Q&A: Accessing Employee Computers

Do churches have the right to monitor computers and phones?

Pastor Corey is a youth pastor at our church. A church secretary picked up a church telephone and overheard a “romantic” conversation between Pastor Corey and a woman who was not his wife. The secretary informed the senior pastor of this conversation. The senior pastor accessed Pastor Corey’s computer one evening after work to look for incriminating material. He discovered several incriminating emails, and downloaded pornographic images. The pastor informed the church board, and a decision was made to dismiss Pastor Corey. When Pastor Corey was informed of this decision, he claimed that his “privacy rights” had been violated. Does a church have the right to access employee computers and telephone calls?

Most youth pastors function in an “electronic environment.” They are provided with a computer by their employing church (which may have an Internet connection), and a cell phone. The use of such devices raises important privacy issues. For example, does a senior pastor or another staff member have the right to access a youth pastor’s computer, or phone calls, without notice or consent? Let’s illustrate these issues with two examples.

Example. Pastor Dave is the youth pastor at his church. He is provided with a computer by the church, and an Internet connection. While Pastor Dave is away on vacation, the senior pastor needs to access Pastor Dave’s computer to find the text of a letter. While searching Pastor Dave’s computer for the letter, the senior pastor finds several downloaded pornographic images. The senior pastor shares this information with the church board, and a decision is made to terminate Pastor Dave’s employment. When Pastor Dave is informed of this decision, he complains that the unauthorized access to his computer violated his privacy rights.

Example. Pastor Scott is a youth pastor at his church. A church secretary picks up a church phone to make a business call and hears Pastor Scott’s voice. The secretary continues to listen, and hears Pastor Scott engaged in a “romantic” conversation with a woman who is not his wife. The secretary hangs up, and later informs the senior pastor about the conversation. When confronted with this information, Pastor Scott admits it, but insists that the secretary violated his privacy rights.

Just what privacy rights do youth pastors have in office computers provided to them by their employing church, or in conversations involving church telephones? Can church leaders dismiss a youth pastor if they find pornographic files on his office computer? Or, would this amount to an invasion of the youth pastor’s privacy?

Electronic Communications Privacy Act

The federal Electronic Communications Privacy Act, also known as the Wiretap Act, prohibits the intentional interception of “wire, oral or electronic communications” by any “electronic, mechanical, or other device.” A telephone conversation is a “wire communication,” which means that it is unlawful to intentionally intercept a telephone conversation by means of an “electronic, mechanical, or other device.” However, the Act exempts any telephone: (i) furnished to the subscriber or user by a provider of wire or electronic communication service in the ordinary course of its business and being used by the subscriber or user in the ordinary course of its business or furnished by such subscriber or user for connection to the facilities of such service and used in the ordinary course of its business; or (ii) being used by a provider of wire or electronic communication service in the ordinary course of its business.

This exemption is called the “business extension” exemption since it applies to the use of an “extension” telephone at an employer’s place of business so long as the extension telephone is being used “in the ordinary course of business.” Note that there are two requirements for this exemption to apply: the intercepting equipment must be (1) furnished to the user by the phone company or connected to the phone line, and (2) used in the ordinary course of business. The “ordinary course of business” requirement may not be met if church staff members are permitted to use church telephones for occasional personal calls, and an employee eavesdrops on a personal call being made by another employee on a church telephone.

Most churches allow employees to use telephones for personal calls, even if they have a written policy strictly prohibiting such use. Allowing employees to use church telephones for personal calls will make it more difficult for the church to qualify for the business extension exemption to the Wiretap Act. To illustrate, if a church is charged with violating the Wiretap Act because of the interception of a telephone call, it cannot claim that all calls made on church premises are necessarily “business” in nature if the church permits employees to use telephones for personal calls. The church may still be able to prove that it intercepted a call while a telephone was being used in the ordinary course of business, but this will be more difficult if it allows personal calls (or has a policy prohibiting personal calls that is routinely ignored).

The bottom line is this—when a church employee picks up a telephone and hears another conversation in progress, he or she must immediately determine if the conversation is business or personal. If it is personal in nature, then the employee should hang up the telephone. Continuing to listen in on a personal telephone call may subject the employee, and the church, to criminal and civil liability.

