The e-workplace: Balancing Privacy and Information Security to Manage Risks. Overview. Employee Monitoring



Similar documents
What Happens When Litigation Starts? How Do You Get People Not To Generate the Bad Documents?

COMPUTER FRAUD AND ABUSE ACT. US Code as of: 01/05/99 Title 18 Sec Fraud and related activity in connection with computers

Ten Tips for Responding to Litigation Hold Letters

Please see Section IX. for Additional Information:

Reflections on Ethical Issues In the Tripartite Relationship

COURSE DESCRIPTION AND SYLLABUS LITIGATING IN THE DIGITAL AGE: ELECTRONIC CASE MANAGEMENT ( ) Fall 2014

Social Media In the Workplace

INDEPENDENT CONTRACTOR AGREEMENT

E-Discovery Guidance for Federal Government Professionals Summer 2014

EMPLOYEE PRIVACY IN THE AGE OF WORKPLACE MONITORING

Electronic Discovery and the New Amendments to the Federal Rules of Civil Procedure: A Guide For In-House Counsel and Attorneys

Records and Information Management and Retention

Managing Social Media Employment Issues

HOT TOPICS IN EMPLOYMENT LAW. , Voic , and Employees Right To Privacy: Monitoring Employees Electronic Communications. by Andrew M.

The Lawyer as Gatekeeper The Backdrop

California s New Worker Protections Against Retaliation OCTOBER 2013

Business Or Pleasure: The Challenges Of Bring Your Own Device Policies In The Workplace

Electronic Discovery How can I be prepared? September 2010

IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF PENNSYLVANIA MEMORANDUM. Ludwig. J. July 9, 2010

What to Do When Your Witness Testimony Doesn t Match His or Her Declaration

FORM INTERROGATORIES EMPLOYMENT LAW

DISCOVERY OF ELECTRONICALLY-STORED INFORMATION IN STATE COURT: WHAT TO DO WHEN YOUR COURT S RULES DON T HELP

ELECTRONIC DISCOVERY. Dawn M. Curry

Employee Handbooks/ Document Retention Investigations

Case 3:14-cv AC Document 10 Filed 03/26/14 Page 1 of 14 Page ID#: 43

THE INCREASING RISK OF SANCTIONS FOR ORDINARY NEGLIGENCE IN E-DISCOVERY COMPLIANCE

Labor and Employment 2015 Conference

Case 2:07-cv SFC-MKM Document 132 Filed 05/27/2008 Page 1 of 7 UNITED STATES DISTRICT COURT EASTERN DISTRICT OF MICHIGAN SOUTHERN DIVISION

I. Issues Surrounding /Computer Monitoring and Searches of an Employee's Property

Power-Up Your Privilege Review: Protecting Privileged Materials in Ediscovery

Employee Relations. Howard S. Lavin and Elizabeth E. DiMichele

Cybercrime: A Sketch of 18 U.S.C and Related Federal Criminal Laws

Electronic Communications: , Voic , Telephones, Internet and Computers

Electronic Discovery: Litigation Holds, Data Preservation and Production

What s New in the World of ediscovery Case Law?

The need for companies to have a predetermined plan in place in the

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF COLUMBIA ) ) ) ) ) ) ) ) ) ) ) ) ) ) CONSENT JUDGMENT

Employment - Federal Employers Liability Act. EMPLOYMENT FEDERAL RAILWAY SAFETY ACT. LEGAL OVERVIEW (GENERAL)

Electronic Discovery

IN THE UNITED STATES DISTRICT COURT FOR THE MIDDLE DISTRICT OF NORTH CAROLINA

Moreover, sexual harassment is a violation of federal, state and county fair employment laws.

Subtitle B Increasing Regulatory Enforcement and Remedies

(Previously published in The Legal Intelligencer, November 8, 2011) New Cost Guidelines for E-Discovery by Peter Vaira

TITLE I FORMER VICE PRESIDENT PROTECTION ACT

VICTOR VALLEY COMMUNITY COLLEGE DISTRICT ADMINISTRATIVE PROCEDURE. Computer Use - Computer and Electronic Communication Systems.

Best Practices in Electronic Record Retention

UNITED STATES DISTRICT COURT WESTERN DISTRICT OF NORTH CAROLINA CHARLOTTE DIVISION

In-House Solutions to the E-Discovery Conundrum

ETHICAL ISSUES IN EMPLOYMENT LAW. Judith E. Harris. whether to provide representation and/or indemnification for individual employees;

WHAT IS IT, HOW TO DEAL WITH IT, AND WHERE IS IT GOING?

Inquiry Concerning A Florida Lawyer

ASSEMBLY BILL No. 597

E-DISCOVERY & PRESERVATION OF ELECTRONIC EVIDENCE. Ana Maria Martinez April 14, 2011

E-Discovery Best Practices

Legislative Language

Deficit Reduction Act Employee Information Requirements

E-Discovery in Practice: A Roadmap for Financial Institutions

ARCH CANOPY POLICY FOR NONPROFIT ORGANIZATIONS SM APPLICATION

EmploymEnt law.

