San Francisco Employment Privacy Law Lawyer & Attorney : Littler Mendelson Law Firm : Employment Related Privacy Issues

Our last blog entry discussed the First Amendment shield that covers current and former employees who use anonymous or pseudonymous Internet postings to trash their employers. Today’s cautionary tale highlights the practical challenges employers face in court even when a current or former employee posts confidential records on the Web in violation of confidentiality agreements and laws.

Bank Julius Baer & Co., a Cayman Island subsidiary of a Swiss bank, fired a disgruntled vice president. On her way out, she took confidential documents she believed show that her former employer engaged in unlawful conduct. The next day, she posted those documents on a public website devoted to leaking confidential documents.

Instead of pursuing the disgruntled vice president, the Bank filed a lawsuit seeking to enjoin the leaking website, Wikileaks.org, and its domain name registrar, Dynadot. The Wikileaks website enables users to anonymously publish submissions, including alleged confidential corporate and government documents. The site aims to be an “untraceable version of Wikipedia for untraceable mass document leaking and analysis.” The site runs on modified MediaWiki software, similar to the software that runs Wikipedia.

Dynadot, a small company not interested in a protracted legal battle, stipulated to a permanent injunction that required it to shut down the website instead of fighting the Bank. Judge Jeffrey White of the federal district court in San Francisco signed the stipulated permanent injunction. The Bank dismissed its lawsuit against Dynadot with prejudice, and Dynadot shut down the website. The Bank appeared to have silenced its disgruntled vice-president, quickly, quietly and at minimal cost.

But the next day, Wikileaks was up and running through multiple mirror sites. Mirror sites use a similar domain name that is registered through a different domain name registrar. Wikileaks, for example, also used the domain name Wikileaks.cx through a domain registrar in the Christmas Islands. Wikileaks posted the Bank’s confidential documents on these mirror sites. 

Within the week, the New York Times, while neglecting to mention the agreement between the Bank and Dynadot, reported that Judge White’s approval of the stipulated permanent injunction “present[ed] a major test of First Amendment rights.” Also failing to mention the agreement between the parties, blogs buzzed about apparent constitutional violations. 

Not long after publication of the Times article, heavy hitters such as the ACLU, Project on Government Oversight, and the Electronic Frontier Foundation, came out with statements against the Bank. In response to their court papers, Judge White abnegated the agreement the Bank had negotiated with Dynadot, dissolved the permanent injunction, denied the Bank's request for a restraining order, noted the injunction may involve impermissible prior restraints, pondered whether an injunction would serve any purpose and questioned whether the Court had subject matter jurisdiction to hear the dispute. In the meantime, the Wikileaks site, complete with the Bank's stolen documents, is still up and running. On March 5, 2008, the Bank voluntarily dismissed its lawsuit, apparently concluding that litigation was no longer worth the cost.

Employers should view the Bank’s experience as a cautionary tale. What started as a quick agreement and apparent resolution literally, as the saying goes, ended up on the front page of the New York Times. The case also shows how quickly journalists will publicize a story that can be portrayed as “an attack on the First Amendment.” Sometimes filing suit is not the best way for an employer to protect its interest.

• Print
• Trackbacks

The rumors are flying: The TV news ran a story last night on the evacuation and de-contamination of the local public school after one of the football players missed Saturday’s game because of infection with the MRSA Superbug.  One of your employees happens to have a son on the football team, and she called in sick on the Monday after the game.  Employees who work in the area of her cubicle have “petitioned” HR not to let the mother return to work until she has submitted written documentation from her physician that she is not infected or contagious.  Where does HR even start to unravel the privacy concerns of the mother and her child, and how should those concerns be weighed against the health interests of the mother’s co-workers? 

The legal analyses related to this issue are among the most complex in the area of workplace privacy, involving the interplay of the Americans with Disabilities Act (ADA); the Family and Medical Leave Act (FMLA); the Health Insurance Portability and Accountability Act of 1996 (HIPAA); state privacy statutes, such as California’s Confidentiality of Medical Information Act; state common law; and, at least in California, state constitutional law. 

