Facebook has replaced the coffee break as the preferred forum for employees to vent their workplace frustrations. Unfortunately for employers, that means complaints that were once discussed among a relatively small group of co-workers can now be aired on an international scale. According to one survey, blog entries containing the terms “my job,” “my work,” and “my boss” far outnumber those on the topics of food, sports, and dating.
Employers have become increasingly concerned with determining when they can take action against an employee who posts workplace complaints to a blog or social media site. As is the case with most employment decisions, there is no bright line answer. The law is struggling to catch up with technology. There is some guidance (discussed below) that employers can rely on to evaluate the wisdom of acting on an employee’s social media post; however, given the increasing attention to the issue by the National Labor Relations Board and employee-rights organizations and the lack of clear legal guidance from the courts, employers are well served by treading lightly.
NOT SO FAST, SUPER-SLEUTH
The first question an employer should ask when determining whether to act on an employee’s post is how access to the information was gained. If the information is posted in a public forum available to anyone browsing the internet, then access to the information is not a concern. More people, however, are limiting public access to the information they post. For example, one can place privacy settings on Facebook to allow only certain individuals to view their posts. Employers must carefully consider whether accessing employee-posted content on a site with privacy protections is lawful.
1. The Stored Communications Act
If privacy settings restrict public access to blogs or social media posts, at least two courts have held that employers may violate the Stored Communications Act (SCA) by viewing the information without permission. The SCA prohibits an individual from “intentionally accessing without authorization a facility through which an electronic communication service is provided […] and thereby obtaining […] access to a wire or electronic communication while it is in electronic storage in such system.”1
The SCA does contain an exception for “conduct authorized […] by a user of that service with respect to a communication of or intended for that user.”2 So, if an employee’s co-worker has permission to view a post and in turn authorizes his employer to view the post, does the user authorization exception apply? Not necessarily.
In Pietrylo v. Hillstone Restaurant Group, the court upheld the jury’s finding that an employer violated the SCA by accessing an employee’s password-protected posts without authorization.3 According to the decision, the user authorization exception was inapplicable because the authorized user was coerced into granting her employer access to the site.4
Two employees of a Houston’s restaurant created an invitation-only chat group on MySpace to discuss their gripes about Houston’s.5 The employees’ managers learned about the chat group through a co-worker who had been invited to join the group and then used the co-worker’s password to view the chat group on several occasions.6 Houston’s ultimately terminated the chat group creators; in turn, the former employees filed suit asserting, among other claims, an SCA violation.7 A jury found in favor of the plaintiffs on their SCA claim and awarded both compensatory and punitive damages.8
Houston’s subsequently moved for judgment as a matter of law, arguing that the plaintiffs’ co-worker, a valid user of the service, authorized the managers to view the chat group.9 The plaintiffs pointed to the co-worker’s testimony that the “purported ‘authorization’ was coerced or provided under pressure.”10 The court agreed with the plaintiffs and held there was ample evidence (including the co-worker’s testimony that she felt compelled to give her manager her password and the manager’s testimony that he was aware of her reluctance) to support the jury’s finding that the co-worker’s authorization was coerced and thus amounted to no authorization at all.11
Similarly, in Konop v. Hawaiian Airlines, the Ninth Circuit Court of Appeals held that an employer’s access of an employee’s secure website containing criticism of the employer may have violated the SCA.12 Because the individuals who facilitated the employer’s gaining access to the website had not actually viewed the website themselves, the court held they were not “users” of the service and thus could not have authorized access within the meaning of the SCA.13 The court denied the employer’s motion for summary judgment on the claim.14
2. State-Law Invasion of Privacy Claims
Employees may also attempt to argue that unauthorized access of a private blog or social media site gives rise to a state-law invasion of privacy claim. The majority of states apply a strict standard of non-disclosure in invasion of privacy cases. That is, exposing information to others typically destroys any basis for claiming that the information was private.15
In Pietrylo, however, the plaintiffs asserted a common law invasion of privacy claim based on their employer’s unauthorized access of their password-protected chat group.16 The court denied the employer’s motion for summary judgment on the claim even though the information had been shared with many of the employees’ co-workers.17 The jury ultimately found in favor of the employer on the right of privacy claim.18
SHE TWEETED WHAT???
