be used by local law enforcement agencies to report an economic crime.
The bill has no cosponsors and has been referred to the House of Representatives Judiciary Committee.
BORDER SECURITY. A bill (H.R. 4238) introduced by Rep. Michael McCaul (RTX) would build on the President’s border security initiative by requiring aliens to post bond to be released from mandatory detention centers and by using more federal facilities as detention centers.
The bill would require that all illegal aliens apprehended at a U.S. port or land border be detained. The alien could only be released if he or she were not a security risk and could provide a $500 bond.
Under the bill, the Department of Homeland Security would be required to use all available detention facilities and would also be required to conduct an analysis of options to increase detention capacity. The ensuing report would address the use of state and local corrections facilities, temporary facilities, and private buildings.
The bill has 43 cosponsors and has been referred to the House Judiciary Committee.
FIREARMS. A bill (H.B. 129) introduced by Florida lawmakers would make it a felony to prohibit employees from leaving guns in their cars while parked in company parking lots.
DISCRIMINATION. A new law (formerly H.B. 2661) prohibits discrimination based on sexual orientation. Under the new law, an employer may not refuse to hire someone or make any hiring inquiry into a person’s sexual orientation. A company also may not discharge someone or discriminate in compensation based on sexual orientation. The new designation allows employees who feel they have been discriminated against to sue their employers for back pay, reinstatement, and emotional distress.
This column should not be construed as legal or legislative advice.