Federal laws prohibit the interception of another’s electronic communications, but these same laws have multiple exceptions that generally allow employers to monitor employees’ email and internet use on employer-owned equipment or networks. As a result, under federal law, when private-sector employees use an organization’s telephone or computer system, monitoring their communications is broadly permissible, though there may be exceptions once the personal nature of a communication is determined. Also, under the National Labor Relations Act, employers cannot electronically spy on certain types of concerted activity by employees about the terms and conditions of employment.

Although monitoring is broadly permitted under federal law, some states require that employers provide notice of monitoring to employees. Even in states that do not require such notices, employers often choose to provide notice since employees who know they are being monitored are less likely to misuse organization systems. It is good practice for an employer to have employees sign a “consent” to monitoring and to inform them that personal calls may not be made from particular telephones.

Employers may also monitor what an employee posts publicly to social media. However, under many states’ laws, employers cannot request that an employee provide his or her username and password to a social-media account in order for the employer to see private content. In addition, some state laws prohibit employers from requiring that their employees accept a friend request that would permit the employer to view friends-only social media posts.

Finally, some states prohibit monitoring of telephone calls on an employer’s telephone network without the consent of one or both parties to the communication. If all parties are in California, there must be notification (such as through a beep) that the call is being recorded.

What to consider when crafting employee monitoring policies:

1. Does your organization publish an acceptable use policy?

2. Does the acceptable use policy explain what employees may and may not do over the Internet while at work?

3. Does the acceptable use policy explain the disciplinary consequences of violating the policy?

4. Do you have the ability to block or otherwise restrict access to Internet sites that are barred under the acceptable use policy?

5. Does your employee handbook make employees aware of monitoring?

6. Does the state in which the employee works require single or dual consent for monitoring telephone conversations, and have your employees consented?

7. If your organization monitors phone calls, do you have a policy to cease monitoring when a call is clearly personal in nature, and do you follow it?

8. Have you considered whether an employee might be able to argue that they have an expectation of privacy to their work emails or to their work phone calls?

9. Are you monitoring emails to or from password-protected personal accounts?

10. Are your employees using their own computer equipment to send emails or view the Internet?

The following provides snapshot information concerning employee monitoring.

[1] SpectorSoft, Is Employee Monitoring Legal?, In Context: The Official SpectorSoft Corporate Blog (February 10, 2014), http://www.spectorsoft.com/blog/20140210-is-employee-monitoring-legal.html.

[2] National Conference of State Legislatures, State Laws Related to Internet Privacy, (February 24, 2015), http://www.ncsl.org/research/telecommunications-and-information-technology/state-laws-related-to-internet-privacy.aspx; these states are: Connecticut (Conn. Gen. Stat. § 31-48d) and Delaware (Del. Code § 19-7-705).

[3] National Conference of State Legislatures, Access to Social Media Usernames and Passwords, (September 14, 2015), http://www.ncsl.org/research/telecommunications-and-information-technology/employer-access-to-social-media-passwords-2013.aspx.

[4] Aliah D. Wright, More States Ban Social Media Snooping, Society for Human Resource Management, (August 12, 2014), http://www.shrm.org/hrdisciplines/technology/articles/pages/social-media-snooping.aspx.