Before an employer takes an adverse employment action as a result of an employee post, the content of the post must be carefully evaluated to determine whether it constitutes some form of protected activity. There are no special protections afforded to employee internet discourse. Rather, employers must look to traditional sources of protection — such as the National Labor Relations Act (NLRA) or Title VII’s prohibition against retaliation — to make that determination.
1. The National Labor Relations Act Protections
The NLRA protects employees’ rights to engage in concerted activity regarding the terms and conditions of employment. Many employers are surprised to learn that the NLRA provides some protections to employees regardless of whether the workforce is unionized. Section 7 of the NLRA protects all employees’ right to engage in concerted activities, even if no union activity is involved and no collective bargaining is being contemplated. Consequently, the NLRB can issue a complaint against a covered employer even if the employer is not unionized.
In fact, the National Labor Relations Board (NLRB) has taken a keen interest in employer regulation of employees’ social media participation. In April 2011, the NLRB’s Acting General Counsel directed NLRB Regional Directors to submit to the Division of Advice all cases involving “employer rules prohibiting, or discipline of employees for engaging in, protected concerted activity using social media, such as Facebook or Twitter,” before taking any action.
Consistent with this focus, the NLRB recently issued a complaint against American Medical Response of Connecticut, Inc. (AMR), alleging that AMR violated the NLRA by discharging an employee because of her Facebook posts. The complaint alleged in part that the company maintained and enforced an overly broad blogging and internet posting policy. The employee in question posted a negative remark about her supervisor on her personal Facebook page, which drew supportive responses from her co-workers and led to further negative comments about the supervisor from the employee. The employee was ultimately discharged because her Facebook postings violated AMR’s internet policies. According to the NLRB’s complaint, the employee’s Facebook postings constituted protected concerted activity. The NLRB also challenged AMR’s blogging and internet posting policy. The complaint alleged that the policy’s prohibitions against disparaging remarks when discussing the company or supervisors and against depicting the company in any way over the internet without company permission interfered with employees’ right to engage in protected concerted activity.
The NLRB and AMR reached a settlement in February 2011. According to the NLRB’s press release, AMR agreed to revise its overly broad rules to ensure they do not improperly restrict employees from discussing their wages, hours, and working conditions with co-workers and others while not at work and agreed not to discipline or discharge employees for engaging in such discussions. The allegations involving the employee’s discharge were resolved through a separate, private agreement between the employee and AMR.
On the heels of significant press surrounding the AMR complaint, the NLRB issued a second complaint involving Facebook posts, this one against Hispanics United of Buffalo, a non-unionized nonprofit organization in New York. That complaint alleged that the organization unlawfully fired five employees after they criticized their employer on Facebook. Significantly, the five employees were non-union employees, and their criticisms were not related to union organizing or collective bargaining.
According to the NLRB’s press release, the case involves an employee who, in advance of a meeting with management about working conditions, posted to her Facebook page a coworker’s allegation that employees did not do enough to help the organization’s clients. The initial post generated responses from other employees who defended their job performance and criticized working conditions, including work load and staffing issues. Hispanics United discharged the five employees who participated in the posts, claiming that their comments constituted harassment of the employee originally mentioned in the post. The complaint alleges that the Facebook discussion was protected concerted activity within the meaning of Section 7 of the NLRA because it involved a conversation among coworkers about their terms and conditions of employment, including their job performance and staffing levels.
