US Court Finds Failure to Police Employee's Misuse of the Internet Could Bring Liability

In a case with potentially wide implications, the New Jersey Appellate Division has ruled that an employer owes a duty of care to third parties who might be harmed by an employee's use of the Internet. In the case of Doe v XYC Corp (887 A (2d) 1156, decided December 27, 2005), an employee of the defendant XYC Corp used his employer's computers while at work to transmit child pornography depicting his 10 year old step-daughter. It was known to computer operations staff that the employee had often accessed pornographic web sites from the office. He had been warned about this, but little further investigation was carried out and nothing more was done to stop him. The employee had been photographing and molesting his step-daughter at their home and continued to do so. In an action brought by the girl's mother against the employer, a motions judge found in a summary judgment that the employer had no duty of care in relation to the actual molestation of the step-daughter. However, on appeal the plaintiff argued a different duty of care based on the transmission of the photographs on the Internet. The appellate court found that a duty exists to control an employee where the employer knows or ought to know that the employee is accessing child pornography via the company's computers. Based on its existing and well-known policies, the court found that the company should have investigated and determined that the employee was continuing to access child pornography. The defendant's Internet policy had removed any expectation of privacy that employees might have had in the use of the Internet (this latter point was confirmed only last week by the US Court of Appeals for the Ninth Circuit in USA v Ziegler, No 05-30177). In the Doe case, the court found that the employer had the right, ability, intention and therefore the obligation to investigate credible reports of improper use. However, the appellate court ruled there was insufficient evidence to find that actual harm to the step-daughter had been caused by the inaction of the employer. As a result, the case was remanded to the motions judge on that issue. If the principle enunciated by the appellate court were to become widely and firmly embedded in the common law, it would represent a new level of responsibility for employers in relation to employee use of communications systems. For several commentaries, see: http://www.elinfonet.com/casearticles/1380 For the decision, visit the blog "Concurring Opinions" at: http://www.concurringopinions.com/archives/2006/08/employer_liabil.html and click on the link to the full text. For the text of the USA v Ziegler decision, visit: http://www.ca9.uscourts.gov Summary by: Tom Feather