With the COVID-19 emergency impacting employers’ operations and the way employees work, more and more employees may start taking to social media to vent their opinions about work and current events (sometimes intertwining the two). Employee social media expression can damage an organization’s brand and violate its social media and non-disparagement rules. Discipline for social media expression can run afoul of the National Labor Relations Act (NLRA), which provides certain protections for employee speech, including social media speech, so that employees often believe that anything goes in this forum. Fortunately for employers, the National Labor Relations Board (NLRB) recently clarified the types of employee social media activity employers may regulate, giving employers more latitude to discipline employees for social media conduct that violates employer rules and threatens the employer’s reputation.
This eighth article in “The Restricting Covenant” Series discusses some recent trends in the evolving area of restrictive covenant law, non-solicitation agreements, and Internet social media networking, including sales representatives’ use of LinkedIn to contact and communicate with customers and other business relationships.
A decade or so ago, social media networking platforms on the Internet were new to me. I had just heard of this thing called “LinkedIn” as a new way to connect with my former classmates and other acquaintances. It was touted as an easy, cost-free way to communicate with them about my professional accomplishments and career developments. In many ways, your LinkedIn profile is your virtual resume to the world. Therefore, like millions of others, I created a LinkedIn profile, sent and received connection requests, and made posts.
Kate Gold, Mark Terman and Adam Thurston, partners in the firm’s Los Angeles office, recently presented to the Southern California Chapter of the Association of Corporate Counsel a program titled “What Happens at Work Stays at Work – The California Employer’s Approach To A National Program for Restrictive Covenants and Trade Secret Protection”.
The presentation, which was broadcast to in-house counsel viewing in three separate locations spread out around southern California, first looked at the California landscape, giving a refresher and update on non-competition agreements, customer and employee non-solicitation, identifying and pleading trade secrets and misappropriation.
The presentation then looked at considerations for a multi-jurisdictional approach to trade secret protection, including best practices for effective corporate policies and confidentiality and property protection agreements.
The presentation concluded by addressing social media in a trade secret protection program, including Twitter, LinkedIn, and BYOD, and making the most of choice of law and forum selection clauses in restrictive covenants.
A copy of the presentation can be downloaded here.
A recent decision by a Florida appeals court, Gulliver Schools, Inc. v. Snay, stands as a stark reminder of the perils of trying to maintain confidentiality in the age of social media where news can travel faster than the speed of sound and inadvertent dissemination of information that is intended to be “confidential” can be difficult, if not impossible, to prevent.
Patrick Snay sued his former employer, Gulliver Schools, for age discrimination and retaliation under the Florida Civil Rights Act after his contract as the school’s headmaster was not renewed. The parties reached a settlement in the amount of $150,000 ($10,000 in back pay, $80,000 for non-wage damages, and $60,000 in attorney’s fees), and agreed that the “existence or terms” of the agreement were to be kept strictly confidential. The confidentiality provision prohibited Snay from “directly or indirectly” disclosing or discussing the case or the settlement with anyone except “his attorneys or other professional advisors or spouse.” It contained a clawback or liquidated damages provision allowing for the disgorgement of plaintiff’s portion of the settlement payments in the event of a breach.
Only four days after the parties had signed the settlement agreement, the school notified Snay that he had materially breached the agreement based on a Facebook posting of Snay’s college-age daughter, who boasted to approximately 1200 Facebook friends (many of whom were either current or past Gulliver students): “Mama and Papa Snay won the case against Gulliver. Gulliver is now officially paying for my vacation to Europe this summer. SUCK IT.”
Mr. Snay testified that he believed his daughter was retaliated against at Gulliver, that she was “very concerned about” the lawsuit, and that after the settlement was reached he and his wife decided to tell their daughter that the case had settled and that they were happy with the result. They apparently did not tell her that the settlement was confidential or that she should not disclose such information to anyone else. The trial court found that neither Snay’s comments to his daughter nor his daughter’s Facebook comment constituted a breach. The appeals court disagreed and reversed, ruling that Mr. Snay “violated the agreement by doing exactly what he had promised not to do,” and “[h]is daughter then did precisely what the confidentiality agreement was designed to prevent, advertising to the Gulliver community that Snay had been successful in his age discrimination and retaliation case against the school.”
