Harvard Law School > Berkman Center > Open Education >

PRIVACY IN CYBERSPACE

Assigned Reading:

1. Please read the Introduction to this Module

2. Please read the following:
a. Guide to Email and the Internet in the Workplace, by Susan Gindin http://www.info-law.com/guide.html

b. Gotcha! Snoopware on the job http://www.aclu.org/news/1999/w080299a.html

c. Workplace Privacy, Utility Consumers' Action Network / Privacy Rights Clearinghouse http://www.privacyrights.org/fs/fs7-work.htm

d. Privacy in Cyberspace: Is Your E-mail Safe From the Boss, the SysOp, the Hackers, and the Cops? by Ann Beeson http://www.aclu.org/issues/cyber/priv/privpap.html

Discussion Topics/Assignment:

Please read through the following hypothetical scenarios and discussion questions. Use the links after each question to submit your thoughts to the discussion board. You should try to seriously consider at least two of the scenarios discussed, but feel free to submit as many additional responses as you would like.

1. The current law seems to strongly favor employers' rights in terms of electronic surveillance of employees. Is this appropriate? Should employees be guaranteed a certain minimum level of privacy? Can you find any evidence that current law has left room for such privacy? If you were a legislator, what course of action would you recommend to give privacy (as you define it) back to employees? Consider that California's protections for employees may extend beyond federal protections. See, e.g., John S. Caragozian & Donald E. Warner Jr Privacy Rights of Employees Using Workplace Computers in California. http://www.privacyrights.org/ar/employees-rights.htm

Should employers be required specifically to notify employees when their clickstream data are being collected or their emails are monitored? Note, for example, the Connecticut statute described in the Introduction to Module III.

2. If employers are allowed to read emails sent by their employees, what rights should universities and students have? Typically, the university provides the email system and owns the hardware and software. Note that in the conventional private employer/employee relationship, the fact that the employer owns the network underlies the courts' general view that employers are free to monitor their employee usage. How does this argument apply in the university setting? What about the arguments regarding propertization of data (i.e. that employers "own" data stored on the computer an employee uses because they own the computer)?

3. Suppose a private university or college decides to monitor clickstream data of its faculty, students, and staff. Do each of these groups possess the same privacy concerns and interests? Are the employer/university's interests in monitoring the same for all three groups? Should there be different levels of protection for staff, as opposed to students and professors? If it is a public university and the 4th amendment applies, should this make a difference in the result? Should academic freedom be a consideration?

Go to Discussion Summary

Additional Readings:

a. BETWEEN BIG BROTHER AND THE BOTTOM LINE: PRIVACY IN CYBERSPACE (article by Seth Safier in Virginia Journal of Law & Technology, Spring 2000)
b. Statistics on workplace monitoring and surveillance http://www.amanet.org/research/monit/monfrm3.htm
c. Vast Employment Database Concerns Privacy Advocates http://www.aclu.org/news/1999/w072699a.html
d. E-MAIL IN THE WORKPLACE: LIMITATIONS ON PRIVACY (article by Mary E. Pivec and Susan Brinkerhoff in Human Rights, 1999)
e. ESTABLISHING A LEGITIMATE EXPECTATION OF PRIVACY IN CLICKSTREAM DATA, Gavin Skok, Michigan Telecommunications & Technology Law Review 2000 http://www.mttlr.org/volsix/Skok_art.html
f. MUDDY RULES FOR CYBERSPACE (article by Dan L. Burk in Cardozo Law Review, October 1999) (on propertization of data)
g. Opinion on increasing privacy protection http://www.epic.org/privacy/debate_essay.html
h. Alexander I. Rodriguez, Comment; All Bark, No Byte: Employee E-Mail Privacy Rights in the Private Sector, 47 Emory L.J. 1439, 1451 (1998)
i. 18 U.S.C. § 2701 (ECPA)
j. 18 U.S.C. § 2510(12) (definition of electronic communication)
k.18 U.S.C. § 2510(4) (definition of interception)
l. Smyth v. Pillsbury Corp., 914 F. Supp. 97 (E.D. Pa. 1996)
m. McLaren v. Microsoft Corp., No. 05-97-00824-CV, 1999 WL 339015 (Tex. App.-Dallas 1999)

Suggested Advanced Readings:

a. On lobbying over privacy concerns, see generally Matthew W. Finkin, The Kenneth M. Piper Lecture: Employee Privacy, American Values and the Law, 72 CHI.-KENT L. REV. 221, 224 (1996).
b. Sample email policy from Court TV Legal Help: http://www.courttv.com/legalhelp/business/forms/937.html
c. BUILDING CASTLES MADE OF GLASS?SECURITY ON THE INTERNET (article by Joe Baladi in University of Arkansas at Little Rock Law Review, Winter, 1999)
d. CLEAR SIGNATURES, OBSCURE SIGNS (article by Adam White Scoville in Cardozo Arts and Entertainment Law Journal 1999)
e. Failed legislation: http://www.eff.org/pub/Privacy/Workplace/s984_consumer_workplace_priv.bill
f. PRIVACY OR DIGNITY?: ELECTRONIC MONITORING IN THE WORKPLACE (article by Lawrence E. Rothstein in New York Law School Journal of International and Comparative Law, 2000)
g. Windows Nine-to-Five: Smyth v. Pillsbury and the Scope of an Employee's Right of Privacy in Employer Communications (article by Rod Dixon in Virginia Journal of Law & Technology, Fall 1997)

RETURN TO COURSE HOMEPAGE AND SYLLABUS