After Borchers left, Frigo directed his administrative assistant to check Borchers' computer for business-related information — and found Borchers' personal AOL account. Borchers' emails contained everything from spiteful feelings toward co-workers to intensions to take advantage of disability benefits. Upon realizing that Frigo had seen her emails, Borchers promptly withdrew her sexual harassment claim.
Then Borchers sued in state court, alleging violations under the federal Stored Communications Act. A state judge granted summary judgment to the employer, claiming that the administrative assistant did not act with wrongful intent. But the Illinois Appellate Court revived the privacy lawsuit, citing that the administrative assistant printed out more than 30 personal emails.
"The question is, if the device is company-issued, does that somehow raise the likelihood that the employee has no expectation of privacy? That may not be the case," says Heather Egan Sussman, co-head of the global privacy group at law firm McDermott Will & Emery. "It may be that the employee, because they're allowed to do some personal activity, retained some sort of an expectation of privacy."
More and more cases concerning employee privacy and intellectual-property theft on computers and mobile devices are bubbling to the surface. Whether it's employees claiming privacy violations or employers arguing theft, companies would be in a better position with COPE rather than BYOD. But, as the Borchers case illustrates, COPE alone doesn't keep companies out of hot water.
"If you allow personal use, then you're blurring the lines," Starkman says.
Sign up for Computerworld eNewsletters.