Home > Uncategorized > A Landmark US Supreme Court Ruling

A Landmark US Supreme Court Ruling

We’ve been awaiting the U.S. Supreme Court’s ruling on the appeal in the Quon versus the Ontario, California case. You may remember that several years ago Sgt. Jeff Quon sued the city of Ontario, its police department and the police chief on the grounds that the police department read messages that he had both sent and received using his police department-issued pager. Quon claimed that he had an expectation of privacy based on the police department’s having an unwritten, implicit policy that employees’ messages would not be looked at if employees paid for any usage beyond a threshold level. According to Quon, the police department violated this expectation when his and others’ messages were read in connection with an audit conducted to ascertain whether a limit of 25,000 characters per month per pager was sufficient for conducting police department business. In a unanimous decision, the Supreme Court ruled that Quon could not sue the defendants because conducting an audit is a reasonable thing to do, regardless of whether Quon had an expectation of privacy.
This case has several very important implications for information security. The city of Ontario and its policy department were negligent in not creating and distributing a policy statement concerning expectation of privacy. All that existed was an informal, implied policy of which apparently police department members were aware (at least at a high level). The city and its policy department left themselves wide open legally and paid at least some of the consequences—having to go through multiple rounds of trials and the time and money involved therewith. Additionally, the city has a tarnished image because of the great amount of media exposure involved in this case. The point here is a good lesson for all, namely that employers need to write and distribute policies for employee use of computers (including handheld devices) that covers ownership, terms of use, whether or not use will be monitored, and other, similar provisions. If the city of Ontario had done this, they would almost certainly have avoided the ugly situation with Quon that led to rounds of litigation.
Additionally, the Supreme Court has ruled that conducting an audit was a “reasonable” thing to do, even if Quon and others had a “reasonable” expectation of privacy. I suspect that the fact that audits are so frequently conducted by so many organizations had a lot to do with the Supreme Court’s ruling. Perhaps also the fact that the purpose of the city of Ontario’s audit was not to single people out for questionable use of pagers, but rather to determine what a sensible number of characters sent and received is, had something to do with the Supreme Court’s decision. If on the other hand the audit had been conducted to analyze each individual user’s activity, the ruling might have gone the other way.
Oh, and by the way, Quon did not exactly help himself, either. The fact that he used a police department pager to carry on an extramarital affair did not exactly make him look like a model police office. Still, had the city of Ontario published a policy that forbad the use of any policy department computers and equipment in connection with pornographic materials, sexual activity and harassment, the city could very well have helped prevent or at least discourage the activity that ultimately led to the litigation. It is clear that there is more than enough blame among the parties involved to go around.
In the U.S. as well as in other countries with common law, law evolves according to precedents set in legal rulings. The Quon versus Ontario ruling has major implications for future court rulings concerning expectation of privacy on the part of users and “reasonable” activity on the part of an employer.
A final thought–if you work for an organization that has an “implied” policy concerning acceptable use or privacy, your organization may not be as lucky as the city of Ontario was if someone sues you for violating expectations.

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.