Employee Alleging Employer Accessed Quasi-Public Facebook Posts States a Valid Claim for Invasion of Privacy
By Charlie Stiernberg – Edited by Heather Whitney
Ehling v. Monmouth-Ocean Hosp. Serv. Corp., No. 2:11-cv-03305 (WJM) (D.N.J. May 30, 2012)
Slip Opinion (hosted by Justia.com)
The United States District Court for the District of New Jersey granted defendant Monmouth-Ocean Hospital Service Corp.’s (“MONOC”) Fed. R. Civ. P. 12(b)(6) motion to dismiss plaintiff Deborah Ehling’s New Jersey Wiretapping and Electronic Surveillance Control Act (“NJ Wiretap Act”) claim, but denied MONOC’s motion to dismiss Ehling’s common law invasion of privacy claim. Ehling, a MONOC employee, alleged that a supervisor inappropriately accessed restricted posts on her Facebook page without her consent.
The court held that Ehling failed to state a claim under the NJ Wiretap Act, because she did not allege that her Facebook posting was viewed by her employer “in the course of transmission.” Ehling, No. 2:11-cv-03305 (WJM) at 4. The court held that the NJ Wiretap Act does not apply to a received communication that is placed in “post-transmission storage” before it is “accessed by another without authorization.” Id. at 4-5. On the other hand, the court held that Ehling had stated a plausible claim for common law invasion of privacy, in part because she “may have had a reasonable expectation that her Facebook posting would remain private,” especially because she took steps to protect her Facebook page from public viewing. Id. at 6.
The Delaware Employment Law Blog provides an overview of the case, and states that the key take-away for employers is “Don’t look for trouble or you just may find it.” The Eric Goldman Technology & Marketing Law Blog notes that the number of Facebook friends with whom Ehling shared her post may end up determining whether the post should be accorded any privacy protection.
Deborah Ehling is a registered nurse and paramedic who worked for MONOC, a non-profit hospital. She maintained a quasi-public account on Facebook where only her Facebook friends could access and view her postings. Ehling alleged that a MONOC supervisor gained access to her Facebook account by coercing another employee, who was one of Ehling’s Facebook friends, to access Ehling’s Facebook page on a work computer. Ehling claimed the supervisor viewed a post she made regarding a shooting that took place at the Holocaust Museum in Washington, D.C., and then sent a letter with a copy of the post to the New Jersey Board of Nursing, stating that MONOC was concerned that the post showed a disregard for patient safety.
Under New Jersey law, to state a claim for invasion of privacy, a plaintiff must allege sufficient facts to demonstrate that (1) her private affairs were intentionally infringed upon, and (2) this infringement would highly offend a reasonable person. In denying MONOC’s motion to dismiss the common law invasion of privacy claim, the court recognized that “[p]rivacy in social networking is an emerging, but underdeveloped area of case law.” Id. at 5. At one end of the case law spectrum, the court noted that there is no reasonable expectation of privacy for material posted to an unprotected, public website. At the other end of the spectrum, however, the courted noted that there is a reasonable expectation of privacy for individual, password-protected online communications. In between these two extremes, the court held that “privacy determinations are made on a case-by-case-basis,” and that “a communication is not necessarily public just because it is accessible to a number of people.” Id. at 6. In reaching its conclusion, the court reasoned that Ehling may have had a reasonable expectation of privacy, “considering that she actively took steps to protect her Facebook page from public viewing.” Id.
The court’s finding that accessing a quasi-public Facebook post may support an invasion of privacy claim is noteworthy in that it adds another point on the small spectrum of case law addressing the subject. Moving forward, courts will have to grapple with the fundamental tension between expectations of privacy and widely distributed, but not wholly public, Internet communications.