Category: Counseling & Compliance Training

Lawrence Del Rossi and Joshua Rinschler Publish Article on an ‘Awkward Theory’ of Personal Liability for Supervisory Employees Under the NJLAD

Associates Lawrence J. Del Rossi and Joshua D. Rinschler’s article, Aiding and Abetting Your Own Conduct – An ‘awkward theory’ of personal liability for supervisory employees under the N.J. Law Against Discrimination (NJLAD), was published in the July 16, 2012 edition of the New Jersey Law Journal.  Their article takes a look at what is becoming a common practice in wrongful discharge cases brought under the NJLAD where terminated employees are not only suing their employer, but also naming as an individual defendant the supervisor who made the decision to terminate.  Their complete article appears below.

Aiding and Abetting Your Own Conduct – New Jersey Law Journal – Larry Del Rossi and Joshua Rinschler – 7-16-12

 

 

Is Your Electronic Information Protected from Employees Under the CFAA? Maybe So, Maybe Not…

In WEC Carolina Energy Solutions LLC v. Miller, 2012 WL 3039213 (4th Cir) decided July 26, 2012, the Fourth Circuit sided with the Ninth Circuit in deciding that the Computer Fraud and Abuse Act (“CFAA”) does not apply to employees and former employees who were authorized to access the employer’s electronic information.  The decision stands in contrast to the position taken by the Seventh Circuit in Int’l Airport Ctrs., LLC v. Citrin, 440 F.3d 418, 420–21 (7th Cir.2006).  The Fourth Circuit rejects the interpretation of the CFAA taken by the Seventh Circuit, which interprets the CFAA much more broadly.  The Seventh Circuit concludes that an employee’s misappropriation of electronic information from his employer is a breach of the employee’s duty of loyalty that immediately terminates his agency relationship and with it his authority to access the laptop, because the only basis of his authority had been that relationship.

WEC Carolina Energy Solutions Inc. argued that its former employee violated the CFAA’s ban on access “without authorization” by taking files from his work computer to a rival company.  The employer had argued in the District Court that by misappropriating the information, Miller voided his agreement with the company, and, therefore, he was no longer permitted to access his computer under the CFAA.  The District court rejected that interpretation of the CFAA and the Fourth Circuit affirmed.  In so ruling the Court “ adopt[s] a narrow reading of the terms “without authorization” and “exceeds authorized access” and hold[s] that they apply only when an individual accesses a computer without permission or obtains or alters information on a computer beyond that which he is authorized to access.”

The Fourth Circuit, like the Ninth and Seventh Circuits, found the crux of the issue presented to be “the scope of ‘without authorization’ and ‘exceeds authorized access,’” but the Fourth Circuit finds the Ninth Circuit argument in United States v. Nosal, 676 F.3d 854, 863 (9th Cir.2012) (en banc), the better interpretation of “authorization” as being “that an employee is authorized to access a computer when his employer approves or sanctions his admission to that computer.  Thus, he accesses a computer ‘without authorization’ when he gains admission to a computer without approval.  Similarly, we conclude that an employee ‘exceeds authorized access’ when he has approval to access a computer, but uses his access to obtain or alter information that falls outside the bounds of his approved access.  Notably, neither of these definitions extends to the improper use of information validly accessed.  (citations omitted.)”  Unlike the Ninth Circuit, however, which was willing to find that a CFAA violation could be established where an employee exceeded his authority under a company access policy, the Fourth Circuit ruling is even more restrictive than the Ninth Circuit’s view.  The Fourth Circuit “adopt[s] a narrow reading of the terms ‘without authorization’ and ‘exceeds authorized access’ and hold that they apply only when an individual accesses a computer without permission or obtains or alters information on a computer beyond that which he is authorized to access.”

Given that the CFAA has both criminal and civil liability the Fourth Circuit chose to strictly construe the language.  Even “under the Nosal panel’s approach, because [the employee] obtained information ‘in a manner’ that was not authorized (i.e., by downloading it to a personal computer), he nevertheless would be liable under the CFAA. See § 1030(a)(2)(C).  Believing that Congress did not clearly intend to criminalize such behavior, we decline to interpret ‘so’ as ‘in that manner.’”  The bottom line—the Fourth Circuit approach, “reject[s] an interpretation of the CFAA that imposes liability on employees who violate a use policy, choosing instead to limit such liability to individuals who access computers without authorization or who obtain or alter information beyond the bounds of their authorized access.”

