Respect Privacy Rights of Employees on Social Web Sites

January 1, 2010Articles Hospitality Law

Court awarded punitive damages for accessing private chat group

A growing area of concern for employers in recent years has revolved around employees' electronic privacy rights, including both e-mail access and social networking Web sites. These issues came to light recently in Pietrylo v. Hillstone Restaurant Group, No. 06-5754 (D. N.J. 09/25/09), in which two former employees sued the defendant, Houston's Restaurant, for violations of the federal Wiretap Act/Electronic Communications Privacy Act, the New Jersey Wiretapping and Electronic Surveillance Control Act, the federal Stored Communications Act and its New Jersey equivalent, as well as for termination of their employment in violation of public policy and invasion of privacy.

The employees voluntarily dismissed their wiretapping claims after Houston's showed during discovery that it did not intercept any electronic communications.

A jury found that Houston's had violated the SCA by accessing an invitation-only chat group on MySpace, and the employee's MySpace accounts and passwords without authorization on at least five separate occasions. The jury awarded $2,500 and $903 in compensatory damages, respectively, to the two employees, Brian Pietrylo and Doreen Marino. However, the jury found that Houston's did not violate the employees' privacy. The jury also found that Houston's acted "maliciously," which allowed for the awarding of punitive damages.

Houston's moved for judgment as a matter of law, or alternatively for a new trial, arguing that the jury's findings for the employees could not be sustained. Specifically, the restaurant claimed that no evidence was presented that the managers knowingly accessed the MySpace chat group without authorization, or that their conduct was malicious in order to support an award of punitive damages.

The court, however, rejected this argument, finding that the employee who provided Houston's managers with her log-in information felt compelled to do so because she worked for Houston's and was under the supervision of her manager.

At trial, the employee further testified that she would not have provided her password if it was not for her manager being the one who requested it. She also testified that she felt compelled to provide her password, because she "felt that [she] probably would have gotten in trouble" if she had not given the managers access to her MySpace account.

As a result, the court said that this testimony could allow a jury to infer that Houston's managers did not have authorization to access the Web site, because the log-in information was coerced or provided under pressure. The court also added that the jury could reasonably infer that the managers intentionally accessed the Web site without authorization, because of testimony indicating that the managers knew that the employees were "uneasy" with having provided their passwords.

The court further found that the employees presented evidence that Houston's managers accessed the Web site account on several different occasions, although knowing that they were not authorized to access the contents. As a result, the court upheld the damage awards to the employees.

Carolyn D. Richmond is co-chair of the Hospitality Practice Group and partner in the New York office of Fox Rothschild LLP. Darren Rumack is an associate at the firm.