Tribe's call for a new Constitutional Amendment highlights his concern for what he labels as invasions of "cyberspace." "Cyberspace" simply refers to the ephemeral space occupied by computer transmissions and communications. The United States Constitution does not expressly protect an individual from invasions of cyberspace. Courts, too, seem less willing or less able to protect an individual from these electronic invasions.³ As a result, both our current Constitution and the common law right to privacy are ill-equipped for the voyage into cyberspace.

One of the most proliferating forms of "cyberspace" is electronic mail.⁴. Electronic mail is now used by an estimated 20 million people across the United States. More than half of those users went on-line in the past two years.⁵ E-mail continues to be the subject of much debate regarding the privacy of its users.⁶ The issue of workplace privacy as it relates to computer use and electronic communications is actively before Congress.⁷

This Comment examines what level of privacy employees who use electronic mail systems are entitled to expect. Part II recounts the current court-made and statutory laws which purport to protect employees' workplace privacy. Part II argues that the Supreme Court has poorly fashioned search and seizure law for the public workplace because it continues to rely on a radically outdated view of how the workplace functions. The Supreme Court has created case law which all but eliminates constitutional protection afforded public employees for work-related searches and seizures. Statutes have picked up some of the slack and in some instances protect both private and public employees. However, the statutes also have significant gaps and ambiguities. Part II urges that there are very good reasons to protect private employees who use E-mail in the workplace, not the least of which is that it is in the employer's best interest to do so.⁸

Part III suggests that the best place to find privacy protection for private employees who use computer systems at work is in state constitutions.⁹ To this end, Part III analyzes Shoars v. Epson America, Inc.,¹⁰ a case which is now working its way through the California courts. This Comment contends that the California Superior Court decided Shoars incorrectly, both as a matter of law and of policy. Part III extends the Shoar analysis to show how state courts might better interpret their respective privacy laws to effect these legal and policy concerns.

In Part IV, this Comment concludes that courts have a special role to play when adjudicating work-related computer privacy issues. This part summarizes the reasons why courts should not blindly defer to legislators when adjudicating technology-related privacy issues.

Generally, a "search" under the Fourth Amendment protects "an expectation of privacy that society is prepared to consider reasonable."¹⁶ The Fourth Amendment further requires that searches¹⁷ must be reasonable in all circumstances. A reasonable search is one where the searcher obtains a warrant based on probable cause. Searches conducted without a warrant are adjudged per se unreasonable.¹⁸ However, courts may abandon warrant and probable cause requirements when they become "impractical under the circumstances."¹⁹ Impractical circumstances exist during emergencies, or when the need for either a warrant or probable cause will "frustrate the purpose for which the search was intended."²⁰ Where a warrant is found to be impractical, the probable cause standard may serve as a reference for adjudicating the search's reasonableness.²¹ When the Court decides probable cause is not applicable to analyzing the reasonableness of the search, as an alternative, it may balance the need to search against the invasion of privacy resulting from the search.²²

Traditionally, employees have received little privacy protection on the job. It is argued that employers' interests should be favored because the work is done on the employers' premises. Employers own the communications equipment used at work and it is the company's business which is being conducted on this equipment. Employers have a strong interest in monitoring employee activity for the purposes of assuring the quality and quantity of work-product, and for protecting against theft or fraud.²³ Even the Supreme Court has decided that the balance on interests should favor employers because public employers' interests in an efficient workplace outweigh the employees' privacy interests.²⁴

The important policy question underlying current work-related privacy law is whether computer technology has so shifted control to the employer that the scales need to be re-calibrated to better protect an employee's privacy rights. Privacy law requires courts to balance the interests of one group against another to determine whether an illegal invasion of privacy has occurred.²⁵ To this end, scholars have argued that effective judicial balancing ferrets out the needs, interests and limitations of the parties before the court.²⁶ Implicit within the "ferreting out" are three goals that balancing should accomplish: (1) to justify the appropriate level of generality for the issues before the court; (2) to insure that the result is based on an adequate factual background; and, (3) to not substitute deference for a cogent analysis of the parties' interests.²⁷ These three goals serve the greater objective of openly and candidly acquiring knowledge and better defining society's values through legal discourse.²⁸

Current privacy law neglects these goals. The Supreme Court has inaccurately defined society's privacy values in the workplace because the Court has based its decisions on an outdated view of both the workplace and privacy generally.²⁹ Lower courts have been left to resolve the tension between the new privacy interests created in the computerized workplace and the Supreme Court's outdated view of workplace privacy.

In Ortega, Dr. Ortega was employed as a psychiatrist at a state hospital. Ortega became subject to an investigation regarding various improprieties including his alleged mismanagement of the hospital's residency program. During the investigation, hospital employees entered and searched Ortega's locked office, where numerous items were seized from Ortega's desk and files. Subsequently, Ortega was fired. Ortega sued the hospital, complaining that the search violated his Fourth Amendment rights. The district court granted summary judgment for the hospital. The Ninth Circuit affirmed summary judgment on Ortega's state claims, but reversed the district court's grant of summary judgment on Ortega's Fourth Amendment claims.³³ On appeal, two issues came before the Supreme Court: (1) whether a work-related search constituted an exception to the warrant and probable cause requirements of the Fourth Amendment, and (2) how courts should balance the competing interests of the agency-employer and the government employee in deciding whether the search was reasonable under the circumstances.

