News + Events
“MySpace” v. Company’s Space: A New Jersey Court Weighs in on Employment Decisions Based on Social Media Content
August 18, 2009
Kristina N. Klein
Picture this: an employee sets up a MySpace or Facebook group solely to “vent about any BS we deal with at work without any outside eyes spying on us. This group is entirely private, and can only be joined by invitation.” The employee uses the company logo as the icon for the group and invites past and present employees to join, encouraging them to “let the s**t talking begin.” And does it begin!
Now imagine that, after you discover the group and fire the “disloyal” employee who set it up, the employee sues your company and
wins. Seem far fetched? Not to a Houston’s restaurant in Hackensack, New Jersey, who a jury recently ordered to pay two former employees back pay and punitive damages after terminating these individuals for setting up a similar website designed to allow other Houston employees to “vent” about work.
The Case: Pietrylo, et al. v. Hillstone Restaurant Group d/b/a Houston’s
Brian Pietrylo, a server at Houston’s, created a private MySpace group called the “Spec-Tator” – which is a reference to the “specs,” or standards, a server is expected to uphold at the restaurant. Pietrylo invited other employees to become members of the group. Employees who accepted the invitation could access the Spec-Tator site anytime to read postings or add new postings. Pietrylo included a statement on the group’s homepage explaining that its purpose was “to talk about all the crap/drama/and gossip occurring in our workplace, without hav[ing] to worry about outside eyes prying in…but because the group is oh so private, only participants will stay members.” On the Spec-Tator site, members submitted numerous postings, including a posting with derogatory and sexual remarks about Houston’s management and customers and a copy of a test employees had to take.
While no managers were invited to join the group, a greeter who had accepted her invitation to join the site showed her manager some of the postings on the manager’s personal computer while dining at his home. Soon, other managers were made aware of the website, and one manager even requested that the greeter provide him with her password so that the managers could review the contents of the website. Although the greeter testified that she was never explicitly threatened with any adverse employment action if she did not provide her managers with her password, she did testify that she gave her password to management solely because they were members of management and she thought she “would have gotten in some sort of trouble.” The greeter also testified that she understood all of the managers would know about the website after she armed them with the password.
Ultimately, the greeter’s password fell into the hands of the regional supervisor of operations for Houston’s. The regional supervisor testified that he found the postings on the website to be “offensive” and that he was concerned that the content of the website could affect the operations of Houston’s, specifically because the content contradicted Houston’s four core values – professionalism, positive mental attitude, aim to please approach, and teamwork. Consequently, the regional supervisor terminated Pietrylo and another server, Doreen Marino, for their involvement in creating and contributing to the MySpace group.
In response, Pietrylo and Marino filed a lawsuit in a federal court in New Jersey alleging violations of the federal Stored Communications Act and a parallel state provision, wrongful termination in violation of public policies favoring free speech, wrongful termination in violation of public policies against invasion of privacy, and the common law tort for invasion of privacy.
The restaurant moved for summary judgment on all of Pietrylo’s and Marion’s claims. The court granted the motion as to the freedom of speech claim, holding that the restaurant’s actions did not violate the employees’ right to free speech. However, the court denied summary judgment with respect to the other claims, ruling that the employees could proceed to trial with their invasion of privacy claims and their claims under the federal Stored Communications Act (and an identical provision under state law), the latter which makes it an offense to intentionally access stored communication without authorization or in excess of authorization. In denying Houston’s summary judgment on the Stored Communications Act claim, the court held that there was a factual dispute as to whether the greeter consented to sharing her password with management, or whether the greeter gave her password to management under duress – which would mean that management was not “authorized” to access the MySpace group under the terms of the statute.
At the conclusion of the trial in June 2009, a federal jury found that the restaurant’s managers violated state and federal laws that protect the privacy of Web-based communications, and awarded Pietrylo and Marino $3,400 in back-pay and $13,600 in punitive damages. Specifically, the jury determined that the restaurant violated the federal Stored Communications Act and the parallel state provision in the way that it gained access to the Spec-Tator, namely management requesting and using the greeter’s password to access the site. The jury, however, rejected plaintiffs’ privacy claims, explaining that while the Spec-Tator was “a place of solitude and seclusion which was designated to protect the plaintiffs’ private affairs and concerns,” they did not have a reasonable expectation of privacy in the MySpace group. The jury also rejected plaintiffs’ claims for damages suffered as a result of emotional distress.
Lesson For Employers
The
Pietrylo case highlights the challenges employers now face as employee chitchat, complaints and gossip shift from the water cooler to the Internet. While this decision does not restrict an employer’s right to monitor communications and information within the four corners of its own computer networks, there are some key “takeaways” employers should consider in light of the
Pietrylo verdict.
First, employers should understand the risks of choosing to access an employee’s restricted social networking site without authorization. Even though the
Pietrylo plaintiffs were ultimately unsuccessful in their free speech and privacy claims, they were awarded damages under state and federal statutory law that prohibits unauthorized access to stored communications. Thus, the
Pietrylo decision illustrates why employers should refrain from strong-arming their employees for access to (or using other unlawful means to access) MySpace, Facebook and other social networking pages and forums that are identified and operated as private sites.
Second, employers should consider implementing written policies that deal directly with employee work-related speech on social networking sites. These policies can require that employees observe guidelines when referring to the company, its services, its clients, and other company employees on social networking sites. These policies should make clear to employees that using social networking sites to divulge the company’s confidential and/or proprietary information, to harass, bully or intimidate co-workers, or to otherwise disparage the company may result in discipline, up to and including termination.
Finally, in addition to the invasion of privacy and Stored Communications Act claims at issue in the Pietrylo case, employers should also be aware of other potential legal concerns that could arise in the context of social media in the workplace, including state “off-duty conduct” statutes, federal anti-discrimination laws, and trade secret laws. Some of these issues were addressed in the recent Troutman Sanders LLP Advisory, “Facing the Consequences of Facebook: What Employers Can Do with Information Obtained from Social Networking Sites,” and will be addressed more fully at the Troutman Sanders LLP Annual Labor & Employment Seminar, tentatively scheduled for November 2009.
About the Stored Communications Act
The
Pietrylo case introduces a relatively unfamiliar law to many employers: the
Stored Communications Act (“SCA”), 18 U.S.C. §2701. The SCA makes it an offense to intentionally access “without authorization” or “in excess of authorization” a facility through which an electronic communication service is provided. The purpose of the SCA, which was passed as part of the Electronic Communications Privacy Act, is to create privacy protection for email and other digital communications stored on the Internet. In order to fall under the protection of the SCA, an online facility or website must not be readily accessible to the general public. This law broadly protects electronic communications, including social networking sites like MySpace and Facebook, where users may have a legitimate interest in the confidentiality of communications stored on these sites.