The federal District Court of New Jersey has allowed a former employee to sue her nonprofit employer for invasion of privacy for allegedly coercing another employee, who was her “friend” on Facebook, to reveal a Facebook posting to the employer who was not a friend and had no access to the posting.  (Ehling v. Monmouth-Ocean County Hospital Service Corp., No. 2:11-cv-03305, 5/30/12.)

Deborah Ehling, who was a registered nurse, paramedic and president of the employees’ union, claimed that she was retaliated against and ultimately terminated after she was “very proactive” in attempting to protect the rights and safety of members of the union.  She filed suit on a number of counts, and the employer moved to dismiss the claims for violation of privacy and wiretapping.  The Court has refused to dismiss the privacy claim.

Ehling maintained a Facebook account and invited many of her co-workers to be her “friends” so they could view her postings on her wall.  She did not invite any member of her employer’s management to become her friends.  According to the complaint, the employer gained access to her Facebook page by having a supervisor summon another employee who was one of her Facebook friends and “coercing, strong-arming, and/or threatening” the other employee into accessing her page and revealing her postings.

One of the postings that the employer saw and copied involved the treatment of a man who fatally shot a guard at the Holocaust Museum in Washington, D.C.  She “blamed” the District of Columbia paramedics for allowing the shooter to survive after he was shot by other guards.  “What were you thinking?” she asked. “This was your opportunity to really make a difference!”  For the other guards she said, “go to target practice.”

She claimed that her employer sent the posting to the state Board of Nursing and the state Department of Health in a “malicious” attempt to attack her, damage her reputation and employment opportunities, and potentially risk losing her nursing license and paramedic certification.

To state a cause of action for invasion of privacy under New Jersey law, the Court said, the plaintiff had to show (1) that her solitude, seclusion, or private affairs were intentionally infringed upon, and (2) that the infringement would highly offend a reasonable person.  Citing a state court case, it said that “expectations of privacy are established by general social norms and must be objectively reasonable—a plaintiff’s subjective belief that something is private is irrelevant.”

The Court said that privacy in social networking is an emerging but underdeveloped area of case law.  “There appears to be some consistency in the case law on the two ends of the privacy spectrum.  On one end of the spectrum, there are cases holding that there is no reasonable expectation of privacy for material posted to an unprotected website that anyone can view…. On the other end of the spectrum, there are cases holding that there is a reasonable expectation of privacy for individual, password-protected online communications.”

“What is clear,” it said, “is that privacy determinations are made on a case-by-case basis, in light of all the facts presented.”

In this case, the employee argued that she had a reasonable expectation of privacy in her Facebook posting because her comment was disclosed to a limited number of people she had individually invited to view a restricted access webpage.  Defendants argued that she could not have a reasonable expectation of privacy because the comment was disclosed to dozens, if not hundreds, of people.

The Court found that she had stated “a plausible claim for invasion of privacy especially given the open-ended nature of the case law.” It also said that reasonableness or offensiveness “are highly fact-sensitive inquiries” and not properly resolved on a motion to dismiss.

The Court dismissed the wiretapping claim because it said the state law protects only communications “in transmission” and the posting was in “post-transmission storage” and unprotected.

YOU NEED TO KNOW

If the cause of action for invasion of privacy is based on “intentional” infringement that would highly offend a reasonable person, it seems the allegation that the employer “coerced” another employee to provide access to information from which it had been purposely excluded goes a long way to stating the case.  It would be different if the other employee had brought the post to the employer because the other employee was concerned.  But particularly in the climate of general allegations of retaliation, I would find this type of coercion, if true, to be highly offensive.