A federal district court in Northern Illinois, in a rather interesting case given the widespread use of Facebook and Twitter in the workplace by employees who are looking to advance both their careers with an employer as well as market themselves better, has denied an employer's motion for summary judgment on the plaintiff's Stored Communication Act (SCA) claim. The case is super fact-specific and may not apply in every case, but highlights an important message to employers in the social media arena, which continues to present new and interesting issues every year.
The SCA provides a private cause of action for unauthorized, intentional access to communications held in electronic storage. See Shlahtichman v. 1-800 Contacts, Inc., 615 F.3d 794, 803 (7th Cir. 2010). Specifically, the SCA provision at issue states that whoever "(1) intentionally accesses without authorization a facility through which an electronic communication service is provided; or (2) intentionally exceeds an authorization to access that facility" and by doing so "obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system" violates the SCA. 18 U.S.C. § 2701(a); Shefts v. Petrakis, 758 F. Supp. 2d 620, 635 (C.D. Ill. 2010).
To make the intricate facts simple, essentially, the plaintiff, Jill E. Maremont, was an employee at an interior design company in Chicago whose salary included bonuses if certain goals were met. In order to help meet these goals and obtain the bonuses, Maremont created a Facebook page for the company (currently, to set up a page for a company on Facebook, a personal account is needed which is where Maremont's privacy claims come in as the company needed to access her personal account to get to the company account), and also created a Twitter account. However, the Twitter account Maremont created used her name in the handle (@jmaremont) and seemed clearly to contain content giving the account her identity (i.e., she tweeted in the first person) more so than the identity of the company (e.g., Starbucks' Twitter account is @starbucks and does not contain tweets in the first person so as to identify itself with one or more specific employees). Also, it appears Maremont had "friend request" approved, allegedly by the defendant, and that Maremont created administrators so they could access the page without using her personal account.
Maremont was the victim of an unfortunate car accident that had her in the hospital and out of work for quite a while. During this time, the employer gained access to the Facebook page and Twitter account Maremont created by using the passwords Maremont kept stored on her work computer, which was a part of the company's network. There was dispute over this as Maremont contended she kept these passwords and account information in a locked folder so as to provide her with an expectation of privacy whereas the employer contends the information was provided to them. While Maremont recovered, the employer posted content on the Facebook company page and on the Twitter account which is what led to the filing of the lawsuit alleging violations of the Lanham Act, the SCA, the Illinois Right of Publicity Act and common law right to privacy.
The federal court dismissed Maremont's Lanham Act claim because of issues with Maremont's damages allegations but allowed her SCA claim to proceed holding that there were genuine issues of material fact related to whether the employer had permission to access the social media accounts and because the plaintiff did not need to establish actual damages to proceed under the SCA.
The case may very well settle but the ruling presents a problem for employers who wish to utilize social media accounts created by their employees without their express permission.
The case is Maremont v. Susan Fredman Design Group, Ltd., 2014 WL 812401 (N.D. Ill. March 3, 2014).