The Blogosphere: Worker Rights and Employer Responsibility
Blog—What Is It?
A "blog"—short for "web-log"—is a user-generated Internet web site where entries are periodically posted in journal style and often displayed in a reverse chronological order. Some blogs provide commentary or news on a particular subject such as food, politics, or sports. Others cover company- or union-specific topics, and some function as personal online diaries. Blogs also have been used by employees, labor organizations, and employers during union organizing drives (including corporate campaigns), contract negotiations, and strike situations. A typical blog combines text, images, and links to other blogs, web pages, and media related to its topic. According to Technorati.com, a web site that tracks blogs, there are more than 63 million blogs currently on the internet, with more than 175,000 new blogs added each day. Technocrati.com also reports that bloggers "update their blogs regularly to the tune of over 1.6 million posts per day."  With numbers like these, chances are that most employers employ at least one person who actively contributes to a blog. Accordingly, it is important for employers to examine their electronic communication policies and determine if blogging should be covered. Suggested policy drafting guidelines are outlined at the conclusion of this Commentary.
Blogging and the Workplace
An employer's treatment of employee communications via the internet, whether made during work hours or while off-duty, can implicate a number of state and federal laws and raise significant public policy questions. Moreover, an employee's entry in a personal blog can lead to corporate liability including negligent supervision claims, trade secret misappropriation claims, and potential securities violations. The extent of employee rights and obligations and potential employer liability will be dictated in large part by the classification of the employee, the time and place in which the employee blogs, the subject, and the content that the employee posts.
On–Duty Blogging. Employees who blog during work hours using employer equipment are generally subject to the policies already in place regarding electronic technology. Such policies, combined with at-will employment principles, give employers options to discipline and even terminate employees who engage in nonbusiness-related blogging at work. Exceptions to this general proposition include state law protections, federal and state law protection against retaliation for pursuing protected activity, federal and state whistleblowers statutes, protected concerted activity under the National Labor Relations Act ("NLRA"), discriminatory enforcement of an employer's policy against union-related communications by employees also under the NLRA, employees covered by collective bargaining agreements, and certain public employees.
An employee blog written during work hours that addresses terms and conditions of employment and invites others to participate is arguably protected by the NLRA. Under the NLRA, nonsupervisory, nonmanagement employees of private employers cannot be disciplined or retaliated against for engaging in concerted activities (also known as "Section 7" activities) for the purpose of collective bargaining or other mutual aid or protection. 29 U.S.C. § 157. Protected Section 7 activities include the right to engage in union-organizing activities such as discussing wages, hours, and other terms and conditions of employment. An employee blog that address these topics will likely be protected provided the activity is conducted during nonwork time and in nonwork areas. For instance, the National Labor Relations Board ("NLRB") has held that an employee using his company's e-mail system to communicate with coworkers about the employer's new vacation policy was engaged in protected Section 7 activity. See Timekeeping Systems, Inc., 323 NLRB 244, 247-249 (1997). California employers should also note that California's Labor Code prevents employers from maintaining or enforcing rules prohibiting employees from disclosing their wages. See Cal. Labor Code § 232; see also Grant-Burton v. Covenant Care, Inc., 99 Cal. App. 4th 1361 (2002) (nursing-home marketing director who was fired at least in part because she discussed with coworkers the fairness of the company's bonus pay structure has a cognizable wrongful discharge claim).
Employees covered by collective bargaining agreements and some employment contracts also are generally protected from discharge without "just cause." Whether an employee's blogging activities constitute "just cause" will depend on the collective bargaining agreement or employment contract's provisions, the employer's policies, and the specific conduct involved. Further, in the case of collective bargaining agreements, it is generally the employer's burden to prove the employee engaged in wrongdoing and that the employer's responsive adverse action is appropriate. Therefore, a policy outlining an employer's expectations with respect to employee blogging is an important first step for employees covered by collective bargaining agreements or other contracts. See e.g., McQuay International, Case No. 99-06558, 1999 WL 908632, at 26 (Howell, 1999) (employer's policy that did not specifically address attendance issue central to employee's grievance was insufficient to put employee on notice and did not support the employer's "just cause" justification).