Ortega is worth examining in some detail because it fleshes out many of the limitations of Fourth Amendment law and how those limitations restrict an employee's workplace privacy. In a plurality opinion written by Justice O'Connor, the Court began by noting that Ortega's Fourth Amendment rights would be violated only where the hospital's search infringed on an expectation of privacy society is prepared to consider reasonable.³⁴ Such an expectation is determined, in part, by: (1) what the framers intended for the Fourth Amendment to protect, (2) how an individual uses a particular location or space (a customary approach), and (3) the Court's view of what areas society desires to protect from governmental invasion (an "objective" standard).³⁵

The Court found that Ortega had a reasonable expectation of privacy in his desk and file cabinets located inside his office.³⁶ The Court's holding that Ortega maintained an expectation of privacy in his desk followed Gillard v. Schmidt³⁷ where the Ninth Circuit determined that a right to privacy existed in a school counselor's desk. Like the desk in Gillard, Ortega's desk contained confidential records and was secured in a locked area. However, Ortega's desk was located in his private office rather than in a shared suite as was the counselor's desk in Gillard. The plurality opinion consistently noted that no hospital administrative policies were in force to discourage employees from storing personal items in their desks and files.³⁸

Based on two prior Supreme Court decisions, Oliver v. United States³⁹ and Mancusi v. DeForte,⁴⁰ the plurality recognized Ortega's expectation of privacy. In Oliver, employees were found not to have a reasonable expectation of privacy where police searched a field adjacent to Oliver's home. The court distinguished an open field as "usually . . . accessible to the public and the police in ways that a home, an office or a commercial structure would not be."⁴¹ In Mancusi, the defendant, DeForte, was a union official under investigation for criminal activities. State officials searched his private office without a warrant and seized union records. The Mancusi Court held, inter alia, that on the facts, the union official had an expectation of privacy in his office which was protected from the state officials' unwarranted search.

The three-part inquiry utilized by the plurality to determine Ortega's expectation of privacy probably excludes protection of computer technologies like E-mail. Taken in order, the first part of this inquiry queries whether the framers intended that the Fourth Amendment protect E-mail users. One might argue that framers' intent could be extrapolated to include E-mail. However, such extrapolation more likely serves as a subterfuge for balancing the interests at stake. It would be better to balance the privacy interests openly rather than to artificially connect the Court's reasoning to framers' intent.

In the second part of the inquiry, the Court looks to how an individual uses a particular location or space. The criteria include: (1) whether that which was searched contained confidential records, and (2) whether what was searched was secured in a locked area, or was in a private office. The Court's emphasis on physical location makes it more difficult to apply the law to technologies like E-mail. Surely, E-mail can be regarded as a physical location or a "space." However, regarding it as such does not tell lower courts whether E-mail should be treated as a highly protected space, e.g., postal mail; or as a space which receives less protection, e.g., electronic publishing. The problem is that electronic mail can simultaneously contain confidential and non-confidential records depending on how one defines the "space" being searched. If the "space" includes only one computer file, and that file is confidential, then that which was searched contained confidential records. However, if the space includes more than one file, or includes all that may be accessed by an employee's E-mail code,⁴⁶ that which was searched may contain both confidential and non-confidential data. The same kind of definitional problems apply to determining whether E-mail is secured in a locked area or is "kept" in a private office. On one hand, an E-mail communication which originates from any office, private or not, seems to be confidential. The sender intends that the communication reach only certain recipients. In this sense, E-mail is analogous to postal mail or telephone conversations at work. On the other hand, E-mail could be viewed as a tool provided to employees solely for work-related use. The Supreme Court indicated that employees may not expect privacy where an employer maintains a policy which discourages employees from storing or communicating personal information on E-mail. Thus, focusing on how an employee uses E-mail does not solve the problem, but simply further describes it, because neither the employee nor the employer seems to have well-settled expectations regarding privacy rights in the E-mail context.

The third part of the expectations inquiry relies upon a court's view of what areas society desires to protect from governmental invasion. This part is supposed to be "objective" in the sense that a court objectively analyzes whether society desires to protect users of E-mail in the public workplace from governmental invasion. In Ortega, the Court applies this part of the test when it discusses its balancing analysis, reviewed immediately below.

Once a court finds a legitimate expectation of privacy, as it did in Ortega, it must analyze the reasonableness of the search under the circumstances. Traditional Fourth Amendment analysis requires that a court first determine whether the case before it should be excepted from the warrant and probable cause requirements.⁴⁷ However, in Ortega, the plurality moved directly to a balancing test to determine the reasonableness of the hospital's search of Ortega's office, desk and file drawers. The plurality found that a search conducted by a government employer is reasonable where the government's need for supervision, control and efficiency in the workplace outweighs the invasion of the employee's protected privacy.⁴⁸ Arguably, had the plurality first looked to whether the search of Ortega's office required an exception to the warrant and probable cause requirements,⁴⁹ the Court would have found a need for a warrant and would have affirmed the Court of Appeals' finding in favor of Ortega. Instead, the plurality found that a warrant was not required for two reasons. First, the plurality found that the case law regarding work-related searches of employees' offices favored the government employer's needs and interests.⁵⁰ Similarly, in New Jersey v. T.L.O.,⁵¹ the Court justified a warrantless search by school officials because of the need to enforce "the swift and informal disciplinary procedures needed in the schools."⁵² Lower court opinions also suggested that work-related searches by employers generally satisfied the reasonableness requirement of the Fourth Amendment.⁵³

