Counsel’s Corner: Employee Privacy Protections

Disclaimer: This document and any discussions set forth herein are for informational purposes only, and should not be construed as legal advice, which has to be addressed to particular facts and circumstances involved in any given situation. Review or use of the document and any discussions does not create an attorney-client relationship with the author or publisher. To the extent that this document may contain suggested provisions, they will require modification to suit a particular transaction, jurisdiction or situation.

With the ever-changing development and widespread implementation of new technologies, courts increasingly must address the issue of what information relating to an employee’s “private” life can remain withheld from their employers. In particular, technologies for finding, transmitting, and storing information have led courts to consider what information is necessary for employers to conduct their business in the modern age.

While protections for certain aspects of employees’ lives do exist in common law, state and federal statutes, and even in certain constitutional contexts, employers generally have leeway to require employees to provide certain pieces of personal information as a requirement of employment.

However, employers in most places in the country are expected to protect their employees’ personal information from third parties.

In the absence of legislation restricting or prohibiting use of lie detector tests or other employer actions that arguably violate the privacy rights of their employees, courts utilize common law remedies. There are several tort theories that are generally argued in cases involving employee privacy issues.

Invasion of Privacy —

The tort of invasion of privacy is the most common method by which employees litigate privacy rights claims against employers. These claims can take a couple of forms.

Wrongful Intrusion —

Wrongful intrusion requires a reasonable expectation of privacy and an intrusion a reasonable person would find offensive. However, employers can assert a defense of employee consent against a charge of wrongful intrusion if the employer can show that the consent was both knowing and voluntary. This form of invasion of privacy has become especially pertinent in light of new workplace measures taken by employers in response to the Covid-19 pandemic. Once a viable vaccine had been developed and produced for mass distribution, many employers instituted a mandatory vaccination policy to protect against the transmission of the virus in the workplace. Litigation brought in response to these mandates has asserted that such policies are a wrongful intrusion upon personal privacy. However, most courts that have decided such cases have ruled that private employers may issue and implement these policies, and that individual employees’ privacy interests in these cases are outweighed by the employer’s interests.

False Light —

The basic question of a false light invasion of privacy claim is whether the reported information was known to be false. There are several other factors that determine whether false light invasion of privacy may be litigated in the employment context. Some of the most common ones include:

  • whether there was an “unreasonable, substantial or serious interference” into the employee’s personal privacy;
  • whether the private information was made public;
  • whether the employee provided consent regarding the publicizing of the information;
  • whether issues of public concern are involved.
  • In one case, a teacher was able to proceed on a claim of invasion of privacy against a colleague because the colleague intentionally misrepresented an observation about the plaintiff’s stress as constituting a threat of violence. This report subsequently subjected the plaintiff to an offensive psychiatric examination. (Leang v. Jersey City Bd. Of Educ.)

Privilege Issues —

In invasion of privacy cases, employers are accorded qualified privilege in cases involving job references, since a prospective employer requires information about an applicant in order to determine qualifications and workplace character. This includes the former employer providing facts to the prospective employer that may be detrimental or embarrassing to the applicant. However, this privilege may be defeated if it is shown that the party providing the information knew that the information was false, or acted recklessly or with wanton disregard regarding whether or not it was true.

Courts have also dealt with the issue of whether invasion of privacy claims include a duty for those providing information to a prospective employer to investigate all pertinent information that isn’t known first-hand, as well as whether a former employer has a duty to fully disclose all information to a prospective employer.

Negligence —

It has been held that a former employee can bring suit against the former employer for a negligent misrepresentation action under the following conditions:

  • the inquiring party clearly identifies the nature of the inquiry;
  • the employer voluntarily decides to respond to the inquiry, and thereafter unreasonably provides false or inaccurate information;
  • the person providing the inaccurate information is acting within the scope of his or her employment;
  • the recipient of the incorrect information relies on its accuracy to support an adverse employment action against the plaintiff; and
  • the plaintiff suffers quantifiable damages proximately caused by the negligent misrepresentation.

Fraud —

An employee may seek to hold his or her employer liable for fraud if the employer makes a false representation regarding the employee’s duty to take an honesty test or provide other personal information. In order to prove a claim of fraud the employee must show that:

  • there was a false representation of a material fact;
  • the misrepresentation was made intentionally and knowingly;
  • the misrepresentation was made with the intent to mislead;
  • the employee relied on the misrepresentation; and
  • the employee’s reliance resulted in damage to the employee.

Contract Violations —

An employee stated a claim for breach of contract where the employer agreed to rehire the employee if a polygraph exam validated his denial of stealing, but then refused to hire him after he passed the examination.

However, for example, a discharged mathematician failed to prove her wrongful discharge claim against the National Security Agency when she violated the terms of her contract by refusing to submit to a polygraph test. The regulations authorize polygraph tests as part of the security clearance background investigation process, and permit revocation of a security clearance, for refusal to take the test.

Employee Data/Data Security —

A private employer’s collection, dissemination, and storage of their employees’ data is litigated and regulated in various forms throughout the country. While many states employ common law rulings to determine employee data privacy issues, some states have addressed the issue through legislation.

In common law cases, the courts have had to address the issue of harm to the plaintiff when the facts being revealed weren’t embarrassing or offensive by nature. They have consistently held that disclosure of such personal information as full name, address, and Social Security number can be required of employees.In several cases, the courts have found that the disclosure of such information to a third party doesn’t meet the requirements for a violation of the tort of intrusion.

In other cases, however, they have found that the damage to the plaintiff need not be in the form of personal embarrassment, and can be found in the potential for misuse or illegal use of the plaintiff’s identity and financial information.