Before wading into this quagmire, HR professionals should consider the following guidelines for balancing the privacy interests of potentially infected workers and the health interests of co-workers.

These guidelines would apply regardless of the type of infection — MRSA, Hepatitis A, TB, HIV, etc.

1.      Investigate:  Learn the facts; do not rely on rumors.

2.      Interview The Possibly Infected  Employee:  If the facts indicate that an employee might be infected with the MRSA Superbug, designate a manager with the appropriate level of responsibility to get more information directly from the employee.

3.      Consult Counsel On How To Handle An Uncooperative Employee: If the employee refuses to disclose information, consult counsel regarding whether the employee can be required to provide health information before taking any adverse action is against the employee.  If the employee already has been sent home, promptly involve counsel to minimize or resolve any possible liability risks.  

4.      Provide Notice Of Disclosure To A Cooperative Employee:  If an employee voluntarily discloses infection with MRSA, explain that (a) the employer may need to disclose limited information about the employee’s health condition to those with a need to know, such as government health officials and health care providers of co-workers to take precautions against the spread of the infection and to facilitate any needed treatment of others, and (b) the employer will limit disclosure to those with a need to know and then will disclose only the minimum information necessary.

5.      Request Consent To Disclose:  Ask the employee for permission to make the limited disclosures described above.  If the employee refuses to consent, tell the employee that the entity may have no choice but to share information about the infection with others but will do so only to the extent permitted or required by law.

6.      Avoid Identifying The Infected Employee:  When disclosing information about the infected employee, avoid identification by name except when necessary to protect the health of co-workers who might have been infected or as required by law.

7.      Instruct Supervisors On Confidentiality And Retaliation Risks:  Instruct supervisors about the need to maintain the confidentiality of employee health information and provide guidance on how to respond to questions from other employees and supervisors so as to avoid undue panic and concern.  Supervisors should be reminded of the need to avoid any claim of retaliation by the possibly infected employee or his/her family members.  Educate supervisors on the spread of MRSA infections, types of treatment, and the Company’s planned preventative steps.

There is no one-size-fits-all solution to the many complicated privacy issues that a Superbug infection in the workplace can raise.  These guidelines, however, provide a starting point for what most likely will be a tense and fast-moving situation that raises a wide range of benefits issues and employment-related liability risks. 

My colleagues in Littler's Workplace Safety Practice Group, Don Benson and Pete Rice, are OSHA experts who will be presenting a webinar on Wednesday, December 12, 2007, on how to reduce the risks of an MRSA outbreak in your workplace and how to respond when one occurs.  You can get more information about the webinar here.

• Print
• Trackbacks

On November 6, 2007, the California Supreme Court heard long-awaited arguments in the closely watched "medical marijuana" case of Ross v. RagingWire Telecommunications, Inc.  Gary Ross, a network administrator, was terminated eight days into his employment after testing positive for marijuana.  Ross challenged the termination because he had a doctor's recommendation that he use marijuana to relieve chronic back pain.  Ross has alleged that because his use of marijuana was lawful under California's Compassionate Use law, his employer was obligated under state law to accommodate his disability by permitting him to use marijuana as recommended by his physician.  Ross’s attorneys also argued that his discharge violated California's public policy, including California’s constitutionally created right to privacy.

Marijuana use is illegal under federal law.  California has effectively “decriminalized” marijuana use by adopting the Compassionate Use Act of 1996.  The Act allows individuals to purchase, possess, cultivate, and use small quantities of marijuana for medicinal purposes without fear of prosecution by state officials.  Federal officials may prosecute those who use marijuana pursuant to the state law, but as a practical matter, enforcement efforts are much more likely to be focused on cultivation and distribution networks.  The statutory language makes it clear that employees may not possess or use marijuana at work – leading Ross’s attorneys to argue that by implication, the law intended that employees be permitted to use the drug outside of work.