Second, the plurality performed its own balancing and found that government employers' interests generally outweigh the privacy interests of public employees. The plurality reasoned that employers often enter employees' offices and desks for work-related reasons.⁵⁴ An employer or supervisor should not be required to obtain a warrant when entering an employee's office, desk or filing cabinet for work-related purposes where an employer or supervisor desires to complete the government agency's work promptly and efficiently.⁵⁵ Here, a warrant would "seriously disrupt [the] routine conduct [of the government agency] and would be unduly burdensome . . . [because] government offices could not function if every employment decision became a constitutional matter."⁵⁶

The plurality also found that probable cause was unnecessary when searching in a work-related context. Ortega maintained that the search was a non-investigatory, work-related intrusion, while the hospital characterized the search as investigatory, its purpose to find evidence of suspected work-related misfeasance. The plurality held that, for the non-investigatory search, "probable cause, rooted as it is in the criminal investigatory context, [does not have] much meaning when the purpose of a search is to retrieve a file for work-related reasons."⁵⁷ Likewise, an investigatory search for evidence of work-related misfeasance does not require probable cause because "[t]he delay in correcting the employee misconduct caused by the need for probable cause rather than reasonable suspicion will be translated into tangible and often irreparable damage to the [government] agency's work, and ultimately to the public interest."⁵⁸ Moreover, "[i]t is simply unrealistic to expect supervisors in most government agencies to learn the subtleties of the probable cause standard."⁵⁹ In other words, probable cause is not required for either non-investigatory or investigatory intrusions as long as they are work-related.

The Ortega Court concluded that privacy interests of the public employee are thus outweighed by the government's substantial interests in an efficient and well-run workplace. The employee's privacy interests in the workplace are "far less than those found at home or in some other contexts."⁶⁰

The Court further reasoned that limited employer intrusions, like the one in Ortega's office, do not offend the Fourth Amendment because the sole purpose of government offices is to facilitate agency work- "[t]he employee may avoid exposing personal belongings at work by simply leaving them at home."⁶¹

The plurality opinion concluded that a standard of reasonableness should be applied where a public employer searches and/or seizes items from an employee's office, desk or file cabinets because both the warrant and probable cause requirements are impractical for work-related searches. Such a search is permissible in both its inception and scope where the measures adopted for the search reasonably relate to the search's work-related objectives; and, given the nature of the employee's alleged misconduct, the search does not excessively intrude on the employee's privacy.⁶²

The Ortega analysis is wrong for several reasons. First, the decision probably causes the workplace to run less efficiently. The Ortega plurality seems to assume that employers need almost unlimited access to employees' offices and desks to maintain efficiency. In fact, it is equally likely that increased employee privacy would result in a more efficient workplace.⁶³ Increased employee privacy sends a positive message from the employer to the employee. That message implicitly states that the employer trusts the employee to be responsible for his or her time and productivity. Such a message fortifies the working relationship between employers and employees and imputes personal dignity into the workplace. Arguably, the employer who regularly intrudes on and monitors its employees' workspace "tear[s] apart the fabric of trust and cooperation that binds companies and their employees."⁶⁴ This fabric is a delicate one. At the extreme, an employer who is privy to all intra-company communications creates a workplace filled with distrust. An employee who does not trust his employer has much less of an incentive to be efficient, resourceful and productive.

Ultimately, the Court's view of workplace efficiency wrongly casts the employee as the employer's adversary. This view of work is dysfunctional because it portrays the employee as a dolt incapable of managing his given responsibilities.⁶⁵ Successful companies do not treat employees as enemies.⁶⁶ Instead, smart managers provide their employees with both personal and professional incentives to perform productively.⁶⁷ Implicit within the employer-employee relationship is some element of trust. Trust begets teamwork, and teamwork begets productivity. Thus, an employee who has a modicum of workplace privacy probably will work more efficiently than an employee who is constantly looking over his or her shoulder.

Second, unlimited monitoring of employee E-mail transmissions could result in a competitive disadvantage to the employer.⁶⁸ Technologies such as E-mail enable immediate and efficient exchange of information. Sharing information enhances workplace productivity and efficient decision-making. However, allowing unlimited work-related monitoring of E-mail provides employees with a disincentive to use E-mail. For example, an employee who might constructively criticize a superior on E-mail might be reluctant to do so knowing her communication was being monitored. Likewise, an employee who wants to make a good impression on his superiors may avoid using E-mail where his communication mixes the personal with the professional. Some minimum protection of E-mail privacy promotes workplace efficiency through information sharing, especially in companies that rely heavily on E-mail as a form of intra-company communication.

Third, the Ortega decision takes no account of an employee's personal dignity. Generally, as a society, we agree that a person needs some minimal level of privacy to function with dignity.⁶⁹ Why should it be different in the workplace? The Supreme Court's view might make more sense if the employer still legally controlled all of its property under all circumstances.⁷⁰ Justice Blackmun, writing for the dissent in Ortega, noted substantial evidence indicating that employees are spending an increasing amount of time in the work environment.⁷¹ The more time employees spend at work, the more critical some minimum level of privacy will become. There also exists a substantial body of organizational behavior literature which strongly suggests that employees who have privacy at work are more productive as a result.⁷² This productivity derives, in part, from the dignity an employee derives from knowing he has a reasonable expectation of privacy.⁷³ In contrast, the plurality characterized the workplace as purely for the purpose of work where nothing of a personal nature should be kept.⁷⁴ The plurality offered no evidence, however, as to why personal belongings should not be kept at work, or how such a rule furthers workplace efficiency. The Ortega opinion implies that technologies like E-mail should be given little privacy protection similar to a technology such as an objective data transmitter (e.g., stock price data).⁷⁵ For the reasons mentioned above, this Comment urges that E-mail in the workplace should receive privacy protection greater than that implied by the Ortega analysis.