Public employees have more protection than private employees because an employer's right to discharge is limited by the First Amendment's free speech protection. However, free speech rights of public employees are not as broad as those of the general public. See Pickering v. Board of Education, 391 U.S. 563, 568 (1968) (recognizing that the state, as an employer, had an interest in regulating the speech of its employees, and that it was necessary to balance the interest of the state in promoting efficient public service against the interest of the employee in commenting upon matters of public concern); but see Garcetti v. Ceballos, 126 S.Ct. 1951 (2006) ("when public employees make statements pursuant to their official duties, the employees are not speaking as citizens for First Amendment purposes, and the Constitution does not insulate their communications from employer discipline"). If a public-sector employee were terminated for blogging and challenged the termination on First Amendment grounds, the court would balance the employer's legitimate interest in delivering efficient government services against the employee's interest as a citizen in commenting on a matter of public concern. Therefore, a public employee has greater protection if he or she discusses a matter of general public concern. However, that level of protection may be reduced if the public employee's blog addresses a matter of public concern in a way that disrupts the public employer's mission.
Off-Duty Blogging. The employment-at-will doctrine normally permits employers to discharge at-will employees at any time as long as the discharge is not based on an illegal reason. Employers should, nonetheless, carefully assess the legal consequences of considering off-duty conduct when discharging or disciplining an employee.
Some states such as California, New York, Colorado, Montana, and North Dakota have laws limiting the power of an employer to discharge an employee for off-duty conduct. In California, for example, the Labor Code protects employees from adverse employment actions based upon "lawful conduct during nonworking hours away from the employer's premises." Cal. Lab. Code §§ 96(k) and 98.6. And, if the employee uses a blog for "political purposes," discharge of that employee for blogging may be actionable as a violation of the Labor Code's prohibition against interference with an employee's right to engage in political activity. Cal. Lab. Code §§ 1101 and 1102. Although there are no reported decisions applying these provisions in the context of blogging, employers should tread cautiously before disciplining or discharging California employees for off-duty blog postings.
In Colorado, an employer cannot discharge an employee for engaging in "lawful activities off the premises of an employer during nonworking hours." Colo. Rev. Stat. § 24-34-402.5. However, there are exceptions to this law that permit employers to restrict the off-duty conduct of their employees: (1) when it relates to a bona fide occupational requirement; or (2) if it is necessary to avoid a conflict of interest, or appearance of conflict of interest, with any responsibilities that the employee owes to the employer. Colo. Rev. Stat. § 24-34-402.5(1)(a)(b). Importantly, a Colorado court upheld an employer's decision to discharge an employee because he wrote a letter to a newspaper criticizing the employer's decision to lay off employees. The court found that the employee's discharge fell within the statutory exceptions because the employee's conduct violated the company's duty of loyalty requirement, which was a "bona fide occupational requirement." Marsh v. Delta Airlines, 952 F. Supp. 1458 (D.C. Colo. 1997).
Employees who blog about topics related to status in a protected class may also be protected from discharge. For example, if an employee writes about harassment or discrimination in the workplace, the employee could bring a retaliation claim if he or she is subsequently subject to an adverse action (although the employee would have a stronger case if he or she filed a formal complaint). An employee who reveals personal information about his or her disability or religious beliefs could also claim that any consequential adverse action was discriminatory and based on the employer's knowledge of those facts.
Similarly, policies regulating employee blogging should be applied consistently and without regard to the employee's protected status. One of the more frequently discussed blog-related employee discharges involved precisely this scenario. In January 2004, Ellen Simonetti, a flight attendant for Delta Airlines, initiated a blog titled "Diary of a Flight Attendant" at www.queenofsky.net. Ms. Simonetti posted photographs of herself on the web site posing suggestively on an airplane in her Delta Airlines uniform. Delta subsequently learned of the web site and discharged Ms. Simonetti for posting inappropriate photographs while wearing her Delta uniform. On September 7, 2005, Ms. Simonetti filed a complaint in the Northern District of Georgia alleging claims under Title VII for gender discrimination and retaliation, and claiming interference of her rights to organize and bargain collectively in violation of the Railway Labor Act. Specifically, Ms. Simonetti alleged that male employees who posted pictures of themselves on web sites while wearing Delta pilot, flight attendant, and mechanic uniforms were not similarly discharged even though Delta was aware of these postings. She also contended that Delta terminated her employment because she had participated in labor-organizing campaigns. Although the case was stayed a few weeks later when Delta Airlines declared bankruptcy, Ms. Simonetti's claims exemplify the potential issues employers may face when disciplining employees who blog.
