Several years ago, the Athletic Director for Tulsa Public Schools made headlines over accessing an employee’s private e-mail account. According to police reports, the Athletic Director, and two people who worked for her, admitted to the school district’s attorney, that they found the employee’s password and accessed her personal e-mail account. Subsequently, the Chief of Tulsa Public School Police Department investigated this issue and recovered an envelope of the employee’s e-mails, including one labeled attorney/client privilege. The Athletic Director was charged in federal court with embezzlement. While these charges were unrelated to the e-mail issue, this situation emphasizes that accessing an employee’s personal e-mail account is serious business.
The Oklahoma Computer Crimes Act addresses computer crimes and is codified in 21 O.S. §1951-1959. Among other things, the Act prohibits the following:
Willfully, and without authorization, gaining or attempting to gain access to and to damage, modify, alter delete, destroy, copy, make use of, disclose, or take possession of a computer, computer system, or computer network.
Willfully, and without authorization, gaining or attempting to gain access to a computer, computer system, or computer network.
Willfully using a computer, computer system, or computer network to annoy, abuse, threaten or harass another person.
Municipal attorneys should ensure that their clients have comprehensive policies and procedures that address computer activities and access. The policies should address systems and devices owned by the municipality, as well as the employee. Care should be taken to ensure that supervisors are not exceeding their authority and that employees are well-informed about their responsibilities regarding municipal systems and e-mail accounts.