The Schowengerdt court relied on O'Connor v. Ortega to decide whether Schowengerdt had an expectation of privacy in his office where his employer did not notify him of possible work-related searches. The Ninth Circuit held that, under Ortega, Schowengerdt could have had a reasonable expectation of privacy in his desk, and therefore reversed the district court. The Ninth Circuit found that "all members of the Ortega Court agreed that '[i]ndividuals do not lose Fourth Amendment rights merely because they work for the government.'"⁸²

The Schowengerdt court also noted that eight of the Justices agreed in Ortega that some expectations of privacy held by employees may be unreasonable due to the "operational realities of the workplace."⁸³ While Justice O'Connor, writing for four Justices, contended that an office may be so open as to afford no privacy protection, five Justices disagreed. The Schowengerdt court pointed out that Justice Scalia and the four dissenting Justices held that employees' desks, offices and files are protected against unreasonable searches by government employers. Moreover, Justice O'Connor's Ortega opinion had argued that public employees' privacy expectations may be diminished by office practices and procedures or by legitimate regulation. The Schowengerdt court found that pre-Ortega rulings supported Justice O'Connor's view even though the remaining five Justices did not embrace or reject O'Connor's contention. Thus, the Schowengerdt court concluded that, where an employee is forewarned of an office search for work related purposes, the employee's expectation of privacy diminishes accordingly.⁸⁴

In Shields v. Burge,⁸⁷ the Seventh Circuit also elaborated on what constituted a "reasonable work-related" search. Shields was a police sergeant and narcotics investigator for the state. Based on reports that Shields was trafficking marijuana, he was removed from his narcotics beat. Subsequently, an internal investigation of Shields' alleged misconduct was begun. The superintendent of the internal investigation, Burge, learned that Shields may have tipped off a suspected criminal that the criminal was being investigated by the state. As part of the internal investigation against Shields, two officers working for Burge searched a desk in Shields' office. They also searched Shields' automobile and a locked briefcase in the automobile. The searches were performed without a warrant and without Shields' consent.⁸⁸

During the internal investigation, a special prosecutor appointed by the state court investigated whether Shields had committed any crimes. An indictment was issued, but no convictions resulted. Shields alleged in his complaint that the search of his desk, automobile and locked briefcase violated the Fourth Amendment. The district court granted the government summary judgment on this count because it found the search to be reasonable under Ortega.⁸⁹ The Seventh Circuit court affirmed, discussing the Ortega decision at length.

The Shields court found that the plurality's reasonableness standard in Ortega governed work-related searches in the workplace. It further outlined two types of interests which supported the search of Shields' desk as reasonable. First, both the government and the public have a strong interest in stopping work-related misconduct by police officers. Second, both the government and the public have an interest in halting drug use and drug trafficking.⁹⁰ However, the court applied a different standard to the search of Shields' briefcase.

One case indicated that strip searches of prison employees to investigate work-related misconduct must be supported by a warrant and probable cause because of the highly intrusive nature of visual body-cavity searches.⁹⁴ A second case upheld a "seizure" of police officers for a lineup. The lineup was to determine if any of the officers had been involved in alleged police brutality. In this case, the court stressed the unique interest of the government and the public in police integrity. These interests limited the full privacy and liberty police officials otherwise enjoyed.⁹⁵ A final case held that strip-searching a police officer to investigate work-related misconduct violated the Fourth Amendment, absent a reasonable suspicion that the search would turn up evidence of the misconduct.⁹⁶

Compared to these three cases, the court adjudged warrantless search of Shields' briefcase as reasonable. Searching a locked briefcase was less intrusive than a strip search. Moreover, those conducting the internal investigation did have some information indicating that Shields had engaged in misconduct at work. Though this information may not have risen to the level of a "reasonable suspicion," the Shields court held that the search's less intrusive nature, the search's work-related nature, and the special interest in police integrity added up to a reasonable search.⁹⁷ The Shields decision implies that police officers may retain substantially less rights to privacy than other types of public employees. "Some information" of work-related misconduct probably will suffice to make a search reasonable given the public's special interest in police integrity.

Regarding "reasonableness," Shields and Schowengerdt together suggest that a work-related search of an employee's E-mail may be of a "hybrid" nature, especially where there is no notice given by the employer. A plaintiff would have to characterize the E-mail transmissions at issue as similar to the locked briefcase in Shields' office. Such a characterization would be easier where the employer had no policy stating that E-mail should be used only for work-related matters, and the employee's E-mail files had a private access code known only to the employee and the systems manager. The access code would be analogous to a briefcase lock. Arguably, the more the facts of a given case indicate the employee expected her E-mail transmissions to be confidential, the less likely a court will find that an employer's work-related search was reasonable.

Walker was a letter carrier in the United States Post Office in Florence, Alabama. Walker was African-American, his supervisors were Caucasian. Walker and other employees believed Walker's supervisors were trying to terminate Walker's employment for race-motivated reasons. Someone warned Walker that his supervisors were monitoring his conversations at his work station. Walker then noticed two objects that looked like intercoms affixed to his workstation. Walker sued his supervisors, Darby and others, for illegal interception of his conversations and invasion of privacy.¹⁰⁰

The district court granted summary judgment for Darby who was the named defendant for the United States Postal Service. On appeal, the Eleventh Circuit found that, for Walker's claim to survive summary judgment, a court must find that questions of material fact exist regarding: (1) whether Walker's communications were actually intercepted by his supervisors through the use of some device, (2) whether Walker had an expectation of privacy that his conversations would not be intercepted, and (3) if Walker had such an expectation, whether it was justified under the circumstances.¹⁰¹

