FAIRFAX LAWYERS KEEP YOU UPDATED ON DC METRO LAWS

A SERVICE OF GROSS & ROMANICK, PC

Wednesday, September 28, 2016

Does an Employer Have the Right to Access an Employee’s Personal E-mail Account to Review Work-Related Emails?

In Virginia, it is settled that an employer can legally monitor and review e-mails of an employee communicated through the employer’s e-mail server or e-mail accounts.  It is also settled that an employer can legally monitor and review any personal communications that are stored on company-owned equipment, such as computers and cellphones. In both scenarios, the courts have ruled that employees have no reasonable expectation of privacy with respect to such communications. It is less settled whether an employer can legally review work-related e-mails sent or received by an employee through a personal e-mail account.

A recent case out of the U.S. District Court for the Western District of Virginia tackled this very issue.  In the case of Hoofnagle v. Smyth-Wythe Airport Commission, et al., the plaintiff alleged that his employer violated his rights under the Fourth Amendment to the U.S. Constitution and the Stored Communications Act (18 U.S.C. § 2701, et al.) when, after his employment was terminated, the employer accessed his e-mail account to review work-related e-mails. The plaintiff had been employed as the manager of a small regional airport. Since his employer did not maintain any e-mail accounts for its business, the plaintiff created a Yahoo! e-mail account that he used for both business and personal purposes. He was terminated after sending the following e-mail to Senator Timothy Kaine:

Dear, Mr. Kain [sic]. I own over 9 AR platform rifles and 30 some various other rifles and shotguns, a dozen handguns, I suggest you stick up for rights of all gun owners in Va. In my opinion you and your kind (Liberals) ARE a CANCER to this state and COUNTRY, therefore I have gone to the voting polls every Nov. to try and eradicate you and your kind from public office, and will continue to do so. We do not have a gun problem, We have an IDIOT PROBLEM, go deal with that, and not the competent gun owner. Here is the Va. NRA tollfree # 1-800-672-3888. Now you can join the NRA. So you can be apart [sic] of something with some substance and character…Charles H. Hoofnagle. Airport Operations Manager Mt. Empire Airport in south west Va. 276-685-1122 

In response to the lawsuit, the employer filed a motion for summary judgment, which was granted as to the Fourth Amendment claim (since the search was deemed reasonable), but denied as to the Stored Communications Act (SCA) claim. The Court opined that e-mails stored on the server of an internet service provider (ISP) like Yahoo! are subject to the SCA, and that if the employer accessed the e-mails by directly logging into the ISP website without the authorization of the employee, then such action would constitute a violation of the SCA (regardless of whether the employee used the employer’s computer to send the communications). By denying the employer’s motion for summary judgment, the Court allowed the plaintiff to pursue the SCA claim through trial, with the trial issue clearly being: did the employee give the account password to his employer, thereby authorizing access? The court did conclude that if the e-mail communications had been stored on a work computer, as opposed to on the ISP server, then the e-mails would not have been protected by the SCA. 

This case illustrates that it is important for employers to adopt a technology policy that expressly communicates to each employee, at a minimum, that: (a) the employer is authorized to monitor all work-related emails; (b) the employee has no expectation of privacy in work-related e-mails; (c) the employee has no expectation of privacy in materials stored on employer-owned equipment; (d) the employee shall not access personal e-mail accounts from employer-owned equipment; and (e) the employee shall not send work-related e-mails from personal e-mail accounts. This case also illustrates that it is important for employers to issue business e-mail accounts to all employees, and to require employees to provide account passwords.

The attorneys at Gross & Romanick, P.C. have substantial experience drafting employee handbooks and related policies designed to protect business owners.

Federal Defend Trade Secrets Act of 2016 Can Protect Your Business

On May 11, 2016, President Obama signed the Defend Trade Secrets Act of 2016 (“DTSA”), which statute went into effect immediately. Virginia and most other states have existing laws against misappropriation of trade secrets, many adopting versions of the Uniform Trade Secrets Act (UTSA). These laws allow businesses to seek redress for misappropriation of trade secrets in a state court venue, which can be procedurally problematic when the offending party has no connection to the applicable state.  The DTSA creates a civil cause of action under federal law, which now allows businesses to prosecute trade secret cases in federal court against individuals and businesses located in other states.  In addition, the DTSA specifically covers trade secret misappropriation that occurs overseas. 

The DTSA provides various remedies for the aggrieved business, including recovery of actual damages, recover of damages for unjust enrichment, recovery of exemplary damages (two times proven actual damages), and recovery of attorney’s fees.  Injunctive relief is also available; or, when an injunction would be inequitable, a party can seek a reasonable royalty for the unauthorized use or disclosure of a trade secret.  In order for a business to recover exemplary damages or attorney’s fees, it will need to need to demonstrate that there was a willful and malicious appropriation of the trade secret.  It should be noted, however, that in order for a business to recover exemplary damages or attorney fees against a former employee, any employment or non-disclosure agreement entered into after May 11, 2016 must advise the employee of the whistleblower and immunity protections afforded by the DTSA.

Businesses in Virginia, large and small, may invoke the DTSA to file a claim in federal court rather than pursuing a claim in state court under existing state law. Unlike Virginia state courts, federal courts allow for summary judgment on depositions and are more likely to rule on a summary judgment basis.  Furthermore, in certain circumstances, the DTSA allows plaintiffs on an ex parte basis to instruct a federal marshal to seize property “necessary to prevent the propagation or dissemination of the trade secret.”  Because of this strong but harsh provision, it is expected that judges will be more likely to issue temporary restraining orders as an alternative remedy.