Confidentiality clauses like the one in the Snay/Gulliver settlement agreement are common and should be enforced when they are clear, unambiguous and voluntarily and knowingly agreed to. From a drafting standpoint, if it was important for Mr. Snay to have disclosed certain information about the settlement to his daughter (as he had claimed at his deposition), then the confidentiality provision could have included “immediate family” as permissible recipients of confidential information and have subjected those family members to the same confidentiality obligations as Mr. and Mrs. Snay.
In addition, attorneys should take heed of this opinion in light of their ethical and legal obligations to protect client confidences. The duty to protect privileged and confidential client information extends to current clients (RPC 1.6), former clients (RPC 1.9), and prospective clients (RPC 1.18). Zealous representation and confidentiality are at the foundation of the attorney-client relationship, but if an attorney’s spouse, family member, or co-worker, inadvertently or otherwise posts on social media client or case information that is confidential (e.g., “mom just settled big toxic tort case, off to Mexico for much needed family vacation!”), such disclosure could be disastrous.
Facebook continues to be the new “water-cooler” as co-workers regularly “friend” each other and allow access to their “wall” posts. New Jersey’s Federal District Court recently addressed the issue of whether a Hospital’s decision to suspend a nurse based on a post on her Facebook wall – which it received unsolicited from a co-worker who was a Facebook friend of the nurse – violated the Federal Stored Communications Act (“SCA”), 18 U.S.C. § 2701-11. The Court also addressed the nurse’s related invasion of privacy claim. Ehling v. Monmouth-Ocean Hospital Service Corp., 2013 U.S. Dist. LEXIS 117689 (8/20/13). [Opinion]
The nurse was a Hospital employee who maintained a personal Facebook account. She chose privacy settings that limited access to her “wall” to her Facebook ‘friends,” including one of her co-workers. Following the 2009 shooting at the Holocaust museum, the nurse posted the following to her wall:
An 88 yr old sociopath white supremacist opened fire in the Wash D.C. Holocaust Museum this morning and killed an innocent guard (leaving children). Other guards opened fire. The 88 yr old was shot. He survived. I blame the DC paramedics. I want to say 2 things to the DC medics. 1. WHAT WERE YOU THINKING and 2. This was your opportunity to really make a difference! WTF!!!! And to the other guards….go to target practice.”
Her co-worker took a screen shot of the post, and then showed the post to the nurse’s supervisor. As a result, the Hospital temporarily suspended the nurse, with pay, due to the concern that her comment reflected a “deliberate disregard for patient safety.”
The nurse sued claiming that the Hospital’s reliance on her Facebook post violated the Federal Stored Communications Act – and was an invasion of privacy. The Court first addressed the issue of whether the SCA applied to Facebook wall posts since the SCA was enacted in 1986, before the WorldWideWeb was developed in 1990 and web browsers were introduced in 1999.
The Court did determine that the SCA applied to Facebook posts based on the following analysis: (1) Facebook wall posts are electronic communications as defined by the SCA; (2) Facebook is an electronic communication service provider as defined within the SCA; (3) Facebook wall posts satisfy the “in electronic storage” requirement as they are not held in temporary, intermediate storage before delivery to the website, and are in accessible storage for back-up purposes; and (4) given that the touchstone of the SCA is to protect information that the communicator took steps to keep private, if a Facebook user chose privacy settings that limited access to her “friends,” the post at issue was covered by the SCA. The Court relied on California precedent in reaching this determination. Interestingly, the Court also found that the privacy protection provided by the SCA is not dependent on the number of Facebook friends to whom the user provides access.
However, the Court still granted summary judgment to the Hospital because it determined that the “authorized user” exception applied because the nurse granted her co-worker access to the post by “friending” her and thereby “intending” that her co-worker would view her posts. The Court also rejected the claim that the “authorization was coerced because the supervisor had never asked the co-worker for any information about the nurse, or the nurse’s Facebook activity. The Court also noted that the nurse’s supervisor was not in a position to offer the co-worker any benefit in exchange for the unsolicited presentation of the Facebook post since supervisor worked in a different division and had no control over the co-worker’s compensation.