While the lines of the split in Circuits has become more defined with WEC Carolina Energy Solutions LLC, predicting what the Supreme Court will do with that split is another story.  My money is on Judge Posner’s interpretation in International Airport Centers, partly because he is a brilliant jurist and I practice in the Seventh Circuit, but mostly because that is the interpretation that expands an employer’s arsenal of protections against cheating employees.  However, until the fat lady [U.S. Supreme Court] sings employers should continue to draft and implement a computer access and use policy for its employees that assumes that a well drafted policy violated by an employee can be enforced under the CFAA, so long as the employer can demonstrate $5,000 in damages to the employer resulted from the employee’s actions.

Cheryl Orr and Heather Sager Contribute Articles to The Recorder’s Special Issue on Privacy

Partners Cheryl Orr and Heather Sager contributed articles in today’s special section on Privacy in The Recorder.  Cheryl’s article, Employer’s BYOD dilemna, looks at the issues and approaches employers are taking as employees use dual devices, i.e. one device for both work and personal use.  Heather’s article, Why can’t we be ‘friends’?, looks at what companies need to know when drafting their social media policies.  Copies of both articles are available via this link.

New Jersey District Court Allows Plaintiff to Proceed to Trial on Claim of Unlawful Discharge, Dismisses Claims of Handicap and Discrimination

The New Jersey District Court in St. Cyr v. Brandywine Senior Living LLC, recently granted summary judgment to the employer dismissing the plaintiff’s causes of action for handicap and race discrimination, but allowed the plaintiff to go to trial on her claim that she was unlawfully discharged in violation of the FMLA in retaliation for asking for a medical leave of absence because she was fired only two days before the leave of absence was to begin.  In granting summary judgment on the claim of handicap discrimination, the court determined that the plaintiff, who suffered from arthritis, was not “handicapped” under the NJLAD because the condition, which  was alleviated with medication, did not interfere with her ability to perform her job, and because she never asked for an accommodation for the condition.  The court rejected her claim of race discrimination based on her admission that the only evidence implicating racial animus was the fact that she was fired for watching the BET Network on television during working hours.  The court noted that the plaintiff, who had previously been placed on probation for poor performance and was on final warning, was replaced by an African American employee and had failed to show the legitimate reason given for her discharge was pretextual.  Despite that finding, however, and despite the fact that the employer had granted the plaintiff’s request for a medical leave of absence, the court denied summary judgment on the claim of retaliatory discharge under the FMLA based only on the determination that the timing of the discharge – only two days before her FMLA leave was to begin – was “unusually suggestive” of retaliatory motivation.  The court did not explain how the timing could be suspect if that was when the plaintiff was found watching television instead of doing her job, and if there was no evidence that the proffered reason was pretextual.

New Jersey District Court Denies Employer’s Motion to Dismiss Plaintiff’s Cause of Action After Employee’s Supervisor Gains Unauthorized Access to Employee’s Facebook Account

In Ehling v. Monmouth-Ocean Hospital Service Corp., the District Court in New Jersey recently denied the employer’s motion to dismiss the plaintiff’s cause of action for invasion of privacy in connection with a supervisor having gained unauthorized access to her private Facebook account.  The plaintiff nurse, who was also the union president at the hospital, had posted comments on her Facebook wall about the news story out of Washington, D.C. in 2009 concerning the killing of a security guard at the Holocaust Museum by a white supremacist in which she expressed her opinion or rant that the paramedics in D.C. should have let the shooter die rather than help him after he was shot during the incident:  “He survived [and] I blame the DC paramedics.  I want to say 2 things to the DC  medics.  1.  WHAT WERE YOU THINKING?  and 2.  This was your opportunity to really make a difference!  WTF!!!!  And to the other guards…. go to target practice.”  The supervisor apparently wanted access to plaintiff’s Facebook comments because of her leadership role with the union, and convinced a co-worker to give him access to her private account so he could copy her postings. When he saw the comments about the D.C. incident he sent a copy to the State Board of Nursing suggesting that it represented an improper disregard for patient safety.