The Eleventh Circuit held in favor of plaintiff Walker based on two key factors. First, the district court believed that a plaintiff could raise an issue of material fact regarding "actual interception" only where he could prove specific contents of a particular conversation were intercepted.¹⁰² The Eleventh Circuit disagreed and held that "actual interception" may be proved without direct evidence because a successful wiretap depends on the perpetrator's ability to conceal the tap.¹⁰³

Second, the Walker court found that questions regarding Walker's expectation of privacy were part of the same inquiry. Walker needed a subjective expectation that his conversations would not be intercepted; and, that expectation had to be objectively reasonable.¹⁰⁴ The court distinguished this inquiry from determining whether Walker had a reasonable expectation of privacy in his workplace area at the post office.¹⁰⁵

This distinction was critical to Walker's case. Otherwise, he would be subject to the lower standard of reasonableness for search and seizure outlined in Ortega. In Ortega, the Supreme Court utilized a balancing test to compare the government's interest as an employer in the workplace against the employee's interest in personal privacy. The balancing test tipped in favor of the employer because supervisors, co-workers and even the public had access to the employee's workplace. In contrast, no such governmental interests tempered the analysis in Walker. Walker must have had a subjective belief his conversations would not be intercepted, and that belief must have been objectively reasonable. In other words, another average reasonable person in Walker's situation would have believed his or her conversations would not be monitored under the circumstances.¹⁰⁶

The Walker court pointed out that other Circuits had found that a suit under the anti-wiretapping statute¹⁰⁷ stated a cause of action even absent an expectation of privacy in the Fourth Amendment search and seizure context.¹⁰⁸ For example, an employee may not expect total privacy in her office, but she still would be protected by the anti-wiretapping statute where she was "[unaware] of the specific nature of another's invasion of [her] privacy."¹⁰⁹ The Walker court concurred with decisions by both the Sixth Circuit¹¹⁰ and an Illinois district court¹¹¹ which distinguished an expectation of privacy from an expectation of non-interception:

Interestingly, the concurring opinion in Walker believed that much of the majority's opinion regarding Walker's subjective and objective expectations of privacy was dicta. The concurring opinion reasoned that the district court never discussed these issues and neither party's brief raised the issue. Thus, whether an employee had an expectation of non-interception in his place of work should not have been addressed on appeal until the district court tried the issue.¹¹⁷

Ortega, Schowengerdt, Shields, and Walker, taken together, suggest two critical points regarding work-related employee privacy. First, federal courts have so narrowly circumscribed the public employee's Fourth Amendment work-related privacy rights that these rights have all but vanished completely.¹¹⁸ Where an employee is forewarned of an office search, the employee's expectation of privacy diminishes accordingly. These cases show that court-made law favors employers. Second, with an eye to the future, if we think it wise to expand work-related privacy for employees, such an expansion will have to be found in either federal statutes¹¹⁹ or state constitutions.¹²⁰

Congress passed the ECPA to close loopholes in Title III of the Omnibus Crime Control and Safe Streets Act of 1968 (Title III).¹²⁴ These loopholes in privacy protection were created by advancing communications technologies, particularly in the area of computer communications.¹²⁵ The important loopholes in Title III, for purposes of this discussion, are threefold: (1) Title III limited privacy protection to narrowly defined categories of "wire" and "oral" communications;¹²⁶ (2) Title III protected only against unauthorized "aural interception of voice communications";¹²⁷ and (3) Title III did not cover communications between computers, or between a computer and a human.¹²⁸

The ECPA remedied these loopholes. First, the ECPA amended the definitions of "wire" and "oral" in Title III to include the term "electronic."¹²⁹ An "electronic communication" specifically includes E-mail.¹³⁰ The phrase "electronic communication" is defined broadly and is intended to cover any communication not carried by sound waves, and not carrying the human voice.¹³¹

Second, Title III was amended to include the words "aural or other acquisition."¹³² Amending this section allowed Congress to include non-aural, electronic communications within the purview of Title III's protection.¹³³ The term "intercept" in Title III now includes acquiring the contents of an electronic communication non-aurally, in addition to acquiring a wire or oral communication aurally.¹³⁴ For example, using an electronic wiretap to read and store a competitor's computer modem transmissions without consent would violate Title III even though the wiretapping involves no human ear listening.

Finally, the ECPA amended sections 2701 through 2711 of Title III for stored wire and electronic communications. An "outside" or third party may not intercept electronic mail under these sections.¹³⁵ The amendments make it criminal for a person to intentionally access an electronic communication without authorization; to go beyond the authorization when accessing the communication; to "intentionally obtain" a communication; or, to alter or prevent authorized access to a communication.¹³⁶

With regard to "electronic communications," particularly electronic mail, courts have not yet applied the ECPA.¹³⁷ However, recently, in Colorado Springs, Colorado, an interesting issue regarding E-mail privacy surfaced. The city's mayor admitted he had read hard-copy printouts of electronic mail messages sent between City Council members.¹³⁸ The mayor felt he had a right to read the E-mail, since state laws demand that most City Council business be conducted in public. Furthermore, the city's E-mail policy required a secretary to print out all E- messages periodically, then delete them from the city computer to save space. The printouts were retained in case any of the messages were deemed covered by the state's broad public-records law. City officials did post official notices in the Colorado Springs computer message system because the system was partially open to the public. The mayor claimed he intended to review these E-mail printouts to insure government employees were performing their jobs in a forthright manner. The city officials would never have kept the printouts had they thought their actions criminal. In fact, he thought his actions were legal because of the state's public-records laws.¹³⁹

