However in the case of workplace privacy or employee surveillance, as recognized by Payne & Adair which define an employment contract as an empowerment to employers to “treat employees as mere suppliers of labor with no recognition of them as persons entitled to personal autonomy". Thus, employees in the US have no real legal protection of personality except the Electronics Communications Privacy Act of 1986 (ECPA) which offers workers protection in communication privacy. The ECPA sets out the provisions for access, use, disclosure, interception and privacy protections of electronic communications. ECPA prohibits unlawful access and certain disclosures of communication contents. Additionally, the law prevents government entities from requiring disclosure of electronic communications from a provider without proper procedure. The law asks providers to offer written assurances that e-mails would be private so that a basis for reasonable expectation of privacy in the Katz test can be provided and so that they are an undertaking for reach of which service provider could be held liable.
Title 1 of the ECPA protects communication while in transit. Section 2511, prohibits the interception of an e-mail while it is being transmitted. Title II, the Stored Communications Act (SCA) protects messages stored on computers. Section 2701 prohibits the unauthorized access of an e-mail that is temporarily stored on a computer. In United States v/s Councilman, an argument occurred that if the ECPA did not protect e-mail in storage, then other protections were pointless as virtually all e-mail is stored temporarily in transit at least once. Title III prohibits the use recording of dialing, addressing and signaling information. However the loophole that is provided for the employer's benefit is that under the system provider exception, the system administrator, officer or provider can intercept and monitor. Also employers are allowed to monitor e-mail or phone calls for 'business' purposes.
US laws as such have taken decision varying on a case to case basis. Generally speaking, it is difficult to persuade the court that the employer is invading in the employee's legitimate expectation of privacy in the workplace as the systems are owned by the employer. In Fraser v/s Nationwide Mutual Insurance Company, the Court of Appeal ruled that since Fraser's e-mails were stored on the Nationwide system, any search by the company was authorized by an exemption in the ECPA for e-mail service providers. It was held that Nationwide did not violate statutory prohibitions against intercepting e-mails.
The common law tort of invasion of privacy defines invasion of privacy as: “...intentionally intruding, physically or otherwise, upon the solitude or seclusion of another..., if the intrusion would be highly offensive to a reasonable person." The two problems that arouse here is that the employee must have a reasonable expectation of privacy and the intrusion would be very offensive to the person.
In McLaren v/s Microsoft, as part of his employment, Microsoft made available to McLaren the use of an e-mail system owned and administered by Microsoft. McLaren had the right to store e-mail and protect it with a password. Due to suspicion, Microsoft broke into his personal folder. McLaren argued that the folder should have been treated as a secure storage locker and that he expected a reasonable expectation of privacy. This was overruled by the court that held that since the mail first came to the folder and then moved to the protected folder, it was subject to inspection and McLaren should have had no expectation of privacy. In determining if whether the invasion was or was not offensive, the court recognized the importance of whether the act was justified. The fact that McLaren was under investigation, and that he had notified Microsoft about the e-mail's relevance to the investigation, clearly supported the court’s finding that Microsoft’s was justified.