Hey Eric! Can I spy on my former employee’s Facebook messenger account?

Asking for a friend, of course.

A bunch of your employees just resigned, set up a competing venture, plundered a bunch of your trade secrets, and have begun contacting your customers.

But, hold up!

Your IT administrator examined their company laptops and struck gold!

He reviewed one employee’s browser history, accessed the employee’s Facebook account without a password, and installed software that allowed him to monitor his Facebook activity (including Facebook Messenger) without detection.

Now, you’ve got inside access to every Facebook message that the former employees send to each other about the competing venture.

And sure enough, over the next few months, you learn even more about your former employees’ plans and what they did to secure your client information and intellectual property.

Lawsuit Time!

After some cease-and-desist letters, you file suit and get a temporary restraining order. Now, you need a preliminary injunction too to ensure that these former employees don’t continue to harm your business.

Except, there’s a problem.

The employees claim that you engaged in some dirty pool or, as we lawyer like to say, you’ve got ‘unclean hands’.

And, if you’ve got unclean hands, you may not be able to get that injunction.

Does the Facebook spying doom your lawsuit?

According to the Third Circuit Court of Appeals opinion, you’re still greenlit to pursue an injunction:

For the unclean hands doctrine to apply, there must be a relationship between the inequitable conduct and the claims brought before the court. In describing the relationship element, the unclean hands doctrine will bar recovery when such conduct has immediate and necessary relation to the equity sought. Thus, the doctrine only applies when there is a direct nexus between the bad conduct and the activities sought to be enjoined.

The court reasoned that the employer-plaintiff had valid claims against the employee-defendants regardless of whether it monitored Facebook. The information that the company obtained through the Facebook monitoring helped. But, even without it, the company had strong enough claims to prevail.

WARNING! Your mileage may vary.

One of the three Third Circuit judges deciding this case dissented because he was concerned about two things. First, it was not clear to him how the employer had managed to access the former employee’s Facebook account. In other words, he may have hacked it instead of gaining access through browser history. Second, the dissenting judge concluded that the employer had violated New Jersey state law by actively monitoring the employee’s private digital communications months after he resigned.

[Editor Note: It’s also possible that the defendant-employee may have a federal claim under the Stored Communications Act by accessing unlawfully accessing the employees Facebook Messenger messages.]

My greater point here is that before you turn IT loose on a former employee’s company laptop to find bread crumbs relating to unfair competition, or a discrimination lawsuit, or the like, you must answer a few questions:

• What do your policies and procedures say about employee use of company technology?
• What are you accessing? Is it browser history and company emails? Or are you logging in to an employee’s pop email account (e.g., Gmail, Yahoo)? If it’s the latter, you’re asking for trouble.
• What happens if you discover communications from your former employee to his/her attorney?