Although the DTSA does not pre-empt state law, it does protect employees in that it does not codify the “inevitable disclosure” doctrine available in some states, which doctrine allows employers to enjoin employees from working for competitors on the basis of the information the employee possesses.  Under the DTSA, an injunction against an ex-employee working for a competitor must be based on evidence of actual or threatened misappropriation of a trade secret.

Gross & Romanick, P.C. can help your business utilize the DTSA and similar state laws to protect against the misappropriation of trade secrets, both by preparing protective language to insert into agreements with employees, contractors and consultants, and by aggressively litigating theft claims against individuals or businesses that appropriate your trade secrets.

Distinguishing Non-Solicit Agreements from Non-Compete Agreements

Employers are justifiably concerned with protecting their businesses from competition with former employees. This is generally accomplished by requiring employees to sign agreements containing restrictive covenants. The two types of restrictive covenants that are most often utilized by employers are (1) non-solicit covenants and (2) non-compete covenants.  These two types of restrictive covenants are often blurred together, but they are distinctly different, and Virginia Courts recognize the distinction when the covenants are challenged. 

The purpose of a non-compete covenant is to prevent the former employee from generally competing with the employer in the same industry. The purpose of a non-solicit covenant is to prevent the former employee from providing services to the employer’s clients and/or hiring away the employer’s other employees.  In Virginia, non-solicit covenants are considered a species of non-compete covenants, and the same legal standard of enforceability applies to each. Since both types of covenants create a restraint on trade, neither covenant is favored in Virginia.  In all cases, a Court will evaluate the covenant in light of the circumstances of the businesses and employees involved in order to determine whether the covenant is necessary to protect the employer’s “legitimate” business interests, taking into consideration the restricted activities (i.e. the “function”), the geographic scope, and the duration of the covenant. The employer bears the burden to show that the restraint is no greater than necessary to protect a legitimate business interest, is not unduly harsh or oppressive in curtailing an employee’s ability to earn a livelihood, and is reasonable in light of sound public policy. 

While the same legal standard of enforceability applies to both types of covenants, case law shows us that Virginia Courts are more likely to enforce non-solicit covenants than they are to enforce non-compete covenants. The obvious reason is that preventing a former employee from directly poaching the employer’s existing client base and/or employees is more likely to protect that employer’s business interests than preventing the former employee from simply working for a competitor or competing for new business on the open market.  See, for example, Leddy v. Communication Consultants, Inc., 51 Va. Cir. 467 (Virginia Beach 2000), in which the Court affirmed a two year non-solicit agreement and noted that a non-solicit covenant is typically narrower in application than a non-compete covenant because it does not restrict the employee from working for a competitor.  

Even so, like non-compete covenants, non-solicit covenants must be narrowly tailored in duration and scope in order to be enforceable in Virginia. For example, in ManTech Int’l Corp. v. Analex Corp., 75 Va. Cir. 354 (Fairfax 2008), the Court struck down a six month non-solicit covenant as overbroad and ambiguous finding the phrase “the Employee shall not directly or indirectly solicit or induce any employees of ManTech to leave the employ of Mantech” not narrowly tailored to protect a legitimate business interest and unenforceable, per se, since it conceivably covers situations in which one employee convinces another to retire early, join the military or move to another state. Similarly, in Lasership, Inc. v. Watson, 79 Va. Cir. 205 (Fairfax 2009), the Court found the following two-year non-solicit covenant to be unenforceable since it prevented the employee from pursing non-competitive employment positions: “Employee shall not, for himself or on behalf of any other person, firm, corporation, or other entity, contact in any manner, directly or indirectly, solicit, agree to perform or perform any services of any type that the Company can render…for any of the Company’s Customers.”

Conversely, in Daston Corp. V. MiCore Solutions, 80 Va. Cir. 611 (Fairfax 2010), the Court upheld the enforceability of two-year non-solicit that was no broader than necessary to meet the company’s legitimate business interest.  The plain language of the covenant applied only to a “fixed universe of customers, namely those that existed during the employee’s term of employment”, a list of customers that was known to the employees being restrained, as compared to Lasership, which restriction imposed an “unreasonable burden” on the former employee to know the customers it could not solicit. 

With respect to the duration of the non-solicit covenant, there is no clear marker to distinguish enforceability.  One-year non-solicit covenants have been routinely upheld, and two-year non-solicit covenants have also been upheld with some regularity. Including a longer duration seems problematic under existing Virginia case law, and is not recommended as a practice pointer, although in 2012 the United States District Court for the Eastern District of Virginia concluded that a five year non-solicit agreement can be reasonable under Virginia law. See Capital One Fin. Corp. v. Kanas, 871 F. Supp. 2d 520.  However, a key consideration made by the Court in that matter was the nature of the business (insurance), the Court determining that the restricted period was directly related to an important element of the business (policy renewals).  

In conclusion, a non-solicit covenant is more likely to be enforced in Virginia than a non-compete covenant, even though the same legal standard applies to the Court’s analysis.  However, like non-compete covenants, non-solicit covenants must be narrowly tailored and explicitly backed up by a specific legitimate business purpose that justifies the functional restrictions and the length of the restrictive term.