Privacy Issues in the Workplace

(3) Access electronic device information by means of physical interaction or electronic communication with the electronic device. 472

The legislative intent of the law appears to be aimed at law enforcement agencies conducting criminal investigations. The use of the terms "law enforcement" and "police" supports this conclusion. While this law was generally intended to address privacy concerns around law enforcement searches of electronic devices and communications, if it is determined by courts to broadly apply to government entities it may negatively affect the ability to conduct such searches of an employee's electronic devices or communications. The statute generally protects an "authorized possessor" of electronic devices, defined as "the possessor of an electronic device when that person is the owner of the device or has been authorized to possess the device by the owner of the device." (Pen. Code, § 1546(b).) (emphasis added). A government entity may only access electronic information "with the specific consent of the authorized possessor of the device." (Pen. Code, §§ 1546.1(c)(3).) (emphasis added). We do not believe that section 1546.1 would be interpreted to allow a public employee who has been provided an electronic device owned by the government entity to exert the rights of an "authorized possessor" under this law and decline a search by the government entity that actually owns the electronic device. Nonetheless, this ambiguity in the law does highlight the importance for public agencies to clarify in their electronic use policies that an employee's use of an electronic device owned by the government agency is subject to search and the obligation to surrender the electronic device at any time by the public agency. The Penal Code does not state that a government entity is prohibited from searching for electronic information on its own network or email system. Rather, the statute provides that a search to "compel the production of or access to electronic communication information from a service provider" can only occur with a warrant or court order. Therefore, the statutory language does not appear to apply to searches of an internal network or email system maintained by the government entity itself. Interpreting the statute's restrictions otherwise would mean that a government entity that maintains its own network and email system needs a warrant or court order to search its own network and email system. We do not believe that is reasonable, nor what the Legislature intended through the passage of SB 178. Importantly, the statutory language does limit a government entity from searching an employee's personal electronic device and personal electronic information maintained by a service provider (e.g., personal email account such as Gmail or Yahoo). This is because when it comes to such electronic devices, the government entity is not the owner or the "authorized possessor" of the device. In the case of an employee's personally owned cell phone, the employee is the owner and/or "authorized possessor" of the cell phone and would either have to give permission to a government entity to search the device or the government entity would have to get a search warrant/court order to conduct such a search of the device.

Privacy Issues in the Workplace ©2021 (s) Liebert Cassidy Whitmore 150