June 19, 2011
Employer Who Fails to Consistently Enforce Computer Usage Policy Cannot use the Policy to Justify Dismissal -- Branson v. Harrah's
[Post by Venkat Balasubramani]
Branson v. Harrah's Tunica Corp., et al., 08-cv-02804-BBD-cgc (W.D. Tn; June 3, 2011) (decision)
Background: Branson was an employee with the Grand Casino for over ten years, from 1996 to 2007. Harrah's acquired Grand in 2006. He received uniformly favorable employment ratings. In March 2007, Grand employed three "table games shift managers," Branson, Rob Keene, and Denise Alford, each of whom reported to Darrell Pilant. Each manager had their own computer log-in, password, and Windows account. As Branson described it, he accidentally accessed the email account of one of the other managers and forwarded himself an email:
Plaintiff sat down to use a shared, work computer when he noticed an email from Alford to Pilant. Alford had apparently failed to log out of her email account, and the email appeared on the screen when Plaintiff touched the mouse. The email stated that [Branson] and Keene were speaking in front of Mitch Pate, a pit manager, about the performance of [their] subordinates. . . . Apparently two hours into his shift, [Branson] forwarded a copy of Alford's email first to his business email account and then to his personal email account so that he could access the email from home.
Branson told his boss what he had done, and Pilant looked into it. Pilant had the IT department investigate to verify what happened, and once he did, he informed Branson that Branson "violated several policies and the trust that Pilant had placed in [Branson]." Ultimately, Branson was given the option of resigning or being terminated, and he chose the first option. Although Branson resigned, Harrah's placed a notation in his employee file that he was "eligible for rehire."
Branson brought claims alleging that he was forced to resign because of his age.
Employer status: The first issue the court addressed was whether Harrah's Entertainment, Inc. and Harrah's Operating Company, Inc. were Branson's employer. There was testimony that Harrah's acquired Grand (where Branson originally started working) in 2006. After the acquisition, employees received a Harrah's handbook and W-2's which listed Harrah's as their employer. Additionally, defendants' own witnesses, who purported to be Grand employees, listed Harrah's as their employer on their LinkedIn pages. Based on this evidence, the court held that Harrah's Entertainment, Inc. and Harrah's Operating Company, Inc. were both Branson's employers for purposes of the ADEA. (Coincidentally, Harrah's also got burned by LinkedIn evidence in another case where a different plaintiff asserted age discrimination claims against Harrah's: "Contrary LinkedIn Evidence Crushes Witness' Testimony." The plaintiff in that case testified in this case as well.)
The ADEA claim: Resolution of the ADEA claim was the more interesting part of the ruling. The court found that plaintiff put forth a prima facie case--he was within the protected class, received favorable ratings, and was replaced by someone younger than him. It was up to defendants to put forth a non-discriminatory reason for the termination, and defendants relied on the fact that Branson violated Harrah's computer use policy by improperly accessing his co-worker's email and forwarding an email to his own business and personal account. The court found that this was a sufficient non-discriminatory reason for the termination, and shifted the burden to Branson in order to show pretext. The court concludes that he put forth sufficient evidence to satisfy his burden.
The court found that defendants typically followed a four step disciplinary process before terminating an employee and that "the evidence presented [did] not support the conclusion that [Branson's] conduct was serious enough to justify deviating from this process." In particular, the court found that:
employees did not receive training or instructions on how to use the Grand's computer system. [The witness-employees did not appear] to be familiar . . . with the policies that defendants cite[d] as justification for [Branson's] termination. Furthermore, the proof show[ed] that it was not uncommon for employees to each other's email accounts, and presumably each other's passwords on the shared work computer, without fear of suffering any disciplinary action.
The court also found defendants' explanation was contradictory in that if Branson was terminated for a serious issue, defendants would not have found that he was eligible to be rehired.
As an added bonus, the court finds that defendants' conduct was willful, or at best, with reckless disregard of whether it was in violation of the ADEA. The court smacks defendants with a whopping award of $361,363.42.
Accessing someone else's email is risky behavior and a potential violation of federal statutes which protect the privacy in electronic communications. This has gotten a few employers into trouble. In Pure Power Boot Camp v. Warrior Fitness Boot Camp, for example, ex-employees were awarded (admittedly nominal) damages when their former employer accessed their emails. (See "Ex-Employees Awarded $4,000 for Email Snooping by Employer.") You would think when an employee does something like this and admits to doing it, the employer would have no problem firing the employee for this. Defendants even had a written policy in place which the employee in this case violated when he accessed his co-worker's account. One would think that a violation of this policy would put defendants in a position to prevail at summary judgment if not deter the plaintiff from pursuing his claims in the first place. Here, despite having a policy in place, this still didn't allow the employer to use the policy violation to justify the termination. Why? The policy was not taken seriously or consistently enforced. Despite the potential seriousness of plaintiff's act, there was testimony in the case that other employees regularly violated the policy and were not subject to disciplinary measures.
A useful reminder that regardless of what network/social media policies you have in place, if you do not actually implement them, and enforce them in a consistent way, they may not be of much use at the end of the day.
Posted by Venkat at June 19, 2011 10:29 AM | Privacy/Security