Feeds

Court protects firms from employees' noxious emails

Agilent couldn't agree more

Choosing a cloud hosting partner with confidence

Silicon Justice Some companies in California don't have to worry about their employees' online activity as much as they used to - at least for the time being.

In a recent judgment, an appellate court in California ruled that Agilent Technologies, a high-tech spin-off of HP, couldn't be held accountable for the online shenanigans of one of its employees. The court's logic extended to employers generally, and companies in that part of California now have immunity for publication infractions committed by their employees over employer-provided email and Internet access under an increasingly utilitzed law, Section 230 of the Communications Decency Act.

The plaintiffs in the suit against Agilent, however, have petitioned the California Supreme Court for a review of the appellate court's decision. The lower court's ruling represents the first time that any court has extended the immunity usually reserved for ISPs to an employer, and the plaintiffs think they can convince the high court to exclude employers from the statute's protections.

They are woefully mistaken. While the appellate court's interpretation of the law has its problems - and could possibly be overturned at some point in the future - it is unlikely that the California Supreme Court will take up the issue so close on the heels of its landmark Section 230 decision in Barrett v. Rosenthal.

So why waste the effort, you ask? Money, of course.

The plaintiffs, ex-Varian employees, were harassed by an Agilent employee who used the company-provided Internet access and email system to send and post threatening messages directed against the plaintiffs. In a separate judgment entered against the employee, the plaintiffs won $1m. The chances that the employee will ever pay up are slim to none, so the plaintiffs' only hope at any pay-off for suffering through the employee's noxious behaviour is to go after the large, cash-filled pockets of the employer, Agilent.

The only problem is that, even without Section 230 immunity for Agilent, the plaintiffs didn't have much chance of proving Agilent's liability. With Section 230 involved, the case becomes a shipwreck.

Section 230 grants immunity to providers and users of "interactive computer services" for offenses based on another's publication of information on or through the service. This has applied to ISPs and web services in the past (eg, this case involving Craigslist,) but never an employer, up until now.

The California court determined that Agilent met the definition of a provider of an "interactive computer service," since it provided multiple users (its employees) with access to a computer server that in turn provides access to the Internet. As such, it is immune from any suit that treats it as the publisher or speaker of another's information.

That result seems fine in a case like this one, where the issue was Agilent's liabilty for the plaintiffs' emotional distress over the threatening messages, but what happens in other situations? Can a company avoid liability for the actions of an employee who extends a fraudulent offer on the company's behalf through an email or web posting? What about sexual harassment that occurs exclusively over email?

The plaintiffs raised the situations above, and others, in their initial appellate documents. They represent the strongest arguments for overturning the extension of Section 230 immunity to employers.

That is unlikely to happen, however. The case would first have to be accepted for review by the California Supreme Court, and the court will almost certainly choose not to revisit Section 230 so soon after its decision in Barrett.

That suit, decided last November, involved the distribution of defamatory comments made by third parties over the Internet. The Supreme Court held that Section 230 immunity applied to the distributor, even if she should have known that the comments were libelous.

The California Supreme Court has decided precious few Internet-related cases (only four, by some counts,) so it will likely skip the chance to weigh in on a Section 230 issue again until a conflict arises among the lower courts, if even then.

And even if the plaintiffs can succeed in having the Supreme Court hear the case and overturn the Section 230 ruling, their cause doesn't have much chance of success. The harassment was so far outside the scope of the employee's work with Agilent, that there would not be any liability on the part of Agilent for the employee's actions. Agilent had no duty to protect the plaintiff when hiring the employee, either, and it never ratified the employee's actions. In fact, it eventually fired him for violation of company email policies in relation to the activities leading to this case.

Any reversal of the Section 230 decision in this case might help future parties who wish to get at an employer's deep pockets, but it won't have much effect in the current case against Agilent.

So that leaves the plaintiffs, while eggregiously wronged by the employee, with a dead-end case against the employer. And all the hype over Section 230 is starting to look like a tilt at a windmill. ®

Kevin Fayle is an attorney, web editor and writer in San Francisco. He keeps a close eye on IP and International Law issues.

Business security measures using SSL

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Hey, Scots. Microsoft's Bing thinks you'll vote NO to independence
World's top Google-finding website calls it for the UK
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.