Finally, in many states, even at-will employees can seek redress through wrongful termination suits. In California, for example, when an employee is discharged in violation of "fundamental principles of public policy," the employee "may maintain a tort action and recover damages traditionally available in such actions." Tameny v. Atlantic Richfield Co., 27 Cal. 3d 167, 170 (1980). California has recognized four sources of public policy to support such claims: "the employee (1) refused to violate a statute; (2) performed a statutory obligation; (3) exercised a constitutional or statutory right or privilege; or (4) reported a statutory violation for the public's benefit." Green v. Ralee Engineering Co., 19 Cal. 4th 66, 80 (1998). Applying this framework, an employee who is discharged for blogging perhaps could successfully bring a wrongful termination claim by invoking the California state constitution. The state constitution's "liberty of speech" provision has been held to apply to private citizens where the speech is abridged in a "space" that "is freely and openly accessible to the public." Cal. Const. Art. 2(a). In the case of employee blogging, that "space" certainly could be the internet, a "space" that is clearly "accessible to the public." Thus, a California court could rule that a discharge for blogging violates public policy.
Potential Employer Liability. An employer may be held liable if its employees, under the guise of representing the employer, post certain types of content in their personal blogs. In certain jurisdictions, a principal (here, the employer) is subject to liability for a written statement by an agent (here, the employee) if the agent was authorized or "apparently" authorized to make it. Therefore, even if an employee is not authorized to make statements on an employer's behalf, the employer could still be liable for any employee statements if it appears to the reader of the blog that the employer authorized the statements. Unauthorized employee communications could implicate both securities laws and trade secret laws, for example. An employer could also be held liable if the employee (its agent) defames or invades the privacy of third parties or reveals a third party's intellectual property or trade secrets and the employer knows or should know of such employee activity. Employees who reveal an employer's trade secrets on a personal blog may also destroy the "secret" status of such information, rendering it ineligible for trade secret protection.
Employees of a public company who provide material misstatements or nonpublic information regarding the company's financial forecast through a blog expose their employers to liability under securities laws. Employees who make forward-looking statements or material misstatements or who selectively disclose material nonpublic information could subject employers to SEC investigations. For example, a securities issuer may be subject to suit by a shareholder under Rule 10b-5 of the Securities Exchange Act of 1934 if a blogger discloses material nonpublic information at a time when the company's stock price is fluctuating. 15 U.S.C. 78(j).
Even more troubling, a New Jersey appellate court recently held that employers may, in some cases, have a duty to monitor an employee's communications and that failure to monitor and take subsequent action could result in liability. See Doe v. XYC Corp., 382 N.J. Super. 122, 887 A.2d 1156 (App. Div. 2005). In Doe, a mother brought a negligence action on behalf of her daughter against her husband's employer, seeking to hold the employer liable for the husband's use of his work computer to access pornography and send nude photos of his stepdaughter to a child pornography web site. The court found that the employer was on notice that the employee was viewing pornography and child pornography on his work computer (a number of employee reports and the employer's own investigation revealed that the employee had visited pornographic web sites) and that the employer breached its duty to exercise reasonable care to report and/or take effective action to stop the employee's unlawful activities. Although the court declined to rule on whether the plaintiffs had established liability as a matter of law, employers should be aware that there is precedent for the proposition that an employer with knowledge of an employee's dangerous internet activity could be liable for it.
In contrast, a California court has held that the Communications Decency Act of 1996, 47 U.S.C. § 230 ("CDA"), provides immunity for employers who provide internet access to their employees. Delfino v. Agilent Technologies, Inc., 145 Cal. App. 4th 790 (2006). In Delfino, the plaintiffs claimed that Agilent Technologies was liable for threatening e-mails sent to the plaintiffs because it was aware the employee was using its computer system to make threats and took no action to prevent the threats. The court held that Agilent had CDA immunity, and, even if it did not, the plaintiffs failed to make a prima facie case of intentional or negligent infliction of emotional distress. However, the Delfino court also specifically found that the employer was unaware of threats and had no idea that the employee was using company equipment to send threatening e-mails until shortly before he was terminated.
