The National Labor Relations Board (NLRB) has continued its assault on businesses and their ability to legitimately protect their computer systems and information against unauthorized non-business use by employees.
A few weeks ago, I wrote 3 Important Points on Computer Policies in which I stressed (1) why your company must have them but (2) that such policy must comply with the NLRB’s Purple Communications case. The NLRB has struck again.
On May 3, 2016, an NLRB Administrative Law Judge struck down as overbroad a Computer Use Policy in Ceasars Entertainment Corporation d/b/a Rio All-Suites Hotel and Casino (NLRB Docket Sheet). The policy, titled Use of Company Systems, Equipment, and Resources, was part of the company handbook and stated that computer resources may not be used to do several things that were listed out and is standard in many similar policies. The NLRB decision (Decision) found that prohibitions against the following was illegal:
- Share confidential information with the general public, including discussing the company, its financial results or prospects, or the performance or value of company stock by using an internet message board to post any message, in whole or in part, or by engaging in an internet or online chatroom
- Convey or display anything fraudulent, pornographic, abusive, profane, offensive, libelous or slanderous
- Send chain letters or other forms of non-business information
- Solicit for personal gain or advancement of personal views
- Violate rules or policies of the Company
The NLRB found that prohibiting the conduct mentioned above made the policy overbroad and could effectively limit employees’ use of their employer’s email system to engage in Section 7 communications during nonworking time. Because of that, it found the employer has engaged in an unfair labor practice prohibited by the National Labor Relations Act.
Welcome to Wonderland.
______________________
Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud and data privacy law. He is a Cybersecurity & Data Protection Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.
Pardon a layperson, but isn’t it illegal for an employee to talk about a public company’s financial results publicly? I always thought that discussing a copany’ stock or financial performance could get you in all sorts of hot water with the SEC if you don’t know what you’re doing.
I get that the NLRB wants to protect an employee’s right to discuss working conditions and union activities without restraint — and I support that. But this seems a bit uch to me, too.
Deb, your insightful comments are always appreciated, thank you! To answer your question, yes, I believe it is illegal for employees to do that and, had the policy been very narrowly tailored and forbidden just that, using just that language, it probably would have passed muster on that prohibition. That gives rise to the bigger issue of what is at play here and that is, the NLRB is trying to take all of the ambiguity out of it and so that the policies are limited to prohibiting only very specific activities for very good reasons. The problem that I see is that it is impossible, for me or any other lawyer, sitting here at my desk today, to draft a policy that is precise and accurate, that covers all of the risks (now and in the future), and that isn’t hundreds of pages long or so “caveated” that is it impossible to decipher. If we did that, they’d strike down the policies by saying they were too cumbersome and burdensome to read and understand!