On January 30, 2007, the Ninth Circuit Court of Appeals decided the case of United States v. Ziegler (no. 05-30177), an appeal by a man convicted of various child-pornography charges. In deciding this case, the Zieglar court affirmed the importance of an employer’s policies and practices regarding employees’ right to privacy in their workplace computers and stored electronic data.
Six years earlier, on January 30, 2001, the defendant’s employer (Frontline Processing) notified the FBI that one of its employees (Ziegler) had been using his workplace computer to access websites containing child pornography. The FBI investigated, and Frontline voluntarily turned over Ziegler’s workplace computer and an extra copy of that computer’s hard drive. Because Frontline turned over the data voluntarily, the FBI never sought a search warrant to get the computer or hard drive. FBI examiners found that the computer contained many images of child pornography, which were admitted at trial and which led to Ziegler’s conviction on numerous counts related to the accessing and possession of child pornography.
The central issue on appeal was whether Frontline had the right to provide the FBI with access to Ziegler’s computer. The Court of Appeals decided that it did, relying on the fact that Frontline had made it clear to its employees, including Ziegler, that Frontline had the right to access and inspect their workplace computers and data. Specifically, the court considered the following:
- Frontline’s system administrators "had complete administrative access to anybody’s machine;"
- Frontline installed a firewall program to monitor its employees’ Internet traffic to make sure that nobody visited sites that might be unprofessional;
- Frontline routinely monitored the information collected by the firewall program, sometimes daily; and
- Most importantly, Frontline’s employees were informed about the company’s monitoring through training and the employment manual, and were informed that the computers were company-owned and not to be used for activities of a personal nature.
These facts were enough to convince the court that, whatever expectation Ziegler might have had that the government would not be able to access his workplace data (without a warrant), Ziegler had no such expectation with respect to Frontline. Therefore, Frontline had the right to access Ziegler’s data and voluntarily turn it over to the FBI.
This decision is in line with previous decisions discussing an employee’s expectation of privacy in workplace data. It underscores the importance of employers maintaining written policies that clearly establish the company’s right to monitor, access, and inspect computers, email, voice mail, and other electronically stored documents and data that are used by employees at the work location or in the course and scope of their employment elsewhere, such as laptops or when an employee telecommutes. Employers who do not have such a policy in place are encouraged to implement one.