Commodity Futures Trading Commission Commodity Whistleblower Incentives and Protection

D.C. Code Ann. Prohibits employment discrimination on the basis of tobacco use except where

General Items Of Thought

State FCRA Rulings. Abide by the Federal Trade Commission s Fair Credit Reporting Act (FCRA), 15 U. S. C et seq. and the following state ruling:

UNDERSTANDING E DISCOVERY A PRACTICAL GUIDE. 99 Park Avenue, 16 th Floor New York, New York

Updated Administration Proposal: Law Enforcement Provisions

A. Introduction: Preserving the Status Quo

Prevention of Fraud, Waste and Abuse

WHISTLEBLOWING AND CONDUCTING INVESTIGATIONS. Eileen P. Kennedy Berliner Cohen

Arkfeld on Electronic Discovery and Evidence: The Spotlight on Legal Holds

Assembly Bill No. 5 CHAPTER 5

Preparing for a Post Dodd Frank World

Social Media in the Workplace. Stacey L. Smiricky Partner, Labor & Employment Group

E-Discovery and Data Management. Managing Litigation in the Digital Age. Attorney Advertising

E-Discovery: The New Federal Rules of Civil Procedure A Practical Approach for Employers

Securities Whistleblower Incentives and Protection

In the Wake of Collapse: Approaches to Ponzi Scheme Litigation

INDIANA FALSE CLAIMS AND WHISTLEBLOWER PROTECTION ACT. IC Chapter 5.5. False Claims and Whistleblower Protection

DISCHARGE. The Discharge in Bankruptcy. From an individual. debtor s standpoint, one. of the primary goals of. filing a bankruptcy case

HIPAA Compliance in Litigation and Discovery 10 Key Concepts Click to edit Master title style

BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT

Transcription:

The e-workplace: Balancing Privacy and Information Security to Manage Risks Michael W. Droke, Partner Dorsey & Whitney LLP Droke.Michael@Dorsey.com (206) 903-8709 1 Overview Navigating Risks Arising in the Electronic Workplace: Employee Monitoring Social Media New Trends in Tracking Employees New Trends in Tracking Time (and New Options for Tracking Employers) Electronic Devices in the Workplace Bring Your Own Devices Electronically Stored Information ( ESI ) in Litigation 2 Employee Monitoring Key HR issues / legal risks: Use of social media in recruiting / hiring (discrimination) Vicarious liability for offensive / harassing posts Investigating complaints made through social media or about co-workers activities on social media Discovery of information that may trigger obligations (disabilities, safety concerns) Discipline and firing based on social media activity 3 1

Employee Monitoring: Social Media Social Media: Your Employees Are Talking Should You Listen In? 4 Employee Monitoring: Social Media Issues with monitoring employee social media activity: Invasion of privacy Wiretap Act Electronic Communications Privacy Act Stored Communications Act Bar opinions regarding surreptitious friending State statutes circumscribing ability to monitor: California Illinois Maryland 5 Employee Monitoring: Recordings Washington is a 2-party consent state. RCW 9.73.030 Unlawful to record or intercept any private communication or conversation by device without first obtaining consent of all persons engaged in the conversation Other 2-party consent states: California, Connecticut, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania 6 2

Employee Monitoring: Recordings Announcement of recording or intercepting communications in employee handbooks. RCW 9.73.030(3). Exception for threats of extortion, blackmail, or bodily harm. RCW 9.73.030(2)(b). What about unlawful harassment? Washington courts have yet to decide. 7 Employee Monitoring: Social Media When Employees Use Social Media to Talk About You: How Much Control Can/Should You Exercise? 8 Employee Monitoring: New Trends in Employee Tracking New Trends in Tracking Employees: Your Employees Are Walking Should You Follow Them? Vehicle tracking On-site equipment tracking Off-site equipment tracking 9 3

Employee Monitoring New Trends in Tracking Time: DOL Timekeeping App U.S. Department of Labor ( DOL ) has launched free app to help employees track hours and determine wages owed Secretary of Labor Hilda L. Solis: "This app will help empower workers to understand and stand up for their rights when employers have denied their hard-earned pay. Future Trends in Tracking Employers: DOL App Contest Winners What s the Beef? Tracks information about unsafe, unfair workplaces Job Tracker Tracks companies that have exported jobs overseas or broken laws protecting workers 10 Bring Your Own Bring Your Own The Line Between What s Yours and What s Mine 11 Bring Your Own Bring Your Own Beware of California! 12 4

Bring Your Own Employer Checklist: Specify precisely what devices are permitted for work use Establish policy governing security, confidentiality, and employer s right to access regarding all devices used for work purposes Establish policy circumscribing support offered for BYODs Consider whether some reimbursement must occur Establish policy making clear who owns what apps and data Establish policy outlining procedure for exiting employees (e.g., removal of access tokens, proprietary applications, and confidential data) Establish policy governing acceptable/authorized use when using VPN or accessing other company systems 13 18 U.S.C. 1030 Enacted in 1984 Federal computer crime statute including data theft Civil remedy in 1994 amendment Computers used in interstate commerce Amended in 2001 and 2008 Computers in foreign countries Provides for damages and injunctions 14 General Elements of a CFAA Claim: Protected computer Lack of authorization or exceeding authorization to access computer Theft of information or anything of value Damage to data permanent $5,000 loss Limited to economic damages Compensatory damages Two-year statute of limitations 15 5

