These are some of the thousands of people who have lost their jobs thanks to something they posted on the Web or downloaded to their work PCs. They all learned that what you do online and on your computer can have serious consequences for your career, not to mention your ability to keep food on the table.
Employers and employees alike are often confused about where to draw the lines. But a good place to start is with hardware.
Whose equipment is it, anyway?
If your employer owns the equipment you’re using to surf the Web, it can look at anything you’ve stored on it, even personal files–no warrant or warning required. In fact, there’s a good chance your boss or the company’s IT snoops are already doing it, says Lewis Maltby, president of the National Workrights Institute.
A 2007 survey by the American Management Association shows that two-thirds of employers monitor employee Internet access, while nearly half review files stored on their computers. Maltby says the actual numbers are probably much higher, as many IT departments spy on employees without informing management.
When you’ve bought the equipment yourself, your boss can’t legally snoop without a court order. But if you use the company network to access the Internet from your personal device, he or she can look at any data you send or receive.
“If it’s passing through your employer’s servers, you have no privacy,” says Maltby. “The employer can look at anything it wants to, even if there’s no legitimate reason.”
A few limited exceptions do exist. In March 2010 the New Jersey Supreme Court ruled that employees have some expectation of privacy when using their personal Web mail accounts, even if accessed from their employer’s computer. In that case, the employee was exchanging confidential emails with her lawyer regarding a possible discrimination suit; the court ruled that attorney-client privilege trumped the employer’s right to snoop.
If you must send personal emails or post Facebook updates from work, Maltby advises, use a wireless device that connects to your own cellular account. Employers can’t legally intercept it, though if you’re doing it on a company-issued smartphone, they can look at the record of who you called and any other data you’ve stored.
Your other option? Consider moving to Canada. A court of appeals in Ontario recently found that employees had a limited reasonable expectation of privacy regarding personal files stored on an employer’s device (emphasis on the word limited). The court ruled that files could only be accessed as part of the normal course of business, such as when the computer is being repaired.
Can I be fired for something my boss finds on my PC?
Wisconsin high school teacher Robert Zellner got fired in 2006 for typing the word “blonde” into an unrestricted Google Image search and viewing two pages’ worth of thumbnails. Zellner sued, but a Federal appeals court upheld his termination last May, stating that Zellner’s search violated district rules about appropriate use of school computers.
In most cases your boss doesn’t even need a reason for firing you. At least 39 U.S. states allow employers to terminate at will, so long as they don’t violate federal or state statutes prohibiting discrimination, local law, labor laws, or their own termination policies and practices, says Andrew Slobodien, a labor lawyer in Chicago.
Even then, you may be able to sue the employer for wrongful termination, especially if the company treated you differently than it treated other employees in similar situations. But don’t get your hopes up. The courts tend to side with employers in the majority of cases.
Can I be fired for something I post to my social media account from my own equipment on my own time?
Yes, indeedy–as Payne, Holliday, Delaghetto, and thousands of others have discovered. According to a July 2010 survey by email security company Proofpoint, one in five companies have disciplined employees for things they posted to social networks, while 7 percent have terminated people.
A handful of states have laws prohibiting employers from firing people who are whistle-blowers, post their political views online, or are engaged in legal off-duty activities such as smoking or blogging. But the vast majority do not.
Doesn’t that violate my First Amendment rights?
Not in most cases. The First Amendment only protects you from having your speech abridged by the government, says Slobodien. Private companies are not bound by the Constitution.
Nate Fulmer, a former warehouse manager for a chemical supplier, found this out when he poked fun at a local church sermon in a podcast he posted to his blog in April 2005. Two days later his conservative Christian boss fired him for it. If Fulmer had worked for a federal or state agency, things might have been different: The Constitution prohibits such government entities from firing someone simply for exercising their free speech rights.