Though the issue has received significant attention of late, it is not really new. In 2002, the Ninth Circuit Court of Appeals held that the employer’s actions, including accessing an employee’s website under false pretenses, may have violated the Railway Labor Act (RLA).19 Similar to portions of the NLRA, the RLA prohibits “interference, influence, or coercion by either party over the designation of representatives of the other,” and provides that it is “unlawful for any carrier to interfere in any way with the organization of its employees […].”20
Robert Konop, pilot for Hawaiian Airlines, maintained a secure website on which he criticized his employer and the incumbent union.21 Konop controlled access to the website by requiring pre-approved visitors to log in with a user name and password.22 Hawaiian Vice-President James Davis obtained permission from two of Konop’s copilots (who were on the pre-approved visitor list) to access the website using their names.23 When Konop learned of the unauthorized access, he filed suit against Hawaiian.24 Konop argued that Hawaiian “interfered with his organizing efforts by accessing his website under false pretenses,” in violation of the RLA.25 The district court granted summary judgment in favor of Hawaiian Airlines.26
The Ninth Circuit reversed, holding that Konop’s articles constituted protected organizing activity under the RLA.27 The court rejected Hawaiian’s argument that Konop forfeited protection because his articles contained “malicious, defamatory, and insulting material known to be false.”28 While a party can lose protection under the NLRA or RLA by “circulating defamatory or insulting material known to be false,” the court characterized Konop’s posts as “rhetorical hyperbole” and “opinions,” that were not so intolerable as to lose their protection under the RLA.29
2. Additional Sources of Protection
Of course, the NLRA does not provide the only source of protection for employees’ speech. The vast majority of federal and state employment statutes contain antiretaliation provisions. For example, Title VII of the Civil Rights Act of 1964, the Americans with Disabilities Act, and the Age Discrimination in Employment Act prohibit retaliation against an employee for exercising his or her rights under those statutes. So an employee’s post that asserts a complaint about discrimination or harassment based on a protected characteristic (such as gender or age discrimination) may constitute protected activity under those statutes.
Employers should also consult state law to determine whether an employee’s online post constitutes protected activity. Many state whistleblower laws provide varying degrees of protection to an employee who reports illegal activities. Some states have statutes that prohibit employers from discriminating against employees for any lawful off-duty conduct. Many states also permit employees to assert wrongful termination claims based on violation of public policy (such as public policy enforcing privacy rights). In fact, in Pietrylo, the court denied the employer’s motion for summary judgment on the plaintiffs’ claim that it wrongfully terminated them in violation of public policy of privacy rights.30
BUT (INSERT UBIQUITOUS COMPARATOR NAME HERE) TWEETED THE SAME THING!
Although not unique to social media issues, employers should consider consistency before acting on an employee post. One common way employees attempt to prove a discrimination claim is by pointing to similarly situated comparators who were treated more leniently under analogous circumstances. Employers should enforce all written or unwritten policies consistently or should be prepared to clearly articulate the basis for differential treatment.
SO WHAT IN THE WORLD WIDE WEB CAN I DO?
Given the uncertainty regarding many potential claims and the recent attention to the issue, if an employee’s post is not especially egregious or damaging, then the company may be better served by simply letting it slide. There may be, however, instances in which a post must be addressed, such as a complaint of harassment by a co-worker or a post that reveals a trade secret. In that case, the employer should proceed carefully.
For example, if faced with a complaint of harassment by a co-worker on a social media site with privacy protections, ask the complaining employee to print the offending posts and provide them to you in hard copy. Obtain a written statement from the employee affirming that the information is being produced voluntarily and without coercion. Do not ask for the employee’s log-in information or to view the site. Then review the content very carefully to ensure it does not contain any protected activity. Finally, if the alleged harasser is disciplined or discharged, make clear that it is the result of violating the employer’s anti-harassment policy (versus a social media or blogging policy).
The intersection between social media and the
workplace is a rapidly developing area of law. It is also a topic that
engenders strong opinions and is receiving significant attention from the press
and the public. Employers should exercise restraint before taking action to
address an employee’s use of social media.
 18 U.S.C. §2701(a)(1).
 18 U.S.C. §2701(c)(2).
 Pietrylo v. Hillstone Restaurant Group d/b/a Houston’s, 2009 WL 3128420, at *3 (D.N.J. Sept. 25, 2009).
