Feeds

Court protects firms from employees' noxious emails

Agilent couldn't agree more

The Power of One Infographic

Silicon Justice Some companies in California don't have to worry about their employees' online activity as much as they used to - at least for the time being.

In a recent judgment, an appellate court in California ruled that Agilent Technologies, a high-tech spin-off of HP, couldn't be held accountable for the online shenanigans of one of its employees. The court's logic extended to employers generally, and companies in that part of California now have immunity for publication infractions committed by their employees over employer-provided email and Internet access under an increasingly utilitzed law, Section 230 of the Communications Decency Act.

The plaintiffs in the suit against Agilent, however, have petitioned the California Supreme Court for a review of the appellate court's decision. The lower court's ruling represents the first time that any court has extended the immunity usually reserved for ISPs to an employer, and the plaintiffs think they can convince the high court to exclude employers from the statute's protections.

They are woefully mistaken. While the appellate court's interpretation of the law has its problems - and could possibly be overturned at some point in the future - it is unlikely that the California Supreme Court will take up the issue so close on the heels of its landmark Section 230 decision in Barrett v. Rosenthal.

So why waste the effort, you ask? Money, of course.

The plaintiffs, ex-Varian employees, were harassed by an Agilent employee who used the company-provided Internet access and email system to send and post threatening messages directed against the plaintiffs. In a separate judgment entered against the employee, the plaintiffs won $1m. The chances that the employee will ever pay up are slim to none, so the plaintiffs' only hope at any pay-off for suffering through the employee's noxious behaviour is to go after the large, cash-filled pockets of the employer, Agilent.

The only problem is that, even without Section 230 immunity for Agilent, the plaintiffs didn't have much chance of proving Agilent's liability. With Section 230 involved, the case becomes a shipwreck.

Section 230 grants immunity to providers and users of "interactive computer services" for offenses based on another's publication of information on or through the service. This has applied to ISPs and web services in the past (eg, this case involving Craigslist,) but never an employer, up until now.

The California court determined that Agilent met the definition of a provider of an "interactive computer service," since it provided multiple users (its employees) with access to a computer server that in turn provides access to the Internet. As such, it is immune from any suit that treats it as the publisher or speaker of another's information.

That result seems fine in a case like this one, where the issue was Agilent's liabilty for the plaintiffs' emotional distress over the threatening messages, but what happens in other situations? Can a company avoid liability for the actions of an employee who extends a fraudulent offer on the company's behalf through an email or web posting? What about sexual harassment that occurs exclusively over email?

The plaintiffs raised the situations above, and others, in their initial appellate documents. They represent the strongest arguments for overturning the extension of Section 230 immunity to employers.

That is unlikely to happen, however. The case would first have to be accepted for review by the California Supreme Court, and the court will almost certainly choose not to revisit Section 230 so soon after its decision in Barrett.

That suit, decided last November, involved the distribution of defamatory comments made by third parties over the Internet. The Supreme Court held that Section 230 immunity applied to the distributor, even if she should have known that the comments were libelous.

The California Supreme Court has decided precious few Internet-related cases (only four, by some counts,) so it will likely skip the chance to weigh in on a Section 230 issue again until a conflict arises among the lower courts, if even then.

And even if the plaintiffs can succeed in having the Supreme Court hear the case and overturn the Section 230 ruling, their cause doesn't have much chance of success. The harassment was so far outside the scope of the employee's work with Agilent, that there would not be any liability on the part of Agilent for the employee's actions. Agilent had no duty to protect the plaintiff when hiring the employee, either, and it never ratified the employee's actions. In fact, it eventually fired him for violation of company email policies in relation to the activities leading to this case.

Any reversal of the Section 230 decision in this case might help future parties who wish to get at an employer's deep pockets, but it won't have much effect in the current case against Agilent.

So that leaves the plaintiffs, while eggregiously wronged by the employee, with a dead-end case against the employer. And all the hype over Section 230 is starting to look like a tilt at a windmill. ®

Kevin Fayle is an attorney, web editor and writer in San Francisco. He keeps a close eye on IP and International Law issues.

The Power of One Brief: Top reasons to choose HP BladeSystem

More from The Register

next story
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Sit back down, Julian Assange™, you're not going anywhere just yet
Swedish court refuses to withdraw arrest warrant
UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill
Just 49 MPs oppose Drip's rushed timetable
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Delaware pair nabbed for getting saucy atop Mexican eatery
Burrito meets soft taco in alleged rooftop romp outrage
LightSquared backer sues FCC over spectrum shindy
Why, we might as well have been buying AIR
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.