Employers should also be wary of running afoul of state and federal laws that protect whistleblowers. For example, the Sarbanes-Oxley Act of 2002, 18 U.S.C. § 1514A ("SOX"), prohibits retaliation against whistleblowers who provide information regarding alleged employer misconduct (where the employer is a public company) to government law enforcement or regulatory agencies, members of Congress or congressional committees, a supervisor, or certain other persons working for the employer. Thus, if an employee writes about alleged employer wrongdoing in a blog and a supervisor (as defined under SOX) reads the blog, the employee generally will be protected from retaliation, even if the employee is mistaken. Employees in some states are also protected from litigation by anti-SLAPP (Strategic Litigation Against Public Participation) statutes, which protect free speech regarding issues of public interest or concern.
Finally, employees who reveal information regarding certain health information identifiers could expose their employers to liability under the Health Insurance Portability and Accountability Act, or "HIPAA."
In light of the above considerations, employers may want to add a blogging policy or amend their current electronic-communications and technology-use policies to include blogging guidelines. Establishing clear parameters for employees who discuss their employment or identify their employer in their personal blogs will potentially prevent future employee conduct problems while concurrently avoiding employee relations morale issues (creating an atmosphere where employees feel they are being inappropriately monitored).
A blogging policy should:
- Clearly advise employees that they do not have an expectation of privacy when using company technology. Further, such policies should state that the employer is not responsible for protecting personal information that employees post or retain using company technology.
- Remind employees of the employer's policy regarding use of company property for personal reasons and, if consistent with that policy, prohibit or restrict use of company equipment for blogging.
- Restate the employer's position regarding confidentiality and include a statement that inadvertent disclosure of company and third-party trade secrets or confidential or proprietary information is strictly prohibited. Such statement should advise the employees of specific types of confidential information that cannot be disclosed because information that seems innocuous to an employee may put the employer at legal or competitive risk.
- Caution employees against commenting about confidential financial information, including future business performance, performance rumors, or future business plans.
- Advise employees who identify their employer in their blogs to include a prominent disclaimer clarifying that the views of the blog do not represent the views of the employer.
- Caution employees against making defamatory or discriminatory comments when discussing the employer, fellow employees, clients, or competitors. Specifically, employees should also be notified that such comments may be a breach of the employee's duty of loyalty to the employer and/or professionalism standards outlined in company policies.
- Reserve the right to take disciplinary action against an employee if the employee's electronic communications and/or blogging violate company policy or harm the company in any way.
- Remind employees that they must adhere to all company policies when blogging about the company or its employees (i.e., technology use policies, duty of loyalty policies, concurrent noncompetition policies, nondisclosure policies, anti-harassment and discrimination policies).
- Refer employees to a designated manager or supervisor for questions regarding employer-related blog content.
Before implementing any policy, employers should take care that the policy cannot be interpreted as impeding the exercise of protected rights. For example, implementing such a policy right before a union campaign could raise the inference that the employer is interfering with the employees' right to organize or bargain collectively. Employers also should apply the policy consistently and document all instances of discipline under the policy. When introducing the policy, employers can reduce employee anxiety by explaining that the company is not interested in intruding in employees' personal lives and by emphasizing the legal reasons (e.g., legal issues connected with inadvertent posting of third-party trade secrets or inside information) before implementing such a policy.
For further information, please contact your principal Firm representative or the lawyer listed below. General e-mail messages may be sent using our "Contact Us" form, which can be found at www.jonesday.com.
G. Roger King
Jones Day publications should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information purposes only and may not be quoted or referred to in any other publication or proceeding without the prior written consent of the Firm, to be given or withheld at our discretion. To request reprint permission for any of our publications, please use our "Contact Us" form, which can be found on our web site at www.jonesday.com. The mailing of this publication is not intended to create, and receipt of it does not constitute, an attorney-client relationship. The views set forth herein are the personal views of the author and do not necessarily reflect those of the Firm.