Applying the ECPA to the facts, the mayor's actions come within the purview of the Act because he is an "outside" or third party who is a public actor. Inadvertent interceptions by third parties are not crimes under the ECPA because amended sections 2510 and 2511 of Title III require that the actor's mens rea be "intentional."¹⁴⁰ The legislative history of the subsection reveals that Congress desired that the wiretapper's conduct or his causing a certain damaging result from wiretapping must be the wiretapper's "conscious objective."¹⁴¹ Arguably, the mayor did not have the conscious objective of causing a damaging result to those employees whose E-mail he read. On the other hand, he did intend to intercept the E-mail communications, and that action in itself may constitute a harm.¹⁴²

Courts have held that states may enact broader privacy protection than that required by the ECPA. Where state protection against wiretapping or eavesdropping is less stringent than the ECPA, federal law controls. However, where state law is more stringent, a potential offender is subject to the higher standard.¹⁴³ State law is pre-empted only where it is more permissive than federal law.¹⁴⁴ This point is critical when considering whether state law might provide broader privacy protection than its federal counterpart. Under the ECPA, states may enact broader privacy protection in the workplace should they see fit to do so.

It bears repeating that current federal law does not directly cover the situation where a private employer wiretaps or monitors employee E-mail transmissions. Instead, the ECPA appears to focus on "third party" interception. This focus provides some proof that Congress enacted the ECPA because it was principally addressing the problem of a company's stealing valuable electronic information from its competitors. Yet, nothing in the legislative history of the ECPA clearly suggests that Congress did not intend the ECPA to cover a private employer's monitoring of an employee's E-mail transmissions.¹⁴⁵

Experts predict that "whatever California courts decide will probably be a model for the nation."¹⁴⁹ Currently, the critical case in California is Shoars v. Epson America, Inc.¹⁵⁰ In Shoars, the plaintiff was employed as an Office Systems Programmer Analyst in the Information Resources Department at Epson America, Inc. Her responsibilities included providing user support and training in office automation software and personal productivity tools with special emphasis on supporting Epson's employees in the use of electronic mail. About seven hundred Epson employees had desktop computers which, through electronic mail, created access to approximately nine million other computers worldwide. E-mail was presented to Epson employees by Epson management as an alternative to FAX, telephone and U.S. mail. All of Epson's E-mail users needed a personal password to access their own messages.

Plaintiff's direct supervisor systematically printed up and read all of the E-mail that was entering and leaving Epson's place of business where plaintiff worked. Plaintiff's supervisor accomplished this monitoring by placing a "tap" on the electronic mail gateway where the mainframe computer interfaced with the outside E-mail communications service. The tap automatically downloaded and printed up every private communication entering or leaving the office.

Plaintiff, as part of her job description, had been informing Epson employees that their E-mail transmissions were confidential. She also believed that no one in Epson had given her supervisor consent to read the transmissions. Plaintiff entered the unlocked office of her supervisor while he was on vacation and discovered that the tap was in place, and that her supervisor had printed up thousands of pages of employee E-mail. Plaintiff subsequently confronted her supervisor and demanded that he dismantle the tap and destroy the printed up messages. Plaintiff's supervisor advised plaintiff the tap was not her business and threatened to fire her if she did not keep quiet about her discovery. In turn, plaintiff, using the E-mail at work, sent a private message to the Manager of Network Software and E-Mail Administrator at Epson's Santa Clara office, requesting that he issue her a new E-mail account number, one to which plaintiff's supervisor would not have access. Plaintiff's supervisor intercepted the transmission, and fired plaintiff shortly thereafter for gross insubordination.¹⁵¹

Plaintiff sued Epson under California Penal Code section 631 which provides a private right of action for wiretapping in the workplace.¹⁵² Section 631 prohibits "[a]ny person who by means of any machine, instrument, or contrivance, or in any other manner, intentionally taps, or makes any unauthorized connection, whether physically, electronically, acoustically, inductively or otherwise." The section requires consent from all parties before a communication may be tapped. Section 631 also states that a person may not "read or attempt to read [the communication], . . . learn the contents or meaning of any message, report or communication while the same is in transit or passing over any such wire, line or cable, or is being sent from, or received at any place within the state."¹⁵³

Section 632 proscribes intentional eavesdropping on a confidential communication using "any electronic amplifying or recording device" without the consent of all parties involved. Eavesdropping is illegal "whether the communication is carried on among such parties [in person] . . . or by means of a telegraph, telephone or other device"¹⁵⁴ (emphasis added). Interestingly, in section 632(b), the code defines the term "person" to include individuals as well as businesses.¹⁵⁵

Section 632(c) states that a confidential communication includes

Arguably, Shoars might have had a stronger case if she could have brought a cause of action under section 632. Section 632(c)'s "reasonable expectation of privacy under the circumstances" standard weighs in plaintiff's favor where Epson represented that E-mail was a confidential form of communication to the employees. Unfortunately, Epson's "listening in" on employees' E-mail transmissions involved a physical tapping of an electronic line as opposed to equipment not connected to a line. However, under section 630, the California legislature's strong statement of intent to broadly apply sections 631 and 632 to "new devices and techniques [used] for the purpose of eavesdropping on private communications" might encourage a court to apply the reasonable expectation standard articulated in section 632 to causes of action under section 631.¹⁵⁸ Furthermore, recovery of monetary damages are allowed for violations under sections 630 to 632. The damages are three thousand dollars per violation or three times the amount of any actual damages sustained by the plaintiff. Injunctive relief is also available.¹⁵⁹