RagingWire’s attorney argued that employers have an interest in ensuring that employees are not using drugs illegally, and should not have to tolerate off-work drug use by workers simply because state law considers such use lawful.  These arguments were persuasive in the lower courts, and several Justices participating in the oral argument appeared to agree that the federal-state law conflict posed a problem for employers.

Ross’s attorneys pointed out, however, that RagingWire had no obligation to drug test Mr. Ross under federal law, and that there was little risk that the Company could be held liable for accommodating his off-job drug use.  In addition, California public policy strongly supports an individual’s right to employment absent discrimination on the basis of disability, and further contains provisions protecting individuals’ rights to make basic decisions regarding their medical care.  Ross’ attorneys further argued that the California Constitution’s privacy protections also militated in favor of Ross, absent evidence that he was impaired by his marijuana use while at work.

Significantly, Ross’s advocates did not challenge an employer's right to conduct the drug test in the first place, and both agreed that the California Supreme Court's decision in Loder v. City of Glendale remains good law.  The Loder decision established that California employers may conduct workplace drug testing in circumstances that do not unduly intrude upon an individual's right to privacy.  The opinion discusses at length the various ways in which illegal drug use adversely affects employers, and concludes that attempts to detect such use may be tolerable incursions upon an employee's right to autonomy privacy.  The fact that medicinal use of marijuana is now technically not unlawful as a matter of California law begs the question of whether, and to what extent, employers must accommodate that use like any other prescription medication which may have adverse effects on an individual's behavior or job performance.

Ultimately, many of the questions raised by the Justices were not adequately addressed by Ross’s attorneys:  If the test is lawful under California law, and the drug use is arguably lawful under California law, what, if anything, must the employer do to accommodate such use?  Can permitting the off-duty use of marijuana ever be deemed a reasonable accommodation?  As a practical matter, RagingWire had not considered whether to accommodate Ross’s marijuana use, and neither side appeared willing to compromise its position regarding Ross’s right to use marijuana.  Interestingly, the attorneys for Ross agreed that an employee who came to work under the influence of drugs could be disciplined by his employer, but failed to explain the difference between a positive drug test and evidence of impairment.  If that line of reasoning is adopted, it may have the curious result of barring employers from refusing to hire individuals who use marijuana pursuant to the Compassionate Use Act, but permitting employers to discharge such individuals for testing positive after a workplace accident or other incident suggestive of impairment.

Ultimately, court-watchers came away with no clear sense of how the California Supreme Court might rule.  Given both parties’ support for the Loder case, however, it appears unlikely that the privacy analysis applied to workplace drug testing, which balances the needs of the employer against the privacy interests of the employee, will be revised.

If, however, the California Supreme Court rules that RagingWire and other employers must accommodate employee disabilities by permitting the use of marijuana as authorized by state law, we can expect to see a significant effect on workplace drug testing policies.  As drafted, the Compassionate Use law does not require individuals to obtain a prescription to use marijuana – deliberately so, because doctors who prescribe marijuana forfeit their federally-issued licenses to prescribe narcotics.  Moreover, obtaining a recommendation to use marijuana to treat anything from headaches to allergies is relatively simple – certain medical practices advertise that would-be patients will be refunded the cost of their office visit if they do not leave with a recommendation to use marijuana.  As a result, after nearly every positive marijuana test, California employers would be forced to ignore test results unless the employer also had evidence that the employee or applicant would be impaired while working.  Employees subject to testing as a matter of federal law – for example, transportation workers – would continue to be barred from using marijuana and performing regulated work, but employers would otherwise have little guidance in making decisions about the likely effect of the individual’s drug use on workplace safety.  It seems certain that a ruling in favor of Ross, therefore, would lead to an immediate petition for review before the United States Supreme Court.

• Print
• Trackbacks (1)