This employer seemed to be doing everything right. It had a detailed computer usage policy notifying employees they had no expectation of privacy in connection with their emails sent over the employer’s computer network. After the employer’s food service director went out on extended leave, the food service department became overwhelmed, so a supervisor asked his assistant to check the director’s work computer for emails to make sure that orders and previously booked special events did not fall through the cracks. During her search, the assistant found not only work-related emails, but also 36 emails which, in her opinion, were “vile,” “not professional” and contained “awful language.” She printed these 36 emails and showed them to the supervisor. A few months later, the director, unaware her emails had been searched, filed a sexual harassment charge against the company. The company produced the 36 emails, and the plaintiff quickly withdrew the charge.

Seems like a good result for the employer, right?

Not so fast, based on what happened in Borchers v. Franciscan Tertiary Province. The director had a Comcast work email account, but she also had downloaded AOL onto her work computer. She did so because she had used her personal AOL email account for work purposes before the company switched over to a new Internet service provider. After the switch, she no longer used her AOL account for work, but left the AOL icon on her computer. The assistant, when searching the director’s work computer (for legitimate, work related purposes), diligently checked both the Comcast and AOL email accounts, neither of which was password protected. The 36 printed emails came from the director’s AOL account, many from the sent items folder, and the subject lines did not suggest that the emails were work related.

Having withdrawn her sexual harassment charge, the director next sued the employer under the Stored Communications Act, which makes it a federal offense to “intentionally” access “without authorization” a facility that provides electronic communications service. The employer argued that it was entitled to summary judgment because it was authorized under its computer usage policy to access emails on its computers, and it did not “intentionally” access the director’s personal emails because the assistant was simply searching the director’s unprotected email accounts for legitimate business purposes and, in the process, innocently stumbled upon the personal emails. The court, however, denied summary judgment, finding that circumstantial evidence suggested the assistant may have intentionally accessed the personal emails. “[A]lthough the initial accessing of the AOL account could be viewed as innocent if [the assistant] had immediately logged out of the account once she had seen that the in-box contained material not clearly related to work, that is not what happened here. [The assistant] deliberately chose to click additional times to travel from the first screen she viewed, the in-box, to the portion of the AOL account displaying e-mails that the plaintiff had sent, actions that could be viewed as additional acts of ‘accessing’ the plaintiff’s emails through the AOL ‘facility.’”

This case highlights the often unforeseen risks involved in searching an employee’s computer, and the need to check with legal counsel beforehand.