"This is a court of law, young man," cautioned American Supreme Court Justice Oliver Wendell Holmes Jr. over a century ago, "not a court of justice." Likewise, whether or not the court of public opinion finds a New Jersey teacher's reading and disseminating of his colleague's e-mails morally reprehensible or unfair is not the point.
If you haven't enough reasons to log off when you've finished with your e-mail account, or any program for that matter, and require passwords to open them, an appeals court in New Jersey has just added a couple more. It ruled that a teacher who accidentally bumped an absent colleague's mouse, thereby revealing her open Yahoo mail inbox and e-mails about himself not only had "tacit authorization" to look at her inbox but did not exceed that authorization when he printed and disseminated those e-mails.
What may seem a simple story of petty office politics may have big ramifications for retailers and other businesses, as more and more of their data is stored on more and more digital devices to which more and more people might have access.
The New Jersey story began like this: teacher and soon to be defendant Wayne Rogers sat down at a computer terminal to check his e-mail. Setting down his drink, it bumped the mouse of an adjacent terminal, the screen saver of which vanished to show Linda Marcus's open Yahoo mail inbox containing a message to her with the words "Wayne Update" in the subject box. Wayne Rogers opened that one and a string of others referring to him in uncomplimentary terms.
Rogers printed out copies of the e-mails and brought them to the next meeting of the local teachers' association, and confronted Marcus about the e-mails referring to him. Marcus and the other teachers involved in the string of messages felt that their privacy had been invaded, and filed a complaint with the school, and ultimately filed a lawsuit claiming Rogers had hacked Marcus's e-mails.
New Jersey electronic privacy law put two questions before the judge and jury. First, did Rogers "knowingly access without authorization a facility through which an electronic communication service is provided?" Second, did he "exceed an authorization to access that facility?"
The judge answered the first question. Marcus herself had opened her e-mail program, and by not closing it had tacitly granted Rogers access.
The judge put the question of whether Rogers did "exceed an authorization to access that facility" to the jury. Six of seven jurors ruled he did not.
Marcus and the other teachers appealed to the Superior Court of New Jersey. The panel of three judges upheld the jury's decision and found that the trial judge had properly presented the questions to the jury. The Superior Court debated briefly whether the word "knowingly" applied both to accessing and exceeding access authorization. The appeal judges ruled that it did. So even if Rogers had been deemed to have accessed Marcus's e-mail account and/or exceeded his authorization, she would have had to prove that he "knowingly" did so.
So what has this got to do with the price of potatoes? Well, the old saying that "ignorance of the law is no excuse" may not have been true in this case, and in all provinces of Canada except Quebec, common law and precedent apply, and don't think this New Jersey precedent is going unnoticed. So if your employee, customer, supplier, sales rep, or competitor, gains access to your confidential information, through your sloppy computing practices, you may have no recourse.
It is possible, for instance, that you may not be able to dismiss employees for looking at confidential data to which they have been granted "tacit authorization." If you misplace your smartphone or other electronic device, even with the best of intentions of returning it to you, a person might be considered to have received "tacit authorization" to view data which you do not want to share.
In such cases authorization, say legal experts, may be assessed on an individual basis, but remember, a general rule in freedom of information and privacy laws in North America is that "disclosure to one is disclosure to all." In other words, when your electronic genie is out of the bottle, there is no putting him back in again. So why put yourself through such agony? "Lawyers," may, in Chief Justice Holmes' words, "spend a great deal of time shoveling smoke," but they bill heavily for it.
The New Jersey courts ruled that there was no evidence of hacking in this case, so close your programs when you are finished with them. And use a password on all of them. Then if they are ever opened without your knowledge and explicit consent, there should be no question that they were opened without your "tacit authorization."
Photo by: Michelle Meiklejohn