Caution Advised: Employers Must Be Careful Not To Commit An Invasion Of Privacy During Investigations
Employers that conduct an investigation into former employees’ activities when suspecting breaches of non-compete agreements must be very careful to use appropriate methods to conduct such an investigation, or risk exposure to liability from an invasion of privacy or related claim by their former employees.
Several years ago, for example, the New Jersey Supreme Court, in Stengart v. Loving Care Agency, Inc., reminded employers of the importance of adopting and maintaining detailed computer monitoring policies that clearly specify that the employer has the right to monitor email messages sent through employees' personal email accounts when using a company-issued communication device. While Ms. Stengart never asserted a claim for invasion of privacy per se, she successfully moved to exclude emails with her attorney, sent using her personal email account from a company-issued computer, on the basis that her former employer unlawfully invaded her privacy. Specifically, Ms. Stengart claimed that the employer's computer monitoring policy did not put her on notice that her personal emails would be monitored. The New Jersey Supreme Court remanded the case to the trial court to determine whether additional remedies, such as disqualification of the employer's law firm, screening of attorneys, the imposition of costs, or some other remedy, should be imposed.
A decision this year by the Illinois Supreme Court demonstrates an additional theory under which employers may be subject to invasion of privacy claims brought by their employees or former employees.
In Lawlor v. North American Corporation of Illinois, the plaintiff employee was employed by the defendant as a commission-based salesperson for approximately seven years. After her employment ended, she began working for a competitor of the defendant. The defendant, in turn, began an investigation to determine if the plaintiff had violated her non-compete agreement. During the course of that investigation, the defendant's vice president of operations hired a private investigation firm that had previously conducted similar investigations on behalf of the defendant. He provided the private investigator with the plaintiff's date of birth, her address, her home phone number, her cell phone number, and her social security number.
One of the things that the former employer requested from the private investigator was the plaintiff's phone records. The investigator, in turn, hired a subcontractor to obtain the plaintiff's phone records. The subcontractor used what is commonly called a "pretexting scheme" to obtain the plaintiff's phone records. The subcontractor used the plaintiff's personal information, which had been provided by the defendant to the investigator, to call the plaintiff's phone service carriers and, while pretending to be the plaintiff, requested that the carriers provide the plaintiff's phone records. After the defendant obtained the plaintiff's phone records, it used online search engines to determine that plaintiff had, in fact, contacted its clients, and diverted business to its competitor (her new employer).
When the plaintiff discovered the manner in which the defendant had conducted its investigation, she amended her complaint to allege a claim of "intrusion upon seclusion" based upon the "pretexting scheme." The defendant then counterclaimed against the plaintiff and alleged that she breached her fiduciary duty of loyalty by diverting customers to her new employer.
The case was tried before a jury, which found for the plaintiff and awarded her $65,000 in compensatory damages, and $1.75 million in punitive damages. The trial court reduced the punitive damages award to $650,000. In addition, the jury also found for the defendant on its breach of the fiduciary duty of loyalty claim, awarding it $78,781 in compensatory damages and $551,467 in punitive damages. On appeal, the Appellate Court affirmed the plaintiff's judgment on her claim for intrusion upon seclusion, and reinstated the original award of $1.75 million in punitive damages. The Appellate Court also reversed the award in defendant's favor on the breach of fiduciary duty claim.
Before the Illinois Supreme Court, the defendant argued that it should not be held responsible for the subcontractor's "pretexting scheme" because it did not itself obtain plaintiff's phone records, and because there was not sufficient evidence demonstrating an agency relationship with the subcontractor. This argument failed, as the Court held that the jury had a sufficient basis to impose vicarious liability.
The defendant also argued that the award of punitive damages on the intrusion upon seclusion claim did not comport with Illinois law. The Court agreed, and reduced the award to the amount of compensatory damages ($65,000). The Court based its decision on the fact that there was no evidence presented to the jury that the defendant had an intentional, premeditated scheme to harm plaintiff, and that the phone records were obtained as part of a legitimate investigation, not out of animus.
Finally, the Illinois Supreme Court agreed with the Appellate Court and upheld that court's determination that there was not sufficient evidence to support a finding in favor of the defendant on its breach of the fiduciary duty of loyalty claim.
What does this mean for employers?First, these cases may indicate that there is an increased acceptance among the populace and the courts of the invasion of privacy tort. Employers' commonly-held belief that employees have absolutely no right of privacy will not necessarily bear out in court.
Second, and more importantly, it serves as a reminder of what should be a common-sense rule—employers should not misrepresent the facts in order to obtain evidence in an investigation. Not only is it just wrong to gather evidence via "pretexting schemes," as the Lawlor decision indicates, but using inappropriate methods to conduct an investigation may also expose the employer to potential liability, including punitive damages in the right situation.
Third, the Lawlor decision serves as a reminder that an employer cannot insulate itself from liability by outsourcing its bad acts. As a general principle, if you can't do something yourself (such as obtaining someone's personal phone records through false pretenses), you can't have someone else do it for you either.
Employers need not worry, however, that this is the end of employee investigations. There is a wealth of information that can be obtained through proper investigations—forensic and otherwise. Employers must be able to investigate to determine whether employees or former employees are, for example, breaching their non-compete agreements, stealing the company's trade secrets, or harassing their co-workers. But employers must ensure that they have the appropriate policies in place that put employees on notice that the company will be monitoring their information.
Moreover, when hiring independent contractors, such as private investigators, to assist in an investigation, employers should clearly (a) direct such independent contractors to follow all applicable laws and regulations; and (b) inform the independent contractor that they do not want any information obtained through methods that violate the law or that are based upon deception. This will help protect employers from being held vicariously liable for bad acts of independent contractors. Employers should also consider including an indemnity provision in agreements with independent contractors, by which the contractor agrees to indemnify and hold harmless the employer from any liability arising from the independent contractor's own bad acts, or the bad acts of any subcontractors that were hired by the contractor.
© TROUTMAN SANDERS LLP. ADVERTISING MATERIAL. These materials are to inform you of developments that may affect your business and are not to be considered legal advice, nor do they create a lawyer-client relationship. Information on previous case results does not guarantee a similar future result.