Thus far in Shoars, the Superior Court of California sustained Epson's demurrer by reason of plaintiff's failure to state sufficient facts on which a cause of action may be based. The court found that E-mail was not covered by section 631 of the California Penal Code for three reasons. First, the court contended that it was not clear plaintiff had an expectation of privacy. Without such an expectation, there could be no invasion of that privacy through wiretapping. The superior court did not elaborate on this statement.¹⁶⁰

Second, the court assumed, and found arguendo, that even if plaintiff had an expectation of privacy, E-mail was not covered by section 631 based on the California Supreme Court's interpretation of section 631 coverage in Ribas v. Clark.¹⁶¹ In Ribas, Ribas and his wife were obtaining a divorce. Ribas's wife had Clark monitor a critical telephone conversation regarding the couple's divorce. Ribas's wife later used this information to try to rescind the divorce. Ribas sued Clark for an invasion of his privacy under section 631. The California Supreme Court held, inter alia, that section 631 covers intra-spousal wiretapping and eavesdropping.¹⁶²

Third, the court in Shoars held that section 631 did not cover interception of E-mail communications despite the broad statement of intent offered by the California legislature in section 630 of the California Penal Code.

Given this three-part analysis, the superior court concluded that,

There are several problems with the trial court's ruling in Shoars. First, the trial court concluded it was not clear plaintiff had an expectation of privacy on the employer's electronic mail system. This conclusion completely ignored the reasoning employed by the Eleventh Circuit in Walker v. Darby.¹⁶⁷ Recall that in Walker the court concurred with decisions by both the Sixth Circuit and a state district court which distinguished an expectation of privacy from an expectation of non-interception.¹⁶⁸ Further, the court held that an expectation of privacy is not required in order to find an expectation of non-interception.¹⁶⁹ The Shoars court completely ignored this distinction,¹⁷⁰ and instead pre-emptively concluded that the controlling question was whether plaintiff had an expectation of privacy.

The reasoning in Walker suggests that a plaintiff may sustain a cause of action under the California Penal Code anti-wiretapping statute even absent an expectation of privacy under a Fourth Amendment analysis. The plaintiff in Shoars may not have expected total privacy in her office, but she is still protected by the anti-wiretapping statute where she is unaware of the specific nature of another's invasion of her privacy. Under this reasoning, an employee who expects privacy in her personal conversations in the workplace may be distinguished from an employee who expects that her E-mail conversations would not be intercepted by a device which allows those (electronic) conversations to be monitored inside an office in another area of the building.¹⁷¹

Shoars could argue that her supervisors intended to intercept her E-mail conversations because she had discovered that her supervisor was acting contrary to company policy. Recall that Shoars had informed Epson employees that their E-mail transmissions were confidential. She also believed that no one in Epson had given her supervisor consent to read the transmissions. This belief probably satisfies the objective prong of the standard articulated in Walker.¹⁷² When Shoars discovered the electronic tap, she confronted her supervisor, and demanded that he dismantle the tap and destroy the printed up messages. Shoars' supervisor threatened to fire her if she revealed what she had found. Hence, it appears Shoars was fired because she discovered her supervisor covertly and thus illegally reviewing employee E-mail.

In contrast, the defendant in Shoars could distinguish Walker by arguing that Shoars' supervisors are private actors who were attempting to police her work-related conduct.¹⁷³ Shoars' supervisors, as part of a private business, were acting in an official capacity by reviewing E-mail communications. Thus, the Walker analysis should not apply in Shoars because (1) Walker's arguments were made pursuant to the ECPA which does not cover private actors, and (2) the monitoring was work-related.

At least the Shoars trial court should have addressed the expectation of privacy issue based on the inference that Shoars would not have expected her electronic conversations or other employees' transmissions to be electronically intercepted or monitored by her supervisor in his office. The distinction articulated by the Walker court could be utilized to bring Shoars within the purview of California's anti-wiretapping statute because the statute clearly covers private actors.

The second problem stems from the court's reliance on Ribas v. Clark¹⁷⁴ The Shoars Court cited Ribas in support of a "narrow" reading of section 631 excluding E-mail from the statute's purview. A careful reading of Ribas reveals that this case does not support the trial court's conclusion. In Ribas, the California Supreme Court cited favorably the legislative intent in section 630 of the California Penal Code, writing that

It is difficult to understand how plaintiff's cause of action in Shoars does not fit into either the second or third proscriptions articulated by the California Supreme Court in Ribas. Under the second proscription, Epson's interception of employee's E-mail constitutes a willful attempt by Shoars' employer to learn the contents of a confidential communication. Under the third proscription, using the intercepted transmissions to fire Shoars is an attempt to use or publicize information obtained through interception. Thus, the actual text in section 631, the legislative intent articulated in section 630, and the opinion of the California Supreme Court in Ribas combine to strongly favor placing E-mail communications within the protection of section 631.

Third, the Superior Court employed a flawed rationale in its ruling by alluding to the ECPA in support of its conclusion that E-mail is not covered under section 631. This analogy to federal law proves uninformative. Nowhere in the ECPA's language, nor in its legislative history, is state law mentioned. It is at least equally likely that federal legislation serves as a floor for privacy protection, not as a ceiling; and therefore states are free to enact stricter privacy laws. Moreover, section 631, with its broader legislative intent, should not be limited in scope simply because the ECPA, a federal statute, does not cover a private employer's intentional monitoring of its employees' communications. In fact, it is not clear that even the ECPA bars suits by private employees against surreptitious employer monitoring of E-mail communications. The legislative history for section 2701(c)(1) of the ECPA¹⁷⁸ states that "it is not a violation of [the ECPA] if the conduct was authorized by the person or entity providing the wire or communications service, or if the conduct was authorized by the user of that service with respect to communications of or intended for that user."¹⁷⁹

In Shoars, management represented to the employees that E-mail communications were confidential. Under the ECPA, whether Shoars' supervisor "was authorized" to monitor E-mail transmissions appears to be a triable issue of fact. Likewise, whether employees' E-mail was "intended" for Shoars' supervisor also appears to be an issue of fact.

