I.T. Updates

Changes in the Law Affecting I.T.



Information Technology Updates



The following topics are discussed below:

      Corporate Computer Policies


All companies should have computer use policies governing their employees’ use of the company computers to protect against theft of company data. Protection from employee theft includes 1) preventing employees from claiming their privacy was infringed by the company when the company investigates theft, and 2) rules governing employees access to company computers.

Employees have an expectation of privacy in using the company computers for personal reasons, but that expectation can be governed by the company setting policies describing limits to the employees’ privacy rights. This is very important if the company believes an employee has stolen company information from the computer.

In one U.S. Court of Appeals decision, the court ruled that an informal policy that pagers would not be audited if text messages did not exceed limits relating to additional charges overrode a written policy allowing employer monitoring and the information was considered employer property. Quon v. Arch Wireless Operating Co. Inc.,, 529 F.3d 892 (9th Cir. 2008).

Another appellate decision found that the employer could not seize and retain personal e-mails sent through the company’s computer via the employee’s personal, web-based email account because the company’s policy did not define the company’s systems and services and because the policy expressly recognized that occasional personal use was permitted. As a result of these ambiguities, the court ruled the employee could assume her e-mails to her attorney would be confidential. Stengart v. Loving Care Agency Inc., 408 N.J. Super. 54 (NH.J. App. Div. 2009.

Another decision involved a company wanting to use evidence found on its computers to sue a “disloyal” employee under the federal Computer Fraud and Abuse Act (“CFAA”) to retrieve the stolen data and stop its distribution in the marketplace. To prove a violation of that Act, the employer must usually prove the violator accessed the computer “without authorization” or “exceeding authorized access.” Unlike in other Circuit Court of Appeals, this court ruled that just because the employee violates his duty of loyalty by stealing the company’s data, that did not terminate the employee’s authorization to access the company’s computers. LVRC Holding LLC v. Brekka, 581 F.3d 1127 (9th Cir. 2009). This case demonstrates that employers need to have policies that provide for rules of computer access and state what is forbidden.

Company policies should: 1) define the systems covered by the policy; 2) all data created by personal use belongs to the company; 3) review how the company actually authorizes use that may be contrary to the policy; and 4) state what the employees are authorized to do and cannot do, such as steal data.

See also TIME TO REVIEW CORPORATE COMPUTER POLICIES, Nick Akerman, The National Law Journal, February 1, 2010, page 17.

      Trademarks & Facebook


Social media such as Facebook and Twitter are very popular, including with your customers and employees, and can provide very good marketing and promotional opportunities. Companies that own brands should have policies and agreements stating when employees, affiliates and licensees may mention the company and its brand name, who is the authorized representative for the company, and who within the company must review and approve the content that mentions or concerns the brand before it is posted.

Companies may need to monitor the most important social media sites for infringement of their trademarks, such as copying a trademark or logo, derogatory remarks, or misleading information. Companies will need to know how to address issues via the websites’ complaint tools through cease and desist to litigation, as necessary.

See also “Protecting marks in the Wild West of Web 2.0”, Brian J. Winterfeldt, The National Law Journal, November 30, 2009, page S3.

      Text Messages & Harassment


Text messages on telephones are being used more and more as evidence in sexual harassment and other litigation, even after deletion from the telephone. Text messages create an electronic record that are being used to prove claims, and can be a liability to employers, including showing there is a hostile work environment. But it can also be shown that sexual talk via text messaging is consensual. Text messages that appear humorous to some employees may be offensive to other employees.

Company reviews of text messages are most often done after a complaint is filed. There are privacy issues, especially if the employee owns the devices and is reimbursed by the employer.

Employers should have policies on harassment on company time and using company equipment.

See “Text messages bolster claims in bias suits”, Tresa Baldas, The National Law Journal, July 20, 2009, page 1 The National Law Journal, February 1, 2010, page 17.

      Web Hosts Liability


In August, 2009, two web hosting companies were held liable for contributory infringement for aiding and abetting sellers of counterfeit goods. A jury awarded a $32 million judgment on behalf of Louis Vuitton. The web hosts had been given many warnings about counterfeiting but did nothing about it. The web hosts allegedly knew that online merchants used their services to sell counterfeit goods.

Under a 1982 U.S. Supreme Court case, if a company “continues to supply its product to one whom it knows or has reason to know is engaging in trademark infringement, [that company] is contributorily responsible for any harm done as a result of the deceit.”

In 2008, a federal court ruled that eBay did not have responsibility to police its site for counterfeit goods, instead it was the duty of the trademark holders to do so. However, eBay promptly takes down an infringing item when the trademark owner complains, unlike the two web hosting business above. This case is under appeal.

See also “Add knowoff handbags to Web hosts’ woes”, Treasa Baldas, The National Law Journal, September 28, 2009, page 4.

      Top-Level Domain Name


The Internet Corp. for Assigned Names and Numbers (ICANN) indicates it will issue generic top-level domain names beyond the current 21 top-level domain names such as .net, .org and .com. Trademark owners can use their trademarks as top level domain names. The application process will begin in 2010, with a fee of $185,000. Only established corporations, organizations and institutions may apply, but not sole proprietorships or individuals. Companies should create trademark rights for domain-name registry services to protect themselves from competing applicants.

See also “Registering marks as top-level domain names”, Robert Horowitz, The National Law Journal, November 30, 2009, page S2.