One exception: If the speech is in conjunction with labor organizing activities, it may be protected under the National Labor Relations Act, even if the case involves a private company or nonunion employees. Earlier this month the National Labor Relations Board (NLRB) ordered a Buffalo, New York, company to rehire five employees it had fired for posting negative complaints about the company on Facebook. An NLRB judge determined that the employees were engaged in “concerted activity”–essentially unionizing–which is legally protected.
So as long as I’m bitching about my boss, it’s OK?
No. If the activity isn’t related to collective action with your coworkers regarding protected work activities, it’s not protected under the NRLA, says Slobodien.
In September 2010, Brian Pedersen, a reporter for the Arizona Daily Star, was fired after he posted tweets critical of the paper, as well as sarcastic comments about Tucson’s homicide rate. Because his speech was not related to the conditions of his employment and did not involve other employees, it didn’t fall under the NLRB’s definition of “concerted activity.”
If I use a pseudonym, can’t I say whatever I please?
Only if you don’t care what happens next. Making your account private, locking your boss and coworkers out of your list of Facebook friends or Twitter followers, or using a pseudonym won’t necessarily protect you.
Remember the beginning of this article? Ashley Payne’s Facebook account was private. Then a friend copied a photo of Payne drinking a glass of wine and reposted it. An anonymous parent (or another teacher) saw the picture on the friend’s Facebook page and forwarded it to the school principal, along with a letter complaining about Payne’s use of the “B” word.
Kendra Holliday blogged under a pseudonym, “TBK365”, and created a Twitter account using the same pseudonym. But when she set up her account she didn’t realize Twitter would display her real name below her pseudo-identity. Before she could delete her real name, a search engine bot cached her Twitter page. When her employers Googled her, they found her Twitter account, which lead them to her blog. Holliday was then put on permanent holiday.
“Don’t put anything online that you wouldn’t want to see on the front page of a newspaper,” she advises. “Even if you’ve got your privacy settings locked down, there’s nothing to stop your friends from reposting it where others can see it.”
So, employers can do whatever they want?
Not entirely. You still have some reasonable expectations of privacy at work. Companies can put surveillance cameras in the hallways, but they can’t put them in the bathrooms–though managers at a Super Wal-Mart in Pennsylvania tried to do just that in March 2008. They can search your computer and even your office, but they can’t search your briefcase without a legitimate reason, such as suspicion of theft.
In general, companies should provide notice to employees that anything done on the company’s computers or its network is subject to being monitored, notes Yoo. Unfortunately many organizations do this via a vague “reservation of rights” clause in the employee manual or a splash screen that appears briefly when employees log on, says Maltby.
Creating a social media policy is also an excellent idea, if only to educate employees about the dangers errant posts can cause. The Social Media Governance site has hundreds of sample policies that businesses can use as models for their own.
“Even if your business is small, it’s important to have a social media policy in place that spells out what employees can and can’t do,” says Bennet Kelley, founder of the Internet Law Center and a blogger for the Huffington Post. “You want to make sure trade secrets and proprietary information aren’t leaking out via social media, and that your employees aren’t trashing your company or its competitors online.”
Will this situation ever improve?
Not in the short term. But even in a down economy, employees still have options.
After losing her job, Payne sued the Barrow County School District, claiming her resignation was coerced. That case is currently being tried. According to her attorney Richard Storrs, she’s now working as a substitute teacher and getting her Masters in Education at the University of Georgia.
Holliday blogged that she recently got a new job with an unnamed company that recognizes that “whatever I do on my personal time is my business and does not affect my professional life.”
DeLaGhetto’s YouTube channel has more than 1 million subscribers, and at press time the rapper was on tour in Canada–not wearing a lame uniform, we presume.
As people bring more of their own devices into the workplace, and social media becomes routine, employers may eventually provide more latitude for their employees on the Web.
“As an employer, does it really hurt your business that someone got drunk and acted like an idiot on Saturday night or went skinny dipping and posted pictures of it on the Net?” asks Maltby. “Probably not. I would urge employers to remember that before they decide to terminate someone.”
Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read ouraffiliate link policyfor more details.