August 27, 2020

It’s 2020, and technology is at our fingertips. That means we have our work and personal emails linked to our cell phones, and we’re constantly checking, emailing, drafting, deleting, and forwarding messages throughout the day. Those emails might be on your private device, but are the emails protected?

Monitoring Employees
In the United States, it is completely legal for an employer to monitor an employee, so long as there is a legitimate business reason. This includes monitoring workplace devices.

Under the Electronic Communications Privacy Act of 1986 (“ECPA”), so long as an employer provides a computer, the computer is considered company property, and therefore the employer may monitor all activities carried out on that computer. [18 U.S.C. §§ 2510-2523.]

The Electronic Communications Privacy Act of 1986 (ECPA)
The ECPA evolved from the Federal Wiretap Act of 1968, allowing the law to adapt to all the new forms of communication technologies. This is the only federal law that directly governs monitoring electronic communications at work. This act applies to wire, oral, and electronic communications while the communications are being made, are in transit, and are stored on computers, including email, telephone conversations, and data.

Founder and executive director of the ePolicy Institute, Nancy Flynn, stated, “the federal Electronic Communications Privacy Act makes clear that workplace e-mail [is] the property of the employer, and employees should not expect privacy when sending, receiving, downloading, uploading, printing or otherwise transmitting electronic messages.” There are two exceptions to the ECPA under which an employer may legally access an employee’s emails.

First is the business purpose exception. An employer is permitted to monitor electronic communications so long as doing so furthers a legitimate business purpose for the employer.

Second is the consent exception, which is recognized in some states, including California. California law requires that employers get consent before accessing email sent to employees. This is often times through a document signed and acknowledged by employees in the employee manual at the time of their hire. This exception is not limited to a legitimate business purpose, so Californians beware!

What Should You Do?

  1. Develop a policy to address employee privacy expectations and acceptable computer use. If you plan to monitor your employees, letting them know ahead of time removes the employees’ reasonable expectation of privacy, and therefore protects the employer from potential invasion of privacy claims.
  2. Have an employee manual which also states your policies regarding employee use of computers and the fact that the computer system will be audited. (And, of course, make sure to have employees sign an acknowledgment of receipt of the manual.)

Need help with your employee manual? Eskridge Law is here to help.

Need more information?
ESKRIDGE LAW may be contacted by phone (310/303-3951), by fax (310/303-3952) or by email ( Please visit our website at

This article is based on the law as of the date posted at the top of the article. This article does not constitute the provision of legal advice, and does not by itself create an attorney-client relationship with Eskridge Law.