Let’s see how other courts have interpreted the business extension exemption. Two leading cases are summarized below.

Example. An employee received a call from a friend who asked about a recent job interview the employee had with another company. The employee’s supervisor listened in on the call and fired the employee as a result of what he learned. The employee sued the employer for violating the Act. The employer insisted that the business extension exemption applied. A federal appeals court concluded, “The general rule is if the intercepted call was a business call, then the [employer’s] monitoring of it was in the ordinary course of business. If it was a personal call, the monitoring was probably, but not certainly, not in the ordinary course of business.” The court concluded that the business extension exemption did not apply: “While the employer might have been curious about [the employee’s] plans—it had no legal interest in them. [The employee’s] interview was thus a personal matter, neither in pursuit nor to the legal detriment of [the employer’s] business.” The court held that under the Wiretap Act, the employer “was obliged to cease listening as soon as [the employer] had determined the call was personal, regardless of the contents of the legitimately heard conversation.”

Example. A business was burglarized and nearly $20,000 was stolen. The business owner suspected that an employee was the perpetrator. Hoping to catch the employee in a confession, the owner purchased and installed a recording device on an extension phone. When turned on, the machine would automatically record all conversations made or received on either phone, with no indication to the parties using the phone that their conversation was being recorded. The owner recorded, and listened to, twenty-two hours of the employee’s telephone conversations. While the employee never mentioned the burglary, she did admit to other indiscretions that led to her termination. She sued her former employer for violating the Wiretap Act. The owner claimed that the business extension exemption applied. A federal appeals court concluded that the business extension exemption did not apply: “We do not quarrel with the contention that the [owner] had a legitimate business reason for listening in: he suspected [the employee’s] involvement in a burglary of the store and hoped she would incriminate herself in a conversation on the phone. Moreover, [she] was abusing her privileges by using the phone for numerous personal calls even, by her own admission, when there were customers in the store. The [owner] might legitimately have monitored [her] calls to the extent necessary to determine that the calls were personal and made or received in violation of store policy. But the [owner] recorded twenty-two hours of calls, and listened to all of them without regard to their relation to his business interests. Granted, [the employee] might have mentioned the burglary at any time during the conversations, but we do not believe that the [owner’s] suspicions justified the extent of the intrusion. We conclude that the scope of the interception in this case takes us well beyond the boundaries of the ordinary course of business.”

Consent

The federal Wiretap Act provides that “consent” is a defense to criminal liability. As a result, a church will not violate the Wiretap Act when it intercepts employees’ telephone conversations so long as the employees have consented to the interceptions. Can a church simply adopt a policy allowing it to intercept employee telephone calls, and require every employee to sign a form acknowledging and agreeing to the policy? Several courts have addressed the issue of consent in this context, and it is possible that a church could avoid liability under the Wiretap Act for occasional interceptions of employee telephone calls by adopting the following procedures:

