In an opinion that joins an emerging body of case law favoring employee privacy rights, a federal district court in New Jersey recently held that non-public Facebook posts are covered by the Stored Communications Act (SCA). In Ehling v. Monmouth-Ocean Hosp. Serv. Corp., the court considered the plaintiff’s SCA claim against Monmouth-Ocean Hospital Service Corp. (MONOC).
The plaintiff, who had been hired by MONOC as a registered nurse and paramedic, maintained a Facebook account, and her privacy settings enabled only her “friends” to view her wall posts. These “friends” included some of her co-workers, but no managers. One co-worker, on his own initiative, began to take screenshots of the plaintiff’s wall posts and send them to MONOC managers without her knowing.
On June 8, 2009, the plaintiff posted a Facebook comment that implied that the paramedics who responded to a shooting at the Holocaust Museum in Washington, D.C., should have let the gunman die. This post was sent to MONOC managers, who then temporarily suspended the plaintiff with pay and sent her a memorandum expressing their concern that her post reflected “deliberate disregard for patient safety.” The plaintiff was later terminated for failing to return to work after a leave.
Initially, the plaintiff filed an unfair labor practice charge with the National Labor Relations Board, but the NLRB found that MONOC did not violate the National Labor Relations Act and that there was no privacy violation because the post was sent by a co-worker on his own initiative to MONOC management. The plaintiff then filed a complaint with the district court, including claims that MONOC violated the SCA and invaded her privacy for accessing her Facebook posts.
After concluding that non-public Facebook posts constitute “electronic communications” covered by the SCA, the court granted MONOC summary judgment, finding that the SCA’s “authorized user” exception applied to this case. The court explained that the SCA “does not apply with respect to conduct authorized… by a user of that service with respect to a communication of or intended for that user.” The court found that access to the plaintiff’s wall was “authorized” by a Facebook user, and that based on the privacy settings, the wall post was “intended for that user.”
The district court also granted summary judgment on the plaintiff’s invasion of privacy claim, explaining that MONOC did not solicit the information but rather was a passive recipient of the wall post, thus negating any such claim.
Ehling is a continuation of a trend among federal courts finding that the SCA covers non-public portions of Facebook accounts. Had the plaintiff’s co-worker been acting as the agent of MONOC at the time he accessed the plaintiff’s wall (e.g., at management's request), rather than on his own initiative, the court may well have denied MONOC’s summary judgment motion. Based on the holding in Ehling, federal courts will likely continue to find that non-public Facebook posts are covered by the SCA.