Information Technology and Workers' Privacy: The United States Law

Posted: 18 Feb 2004

See all articles by Matthew Finkin

Matthew Finkin

University of Illinois College of Law


There are almost no legal limits on an American employer's ability to deploy technical means to monitor employee performance and behavior in the workplace. The common law of wrongful invasion of privacy has almost no purchase in the work setting. Consequently, substantive legal constraints, such as they may be, must be found in discrete pieces of legislation, federal or state. These, too, for the most part are lacking: The federal Electronic Communications Privacy Act (ECPC), for example, exempts electronic monitoring done with the consent of the employee or in the "ordinary course" of the employer's business; and retrieval of communications stored in the employee's own system is specifically allowed. Only two states require written notice of computerized monitoring. One protective approach, recognizing that an employer's need to monitor and the forms which it might take vary enormously from workplace to workplace and job to job, would require prior consultation with (and, possibly, approval of) an independent body representing the affected employees. But, absent union representation, no such provision appears in the law of the United States; and, union representation is below ten percent of the civilian workforce.

Suggested Citation

Finkin, Matthew W., Information Technology and Workers' Privacy: The United States Law. Available at SSRN:

Matthew W. Finkin (Contact Author)

University of Illinois College of Law ( email )

504 E. Pennsylvania Avenue
Champaign, IL 61820
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics