Information Technology and Workers' Privacy: The United States Law

There are almost no legal limits on an American employer's ability to deploy technical means to monitor employee performance and behavior in the workplace. The common law of wrongful invasion of privacy has almost no purchase in the work setting. Consequently, substantive legal constraints, such as they may be, must be found in discrete pieces of legislation, federal or state. These, too, for the most part are lacking: The federal Electronic Communications Privacy Act (ECPC), for example, exempts electronic monitoring done with the consent of the employee or in the "ordinary course" of the employer's business; and retrieval of communications stored in the employee's own system is specifically allowed. Only two states require written notice of computerized monitoring. One protective approach, recognizing that an employer's need to monitor and the forms which it might take vary enormously from workplace to workplace and job to job, would require prior consultation with (and, possibly, approval of) an independent body representing the affected employees. But, absent union representation, no such provision appears in the law of the United States; and, union representation is below ten percent of the civilian workforce.