  1. Adopt a written policy informing employees that their telephone calls may be monitored. It would be best to base this policy on a legitimate business purpose, such as the limitation of personal calls during office hours. It is not clear whether such a policy can apply to current employees unless they provide the church with something of value. This is a result of the basic principle of contract law that no contractual commitment is binding unless a party gives up something of value. This problem may be avoided by having current employees sign a written form (agreeing to the policy) at the time they receive a pay raise. This is an issue that should be addressed with a local attorney.
  2. Explain the policy to all new employees at the time of hiring.
  3. Have all new employees sign a statement acknowledging that they understand and agree to the policy.
  4. Attach a notice to the front cover of all telephone directories, reminding employees of the policy. While it may seem excessive to some, church leaders should also consider attaching an appropriate notice to all office telephones.
  5. The Electronic Communications Storage Act
  6. The Electronic Communications Storage Act, also known as the Stored Communications Act, was added to the Wiretap Act in 1986. The Act specifies that “whoever (1) intentionally accesses without authorization a facility through which an electronic communication service is provided; or (2) intentionally exceeds an authorization to access that facility; and thereby obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system” violates the Act. “Electronic storage” is defined as “(A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and (B) any storage of such communication by an electronic communication service for purposes of backup protection of such communication.”
  7. Very few courts have applied the Electronic Communications Storage Act to an employer’s access to an employee’s email account. From the limited precedent, it would appear that an employer does not violate the Act by accessing emails on a computer after they have been downloaded by an employee to his or her hard drive. The Act is violated when an employer accesses without consent an employee’s email account directly on the “electronic communication service provider” (such as Hotmail) and in addition “obtains, alters, or prevents authorized access” to an electronic communication “while it is in electronic storage in such system.” While a church may not violate the Act when it accesses an employee’s email after it has been downloaded to the employee’s computer hard drive, it may invade the employee’s privacy by doing so (as noted below). Church leaders should not access an employee’s email without first consulting with a local attorney.
  8. State electronic privacy laws
  9. Church leaders must realize that several states have their own electronic privacy laws that may apply to the interception of telephone calls and inspection of emails on church computers. These laws should be consulted.
  10. Invasion of privacy
  11. Invasion of privacy is a basis of liability that is completely separate from federal and state electronic privacy laws. It requires proof of intrusion upon the privacy of another in a manner highly offensive to a reasonable person, in a place that a reasonable person would consider private. To illustrate, one court concluded that a youth pastor’s privacy may have been invaded when (1) a church secretary and business administrator eavesdropped on his private telephone conversation, and (2) the pastor and church accessed his email account. The court noted that “intrusion on the privacy of another may be by some other form of investigation or examination into his private concerns, as by opening his private and personal mail, searching his safe or his wallet, examining his private bank account, or compelling him by a forged court order to permit inspection of his personal documents.”
  12. Even if state or federal electronic privacy laws are not violated by an interception of a church employee’s telephone call, or inspection of the employee’s email or computer, such acts may amount to an invasion of privacy for which the church may be liable.
Richard R. Hammar is an attorney, CPA and author specializing in legal and tax issues for churches and clergy.

This content is designed to provide accurate and authoritative information in regard to the subject matter covered. It is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional service. If legal advice or other expert assistance is required, the services of a competent professional person should be sought. "From a Declaration of Principles jointly adopted by a Committee of the American Bar Association and a Committee of Publishers and Associations." Due to the nature of the U.S. legal system, laws and regulations constantly change. The editors encourage readers to carefully search the site for all content related to the topic of interest and consult qualified local counsel to verify the status of specific statutes, laws, regulations, and precedential court holdings.

ajax-loader-largecaret-downcloseHamburger Menuicon_amazonApple PodcastsBio Iconicon_cards_grid_caretChild Abuse Reporting Laws by State IconChurchSalary Iconicon_facebookGoogle Podcastsicon_instagramLegal Library IconLegal Library Iconicon_linkedinLock IconMegaphone IconOnline Learning IconPodcast IconRecent Legal Developments IconRecommended Reading IconRSS IconSubmiticon_select-arrowSpotify IconAlaska State MapAlabama State MapArkansas State MapArizona State MapCalifornia State MapColorado State MapConnecticut State MapWashington DC State MapDelaware State MapFederal MapFlorida State MapGeorgia State MapHawaii State MapIowa State MapIdaho State MapIllinois State MapIndiana State MapKansas State MapKentucky State MapLouisiana State MapMassachusetts State MapMaryland State MapMaine State MapMichigan State MapMinnesota State MapMissouri State MapMississippi State MapMontana State MapMulti State MapNorth Carolina State MapNorth Dakota State MapNebraska State MapNew Hampshire State MapNew Jersey State MapNew Mexico IconNevada State MapNew York State MapOhio State MapOklahoma State MapOregon State MapPennsylvania State MapRhode Island State MapSouth Carolina State MapSouth Dakota State MapTennessee State MapTexas State MapUtah State MapVirginia State MapVermont State MapWashington State MapWisconsin State MapWest Virginia State MapWyoming State IconShopping Cart IconTax Calendar Iconicon_twitteryoutubepauseplay
caret-downclosefacebook-squarehamburgerinstagram-squarelinkedin-squarepauseplaytwitter-square