 The state of the law on this issue may change in the near future. The NLRB heard oral argument in March 2007 in the Guard Publishing Co., d/b/a The Register-Guard, Cases 36-CA-8743-1, et al., a case that includes important electronic communication policy issues. One of the issues presented in this case is whether employees have the right to use their employer's e-mail system (or other computer-based communication systems) to communicate with other employees about union or other concerted, protected matters.
 A significant legal issue remains unresolved under the NLRA as to whether an employee's use of the internet for otherwise protected activity is solicitation or distribution, or perhaps an entirely new type of activity. For example, the current state of the law in this area is that for solicitation to be protected in a workplace setting, both the notifying and the receiving employee must not be on work time. Given the fact that geographic locations are not relevant in the use of the internet, it often will be very difficult to determine whether all employees involved are on or off work time. Similarly applying traditional distribution analysis, it will be difficult to determine if all employees involved are in work areas. The content and extent of uniform enforcement of an employer's solicitation and distribution policy and electronic equipment use policy also need to be analyzed. If such activity is "solicitation," it can be prohibited only during nonworking time. Thus, employees could engage in personal issue blogging at their work stations, but while on break time or before or after work hours. Conversely, if the employee's use of the Internet is "distribution" an employer could prohibit Internet use not only during work time, but also in any work area at all times. If the latter position prevails, an employee could be legally prohibited from using a company-owned computer to send Internet messages containing otherwise protected content at any time, even during break times and before and after the start of work times. Finally, for the employer to lawfully prohibit Internet use, it must uniformly apply its policies and not selectively enforce its policies only in situations where it dislikes the message. See e.g., Media General Operations, Inc., 346 NLRB No. 11 (Dec. 16, 2005) (employer violated Section 8(a)(1) of the Act when it prevented a union from using its e-mail system to distribute union literature, but permitted management to distribute material that is not business related); In re St. Josephs Hosp., 337 NLRB 94, 94 (2001) (Board affirmed an administrative law judge's finding that the employer violated Section 8(a)(1) of the Act by discriminatorily prohibiting a nurse from displaying a union-related computer screensaver message on a computer at her workstation and also violated Section 8(a)(3) by issuing a warning to the nurse for displaying such a message).
 Bloggers often refer to employees who are fired for inappropriate blog usage or content as "dooced." The word "dooced" originated in 2002 when Heather Armstrong, a Los Angeles web designer, lost her job after posting satirical comments about her employer and work colleagues in her personal blog, www.dooce.com.
 The Attorney General has opined, and some California courts have ruled, that these sections merely enforce existing rights – such as the right to privacy – rather than provide employees with any additional rights. See e.g., Grinzi v. San Diego Hospice Corp., 120 Cal. App. 4th 72, 86-88 (2004).
 Other states with laws protecting employee political speech include Connecticut (Conn. Gen. Stat. § 31-51q), the District of Columbia (D.C. Stat § 2-1402.11(a)), Louisiana (La. Rev. Stat. § 23:961), New York (N.Y. Labor Law § 201-3), Pennsylvania (Novosel v. Nationwide Ins. Co., 721 F.2d 894, 900 (3d Cir. 1983)), South Carolina (S.C. Code Ann. § 16-17-560), and Washington (Rev. Code Wash. 42.17.680(2)).
 Under the CDA, an entity is immune from tort liability if (1) it is a provider or user of an interactive computer service; (2) the cause of action treats the entity as a publisher or speaker of information; and (3) the information at issue is provided by another information content provider. The Delfino court acknowledged that it is "aware of no case that has held that a corporate employer is a provider of interactive computer services" under similar circumstances, but nonetheless held that Agilent was covered by the CDA because it "provides or enables computer access by multiple users [i.e., Agilent's employees] to a computer server."
 HIPAA establishes regulations for the use and disclosure of Protected Health Information ("PHI"). PHI is any information about health status, provision of health care, or payment for health care that can be linked to an individual. See 46 CFR § 164.501. This is interpreted rather broadly and includes any part of a patient's medical record or payment history and employees personal health information.