 Pietrylo, 2009 WL 3128420 at *3.
 Pietrylo, 2009 WL 3128420 at *1-2.
 Id. at *3.
 Id. at *1.
 Pietrylo, 2009 WL 3128420 at *3.
 Konop v. Hawaiian Airlines, Inc., 302 F. 3d 868, 880 (9th Cir. 2002).
 Konop, 302 F. 3d at 880.
 See, e.g., Garrity v. John Hancock Mut. Life Ins. Co., 2002 WL 974676, at *1-2 (D. Mass. 2002); McLaren v. Microsoft Corp., 1999 WL 339015, at *4 (Tex. App. 1999).
 Pietrylo, 2009 WL at *1.
 Id. at *1, fn. 1.
 Konop, 302 F. 3d at 883-84.
 45 U.S.C. §152.
 Konop, 302 F. 3d at 872.
 Id. at 873.
 Konop, 302 F. 3d at 873.
 Id. at 884.
 Konop, 302 F. 3d at 882-883.
 Id. Citing Linn v. United Plant Guard Workers, Local 114, 383 U.S. 53, 61, 86 S. Ct. 657, 15 L.Ed.2d 582 (1966).
 Pietrylo, 2009 WL 3128420, at *1.
- 18 U.S.C. §2701(a)(1). Jump back to footnote 1 in the text
- 18 U.S.C. §2701(c)(2). Jump back to footnote 2 in the text
- Pietrylo v. Hillstone Restaurant Group d/b/a Houston’s, 2009 WL 3128420, at *3 (D.N.J. Sept. 25, 2009). Jump back to footnote 3 in the text
- Pietrylo, 2009 WL 3128420 at *3. Jump back to footnote 4 in the text
- Pietrylo, 2009 WL 3128420 at *1-2. Jump back to footnote 5 in the text
- Id. at *3. Jump back to footnote 6 in the text
- Id. at *1. Jump back to footnote 7 in the text
- Id. Jump back to footnote 8 in the text
- Pietrylo, 2009 WL 3128420 at *3. Jump back to footnote 9 in the text
- Id. Jump back to footnote 10 in the text
- Id. Jump back to footnote 11 in the text
- Konop v. Hawaiian Airlines, Inc., 302 F. 3d 868, 880 (9th Cir. 2002). Jump back to footnote 12 in the text
- Konop, 302 F. 3d at 880. Jump back to footnote 13 in the text
- Id. Jump back to footnote 14 in the text
- See, e.g., Garrity v. John Hancock Mut. Life Ins. Co., 2002 WL 974676, at *1-2 (D. Mass. 2002); McLaren v. Microsoft Corp., 1999 WL 339015, at *4 (Tex. App. 1999). Jump back to footnote 15 in the text
- Pietrylo, 2009 WL at *1. Jump back to footnote 16 in the text
- Id. Jump back to footnote 17 in the text
- Id. at *1, fn. 1. Jump back to footnote 18 in the text
- Konop, 302 F. 3d at 883-84. Jump back to footnote 19 in the text
- 45 U.S.C. §152. Jump back to footnote 20 in the text
- Konop, 302 F. 3d at 872. Jump back to footnote 21 in the text
- Id. Jump back to footnote 22 in the text
- Id. at 873. Jump back to footnote 23 in the text
- Konop, 302 F. 3d at 873. Jump back to footnote 24 in the text
- Id. at 884. Jump back to footnote 25 in the text
- Id. Jump back to footnote 26 in the text
- Konop, 302 F. 3d at 882-883. Jump back to footnote 27 in the text
- Id. Jump back to footnote 28 in the text
- Id. Citing Linn v. United Plant Guard Workers, Local 114, 383 U.S. 53, 61, 86 S. Ct. 657, 15 L.Ed.2d 582 (1966). Jump back to footnote 29 in the text
- Pietrylo, 2009 WL 3128420, at *1. Jump back to footnote 30 in the text