Computers use and high-speed Internet access are ubiquitous in workplaces and homes across the country and around the world. American retailers have even adjusted their marketing efforts. Cyber Monday sales often rival Black Friday bargains, reflecting the fact that many shoppers prefer to snag their bargains online, whether at home or at work, rather than braving post-Thanksgiving crowds.
However, surfing the Net may not be nearly as private as many users believe. In fact, the answer to the question of whether individuals have an expectation of privacy while surfing the Web or using email, whether on the job or at home, has often been “no.”
In Edwin Dyer, et al. v. Northwest Airlines Corp., et al., a 2004 class action lawsuit, the court dismissed the plaintiffs’ claim that the airline violated the Electronic Communications Privacy Act by disclosing information, individual passenger names, addresses, credit card numbers and travel itineraries to NASA in response to a request for information to conduct a study on passenger security.
The court rejected the plaintiffs’ attempt to portray the airline as a provider of “electronic communications services.” As a result, Northwest was not subject to the provisions of the ECPA. The court made this finding in spite of the airline’s posted privacy party that assured users that their information would not be shared with third parities. The court also ruled that the privacy policy stated on the company’s website did not represent an enforceable contract between the airline and its users.
That same year, a Minnesota court dismissed similar claims against Northwest Airlines raised in the In re Northwest Privacy Litigation class action lawsuit. In that case, the court rejected passengers’ claims that Northwest had violated the state’s Deceptive Trade Practice Act by disclosing passenger information to NASA, stating that “general statements of policy are not contractual.”
As of 2009, more than half of all American employers blocked access to social networking sites on their company’s computers. At the same time, many companies monitor their employees email messages and Internet use on the job, and attempt to control their workers’ comments concerning the company on social networking sites, even away from the job.
Despite pushback from individuals and privacy advocacy groups, the law generally favors employers, and seems set to continue to do so. In March 2012, The House of Representatives voted down a bill to prevent employers from demanding access to social networking passwords from employees and job applicants.
In Michael A. Smyth v. The Pillsbury Company, the district court dismissed a wrongful discharge claim brought by Smyth against Pillsbury, which had dismissed him in part because of the content of email messages Smyth had sent to his immediate supervisor. The court ruled that because Smyth had voluntarily sent the messages using company computers and the company’s Internet service no improper conduct was involved in intercepting the messages. This ruling was made in spite of the fact that Pillsbury had issued promises not to read its employees’ email messages, or to dismiss employees on the basis of email messages transmitted through the company’s email message system.
In United States of America v. Ray Andrus, the Tenth Circuit court affirmed the lower court decision allowing the warrantless search of Andrus’ computer, despite the fact that the computer was password protected. The court found that Andrus’ elderly father had the right to grant law enforcement access to the computer, even though his father never used the computer or even knew the password. However, because of the older man’s relationship to Andrus, and because the computer was located in the older man’s home, the court found that law enforcement acted reasonably in conducting the search. As a result, the court denied Andrus’ request to suppress evidence of child pornography discovered as a result of the search from being presented in court.
Originally established exclusively for access by college and university students in the United States, Facebook has exploded in popularity since eligibility was extended to the general public. In fact, the fastest growing demographic of Facebook users are not college students, but adults over age 65.
Since opening its service to the public, Facebook and other social networking sites have also been frequently targeted by backlash, including legal action, over perceived privacy violations. In December 2011, the Federal Trade Commission found that Facebook had engaged in “unfair and deceptive” practices in changing privacy settings without providing prior notice to users. In March 2012, a German court found that Facebook’s “Friend Finder” feature violated the European Union’s tough privacy standards.
The privacy landscape concerning social networking platforms is far from settled. Also in March 2012, Facebook, along with Twitter, LinkedIn, Foursquare and other social networking sites were named as defendants in Marc Opperman, et.al. v. Path, Inc. et. al., a class action lawsuit filed in Texas. The suit alleges that “apps,” developer-created programs utilized by social networking platforms for games, posting videos and photo-sharing, among other functions, were improperly used by the named defendants to gather private data about users.