The Court also dismissed the nurse’s common law invasion of privacy finding that:
“The evidence does not show that Defendants obtained access to Plaintiff’s Facebook page by, say, logging into her account, logging into another employee’s account, or asking another employee to log into Facebook. Instead, the evidence shows that Defendants were the passive recipients of information that they did not seek out or ask for. Plaintiff voluntarily gave information to her Facebook friend, and her Facebook friend voluntarily gave that information to someone else.”
Notably, the nurse also filed a complaint with the NLRB, however the NLRB determined that the Hospital did not violate the NLRA, and that there was no privacy violation because the post was sent, unsolicited, to Hospital management.
What is the take-away from this decision? First, employers have been waiting since the 2009 jury verdict in Pietrylo v. Hillstone Restaurant Group for guidance about what circumstances would qualify as “authorization” under the federal and NJ stored communications statutes. Second, employers should continue to use extreme caution taking adverse action based on employees’ social media activities. This decision, as well as recently enacted state legislation, clearly prohibits employers from directly – or indirectly – demanding access to employees’ social media accounts. As of July, 2013, legislation has been proposed in over 30 states to prevent employers from requesting passwords, and a number of states have enacted such legislation, including California, Illinois, Maryland and Michigan. Facebook has also condemned the practice and has updated its Statement of Rights and Responsibilities to address this issue.
In addition to potential liability under the SCA, the NLRB has been very active with regards to finding that Facebook rants about bosses, work conditions or compensation fall within the realm of protected “concerted activity” under the NLRA. However, even the NLRB has recognized that employers have a legitimate basis to take action in response to negative postings about their customers/clientele. The Office of the General Counsel found no violation for Facebook firings of a bartender who labeled customers as “rednecks” and hoped that they choked on glass, and of an employee of a residential facility for homeless people with significant mental health issues who joked about the condition of the facilities’ clients.
The latest Facebook case highlights how courts now intend to hold parties accountable when it comes to preserving their personal social media accounts during litigation. Recently, a federal court ruled that a plaintiff’s deletion of his Facebook account during discovery constituted spoliation of evidence and warranted an “adverse inference” instruction against him at trial. Gatto v. United Airlines and Allied Aviation Servs., et al. , No. 10-CV-1090 (D.N.J. March 25, 2013).
The plaintiff, a ground operations supervisor at JFK Airport, allegedly suffered permanent disabling injuries from an accident at work which he claimed limited his physical and social activities. Defendants sought discovery related to Plaintiff’s damages, including documents related to his social media accounts.
Although Plaintiff provided Defendants with the signed authorization for release of information from certain social networking sites and other online services such as eBay, he failed to provide an authorization for his Facebook account. The magistrate judge ultimately ordered Plaintiff to execute the Facebook authorization, and Plaintiff agreed to change his Facebook password and to disclose the password to defense counsel for the purpose of accessing documents and information from Facebook. Defense counsel briefly accessed the account and printed some portion of the Facebook home page. Facebook then notified Plaintiff that an unfamiliar IP address had accessed his account. Shortly thereafter, Plaintiff “deactivated” his account, causing Facebook to permanently delete the account 14 days later in accordance with its policy.
Defendants moved for spoliation of evidence sanctions, claiming that the lost Facebook postings contradicted Plaintiff’s claims about his restricted social activities. In response, Plaintiff argued that he had acted reasonably in deactivating his account because he did know it was defense counsel accessing his page. Moreover, the permanent deletion was the result of Facebook’s “automatically” deleting it. The court, however, found that the Facebook account was within Plaintiff’s control, and that “[e]ven if Plaintiff did not intend to deprive the defendants of the information associated with his Facebook account, there is no dispute that plaintiff intentionally deactivated the account,” which resulted in the permanent loss of relevant evidence. Thus, the court granted Defendants’ request for an “adverse inference” instruction (but declined to award legal fees as a further sanction).
The Gatto decision not only affirms that social media is discoverable by employers, but also teaches that plaintiffs who fail to preserve relevant social media data will face harsh penalties. Employers are reminded to specifically seek relevant social media (Facebook, Twitter, blogs, LinkedIn accounts) in their discovery requests since such sources may provide employers with sufficient evidence to rebut an employee’s claims. This case also serves as a reminder and a warning to employers that the principles of evidence preservation apply to social media, and employers should take steps very early in the litigation to preserve its own social media content as it pertains to the matter.