An Administrator's Guide to California Private School Law

Chapter 10 - Privacy Rights Of Students And Employees

2. B USINESS U SE A ND N OTICE E XCEPTIONS Two exceptions to the Wiretap Act and the ECPA may apply to schools. The first is a “business exception” that allows operators of communication service providers to monitor the use of their equipment in the ordinary course of business for purposes of protecting their rights and property. For example, a school that hosts its own e-mail service may monitor student and employee activity on its server. Second, the Wiretap Act does not apply where a party to the electronic communication has consented to the interception. Thus, a school that gives users, both students and employees, notice that their electronic communications are subject to monitoring, and has obtained written consent from those individuals to monitoring through a signed acknowledgment of the school’s computer and electronic communications policy, has greatly insulated itself against potential liability. Clauson v. Superior Court of Los Angeles 1758 The appellate court allowed an employee and his family to pursue both punitive damages for alleged invasion of privacy as well as statutory wiretapping and eavesdropping penalties based on the employee’s allegations that his employer installed eavesdropping devices in his office and wiretapped his private office and telephone. Further, the employee alleged that his employer secretly tape- recorded “several hundred telephone conversations” that the employee had with his wife and children and that the taped conversations involved “confidential communications, including private family matters.” E. A PPLICABLE C ALIFORNIA L AW Apart from the California Constitution, statutes, and common law claims already mentioned, California also has these additional statutory systems that govern employer monitoring of electronic communications. The first is California Penal Code section 502, which was enacted to address the proliferation of computer crime and other forms of unauthorized access to computers, computer systems, and computer data. 1759 Section 502 protects computer systems, data, the privacy of individuals, and “the well-being of financial institutions, business concerns, governmental agencies, and others.” It prohibits, in pertinent part, the unauthorized use, copying, damage, interference, and access to lawfully created computer data and computer systems from an internal or external computer or network. Recently, legislation passed that amended Penal Code section 502 to make it a crime to place, without authorization, a contaminant or lock on a computer, computer system, or computer network for the purpose of restricting an authorized person from accessing the computer, computer system, or computer network, and demanding the payment of money or other consideration to remove the computer contaminant or lock. 1760 The statute provides both criminal and civil remedies. Section 502 explicitly excludes individuals who access their employer's computer systems or data when acting within the scope of their lawful employment. However, the statute does not include similar language protecting

An Administrator’s Guide to California Private School Law ©2019 Liebert Cassidy Whitmore 396

Made with FlippingBook HTML5