Key Issue is Unauthorized Access Section 1030(a)(2)(c): Whoever intentionally accesses a computer without authorization OR exceeds authorized access and thereby obtains information from any protected computer commits a crime 16 Ways to Establish Lack of Authorization: Violating company policies and rules Exceeding expected norms of intended use Employee terminating agency relationship with employer by disloyal conduct Accessing for non-business purpose 17 United States v. Nosal, 676 F.3d 854 (9th Cir. 2012) CFAA does not extend to violations of use restrictions but is limited to circumvention of technological barriers Concern over criminalizing common violations of terms of use and rules United States v. Tolliver, 451 Fed. Appx. 97 (3rd Cir. Sept. 15, 2011) Former bank teller provided customer account information to check runners who cashed fraudulent checks Although no violation of company policies, court found sufficient evidence to convict where employee did not have a business purpose to access the customers accounts 18 6

Pulte Homes, Inc. v. Laborers Int l. Union of N. Am., 648 F.3d 295 (6th Cir. 2011) During labor dispute, union bombarded employer s computer systems with e-mails and voicemails Court found allegations of unauthorized access sufficient: transmissions diminished Pulte s ability to use systems and union intended to cause damage Int l. Airport Centers v. Citrin, 440 F.3d 418 (7th Cir. 2006) Employee destroyed data on company computer Court held authorization based on law of agency: authorization terminates with disloyal act to employer 19 Employer Checklist: Execute appropriate employee agreements Confidentiality/non-disclosure agreements Post-employment restrictive and anti-raiding covenants Agreement to search personal computers Permissions regarding use of the computers Implement appropriate policies and procedures Handbook Code of Conduct Terms of Use on Company Website (BEWARE of NLRA) Policies addressing international rules Protections related to access Coordination of document retention and e-discovery 20 ESI in Litigation Electronically Stored Information ( ESI ) in Discovery: How Deep Does the Rabbit Hole Go? 21 7

ESI in Litigation Import of Managing ESI at All Litigation Stages: Issuing proper hold at outset of litigation (or threatened litigation) and updating as needed Preparing for meet and confer with opposing counsel Managing collection of ESI Processing and producing ESI Authenticating as exhibits at trial 22 ESI in Litigation From IM to Exhibit 1 : When I sent the instant message, I didn t think it was going to be Exhibit #1 at my deposition.... Educate employees on the risks involved in careless communications 23 ESI in Litigation Privilege in the Electronic Age: Federal Rule 502 - When made in a federal proceeding or to a federal office or agency, disclosure does not operate as waiver if: (1) the disclosure is inadvertent; (2) the holder of the privilege or protection took reasonable steps to prevent disclosure; and (3) the holder promptly took reasonable steps to rectify the error 24 8

ESI in Litigation In re Pradaxa Prods. Liab. Litig., 2013 WL 6486921 (S.D. Ill. Dec. 9, 2013): Highlights issues with ESI in discovery, including failure to place a timely hold and issue incremental holds Involved failure to preserve business-related text messages from cell phones of certain custodians 25 ESI in Litigation Mastr Adjustable Rate Mortgages Trust 2006-OA2 v. UBS Real Estate Secs. Inc., 2013 WL 5745855 (S.D.N.Y. Oct. 23, 2013): Analyzes when duty to preserve arises, what constitutes an adequate hold, and when sanctions are warranted Found a failure to implement a timely hold, but denied sanctions Despite not suspending auto-delete and document-destruction policies, each custodian met with counsel to discuss retention requirements Self-selection of email was not evidence of bad faith where counsel monitored compliance Highlights import of involving counsel in early in the process! 26 ESI in Litigation Logtale, Ltd. v. IKOR, Inc., 2013 WL 3967750 (N.D. Cal. July 31, 2013): Defense counsel failed to ensure client conducted thorough and appropriate document searches Rule 26(g) places an affirmative obligation on an attorney to ensure that a client s search for responsive documents and information is complete. Where counsel notices obvious gaps in the production of documents by his client, he is obligated to make reasonable inquiry as to the thoroughness of that search. Defendants and their attorneys each ordered to pay part of attorneys fees spent resolving discovery issues 27 9

ESI in Litigation Victor Stanley, Inc. v. Creative Pipe, Inc., 250 F.R.D. 251 (D. Md. May 29, 2008): Considered a benchmark opinion offering guidance on how to avoid privilege waiver and use of search terms States that parties must: Meet and confer regarding search terms and be aware of search methodologies Apply sampling techniques to vet terms, and Be prepared to submit an affidavit regarding the search approach Anderson Living Trust v. WPX Energy Prod., LLC, 298 F.R.D. 514 (D.N.M. 2014): Rule 34 requirement that documents be produced either in the usual course of business or labeled to correspond to categories in the request does not apply to ESI 28 QUESTIONS? Michael W. Droke 206.903.8709 Droke.michael@dorsey.com 29 10