Furthermore, it is not clear from the ECPA or its legislative history that "a person or entity" providing E-mail service is synonymous with the employer or a supervisor within the company. Many companies purchase their E-mail services from an outside supplier.¹⁸⁰ Technically, this outside supplier "provides" the E-mail service to the employer. The employer, in turn, provides the E-mail service to the employees. The specific language of the ECPA does not equate "employer" with "E-mail provider." It is at least equally likely Congress intended to impose employer liability where a supervisor covertly monitored employee E-mail communications which were represented to employees as confidential.

The Shoars court's reluctance to allow a cause of action under section 631 for intercepting E-mail communications probably turned on the fact that the actual language of section 631 never mentions the magic words "electronic mail." But, excluding E-mail from the coverage of the section ignores the legislative intent of section 630, and misreads the California Supreme Court's broad interpretation of privacy protection presented in Ribas v. Clark.

State courts should hold that electronic mail is within the purview of a state's anti-wiretapping or anti-eavesdropping statutes where: (1) the legislative intent of the statutes supports such a reading, or (2) the state courts have implied such a reading, despite the fact that the actual state statute does not mention the actual words "electronic mail." The Shoars trial court erred because both elements (1) and (2) were present. Neither the Constitution nor federal statutes afford such protection to private employees. Including electronic mail within the purview of state statutes like section 631 is not only consistent with the state's interest in employment law, but is also consistent with the trend toward giving private employees more privacy protection.¹⁸¹

We know that Congress did not amend Title III of the ECPA until technological advances made Title III obsolete. State courts should not exclude E-mail from the purview of their analogous state statutes simply because those statutes neglect to mention the words "electronic mail." Such a narrow reading of state statutes effectively resolves the issue in favor of employers by ignoring state legislative intent. States have as much an interest in protecting employees as they do in employers. Based on the superior court's holding in Shoars, sections 630 and 631 may require amendments to specifically include forms of communications like electronic mail. Certainly, this is an issue with which the state court will have to grapple if Shoars is appealed.

On appeal, should a California court find that Shoars is protected under sections 630 and 631, it would not be the first time California courts have found that state law provides broader privacy protection than comparable federal law. In Hill v. NCAA,¹⁸² the California Court of Appeal held that the NCAA violated student athletes' right to privacy by requiring that all athletes be drug-tested. According to the court, article 1, section 1 of the California Constitution¹⁸³ provides broader privacy protection than Fourth Amendment law because article 1 both covers private and public actors, and requires the state to show a compelling interest before it can invade a fundamental right to privacy.¹⁸⁴ The NCAA lost on appeal because it could not meet the higher state-imposed constitutional burden.

Analogously, a state court of appeals might find that Shoars comes within the purview of sections 630 and 631 because the state generally provides greater privacy protection than does the Federal Constitution. Recall that sections 630 and 631 are criminal statutes, not civil. While Hill v. NCAA is of constitutional significance, the Shoars case deals directly with privacy as a criminal matter. Arguably, the state has a very strong interest in regulating criminal intrusions of privacy. At minimum, a court of appeals should recognize a cause of action under section 631 because such recognition squares with both precedent and state legislative intent.

A gap exists in between the time when a new communication technology is created and the later time at which a statute is designed by Congress or a state legislature to regulate the new technology. During that period, the letter of the law may not protect the users of the new technology from invasions of privacy. In this gap, courts retain exclusive jurisdiction to decide whether newly-created privacy issues may be brought within the purview of the old law. Often, a court confronted with a "gap" issue will decide that it is the province of legislators, not courts, to extend statutes to cover privacy issues raised by new technologies.¹⁸⁵ Such a decision by a court is fully acceptable as long as the court owns up to what such a decision means. Denying a plaintiff a cause of action means that the court is deciding in favor of the defendant., based not on the merits of the case, but, based on a value-judgment by the court regarding its role in the legislative/adjudicative process.

As the magnitude of the gap increases, a court should allow a cause of action under old law instead of waiting for a legislator to legislate accordingly.¹⁸⁶ The decision to defer to the legislature decides the issue in favor of the defendant in a veiled manner; yet, such a decision still shapes the landscape of employer-employee relations, no less than a decision on the merits. Where a plaintiff is an employee as in Shoars, the meaning of such deference by courts is clear: an employer does not violate an employee's right to privacy in the workplace unless a law created by a legislative body specifically proscribes such a violation; otherwise, we favor the employer's interests by default.

It is wrong for the Shoars court to favor the employers' interests by default. A court adjudicating a "gap" case which denies the employee a cause of action decides the issue in favor of the employer under the illusion of deference to the legislature. This type of deference favors the employer without a discussion as to why the employer should be favored. This Comment has argued that the workplace may run more efficiently if the employee's privacy interests are favored. At least, courts must remain aware of how their deference and inaction work a hardship on plaintiffs, regardless of how they ultimately would balance the interests at stake. To act otherwise in the "gap" institutionalizes a view of the workplace which, like the view promulgated in Ortega, is outdated.