On the employer’s motion to dismiss the invasion of privacy claim on the grounds that there can be no expectation of privacy with respect to Facebook postings, the court decided that the question whether the plaintiff had a reasonable expectation of privacy was for a jury to decide based on the circumstances, including the number of “friends” who had access to her Facebook wall where the plaintiff claimed that she had restricted access to her friends but did not provide access to any supervisors or members of management.  The court did not address the separate question whether a rant expressing an opinion about a news report could be considered an expression of one’s “private affairs” subject to protection under invasion of privacy law, and did not address the fact that Facebook specifically includes in its Privacy Policy a disclaimer to the effect that there is no guarantee of privacy and that users make postings at their own risk inasmuch as anyone with access can copy or share comments with anyone they choose.

Who’s The Boss: Third Circuit Announces Joint Employer Test for FLSA Cases, Opening the Door to Broader Exposure to Wage and Hour Liability

On June 29, 2012 the Third Circuit responded for the first time to a question pondered by many employers and courts within its judicial districts: what constitutes a “joint employer” under the FLSA?  In a case captioned In re: Enterprise Rent-a-Car Wage & Hour Employment Practices Litigation, the Third Circuit announced a four part, multi-factor test as an answer to this question.

In the Enterprise case, the joint employer question was raised as a result of the filing of a collective action by assistant branch managers at subsidiaries of Enterprise Holdings, Inc., seeking overtime pay under the Fair Labor Standards Act (FLSA).  While these assistant managers were employees of Enterprise Holdings’ subsidiaries, they nevertheless sought relief from Enterprise Holdings on the theory that it was a joint employer.

In answering whether Enterprise Holdings falls within the category of “joint employer,” the Third Circuit noted that the definition of “employer” under the FLSA is “the broadest definition that has ever been included in any one act.”  Emphasizing that the definition of employer focuses on “control,” the Third Circuit concluded that ultimate control over employees is not necessarily required and even “indirect” control may be sufficient

To determine whether a party is a “joint employer,” and thereby subject to FLSA liability, the Third Circuit adopted the following analysis:

Does the alleged employer have:

  1. Authority to hire and fire employees;
  2. Authority to promulgate work rules and assignments, and set conditions of employment, including compensation, benefits, hours and work schedules, including the rate and method of payment;
  3. Day-to-day supervision, including employee discipline; and
  4. Control of employee records, including payroll, insurance, taxes, and the like.

The Third Circuit emphasized that the factors identified do not constitute an exhaustive list and should not be “blindly applied.”  Rather, under the Third Circuit’s guidance, courts are to look to the “total employment situation” and “economic realities of the work relationship.”

How did Enterprise Holdings, the sole stockholder of thirty-eight domestic subsidiaries, avoid the label of “joint employer”?  Even despite finding that a three-member board of directors for each subsidiary consisted of the same people who sat on Enterprise Holding’s three-member board, the Third Circuit focused on other key facts in support of its decision:  (i) Enterprise Holdings had no authority to hire or fire assistant managers; (ii) Enterprise Holdings had no authority to promulgate work rules or assignments; (iii) Enterprise Holdings had no authority to set compensation benefits, schedules, or rates or methods of payment; (iv) Enterprise Holdings was not involved in employee supervision or employee discipline; and (v) Enterprise Holdings did not exercise or maintain any control over employee records.  Among these factors, the Third Circuit emphasized that Enterprise Holdings only “suggested” various Human Resources and salary policies and that the adoption of such suggestions was not mandatory, rendering the parent company more akin to a third-party consultant.

In light of this decision, employers and, in particular, parent corporations, should be aware of the fact that courts within the Third Circuit (Delaware, New Jersey and Pennsylvania) will apply the “Enterprise” test going forward.  Notwithstanding, while the test has been articulated, the analysis remains highly fact intensive and courts are by no means limited to consideration of the factors identified in the Enterprise decision.  Employers unsure of their FLSA joint employer status should contact their labor and employment counsel.

©2025 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy