Could Your Company Be Liable for Child-Porn Viewing

As concerns grow about the prevalence of child pornography on the Internet, some observers warn that employers can be held liable for employees who view this material using company computers.

Given the ready availability of child pornography on the Internet, employers’ liability exposures are growing, the observers say.

“It’s a far-reaching issue” that behooves employers “to undertake even more vigilance than they have been advised to do so in the past,” says Bernard E. Jacques, a partner with law firm Pepe & Hazard in Hartford, Connecticut. “Fortunately, very few employees use the employer’s equipment to access illegal sites. But when they do, the employer faces substantial liability.”

Sherrie Travis, of law firm Sherrie Travis & Associates in Chicago, says the potential for lawsuits on this issue is relatively small, but just one case “can mean millions of dollars” in liability damages, so “it’s something you have to pay attention to.”

According to the U.S. Department of Justice, child pornography trafficking was almost eradicated by the mid-1980s, but then the Internet changed things dramatically. “The technological ease, lack of expense, and anonymity in obtaining and distributing child pornography has resulted in an explosion in the availability, accessibility and volume of child pornography,” according to the Justice Department.

It is likely that many individuals who view child pornography do so at work “because that’s where they are all day,” says Todd J. Shill, an attorney with Rhoads & Sinon in Harrisburg, Pennsylvania.

Employers can be held liable for negligent supervision or retention of such workers, in addition to failure to act if they discover an individual has been viewing pornography and do nothing, say observers. In addition, such material can provide plaintiff attorneys with powerful evidence in hostile work environment suits.

This is “such a dramatic and emotional issue, a judge as well as a jury are much more likely to search to find a remedy and for someone to blame,” Travis says. Because “the situation … tugs at everyone’s heartstrings, I think the employer who provides the equipment used to do this kind of thing can be swept up in that kind of emotionalism.”

It is illegal to download child pornography from a Web site under federal law, which calls for a mandatory minimum prison term of five years for receipt, possession or distribution of child pornography. The production or sale of child pornography carries a harsher prison sentence.

Seven states—Arkansas, Illinois, Missouri, North Carolina, Oklahoma, South Carolina and South Dakota—require information technology workers to report the discovery of child pornography to law enforcement officials, according to Gina M. Smith, a partner with Ballard Spahr in Philadelphia, citing information from the National Conference of State Legislatures. Failure to report such information could result in a fine or jail time.

Employees who uncover such pornography during an investigation or decide to destroy it “because they’re horrified by it and they think it’s disgusting” could face criminal charges “for having reviewed or possessed child porn, or for obstruction of justice,” says Philip L. Gordon, an attorney shareholder and chair of the privacy and data protection practice group with Littler Mendelson in Denver. The best course of action upon finding such images is to call law enforcement as soon as possible, he says.

Gordon says companies may be reluctant to report the discovery of child porn if the suspect is a high-ranking executive and the company wants to avoid embarrassment, but “the company itself is facing potential exposure to criminal prosecution for not reporting someone who’s engaging in child pornography using the company’s electronic resources,” Gordon says.

Many observers say a significant case in this area is Jane Doe v. XYC Corp. In that 2005 decision, the Appellate Division of New Jersey Superior Court held that an employer may have been negligent for failing to act when it learned an employee was downloading pornography. The suit was filed by the ex-wife of an employee who allegedly sent pornographic pictures of his stepdaughter to a child porn site. According to reports, the case was settled for an undisclosed amount. Attorneys could not be reached for comment.

Unrelated to the civil suit brought by the ex-wife, the man was arrested in connection with uploading pictures of his stepdaughter.

“The reasoning of the New Jersey court suggests that employers in all states can be held liable for an employee’s viewing child pornography,” Jacques says. The court based its decision on the common law of negligence, which “requires all of us to take reasonable steps to prevent harm to others.”

Others disagree about the case’s significance.

“A lot of people think that the case is going to be interpreted very, very narrowly,” says Robert J. Aalberts, a professor of legal studies at the University of Nevada, Las Vegas. “But it does indicate you’ve got to be careful and always exercise prudence.”

Ann E. Zerbe, a shareholder with York, Pennsylvania-based CGA Law Firm, says she expects more claims in this area in the future “just because the technology is constantly evolving and expanding.”

A company policy covering this is important, say observers. The policy should “flat-out ban any illegal use as well as inappropriate use” of computers, Jacques says.

Smith says the policy should establish that there is “no reasonable expectation of privacy when you’re using a company computer,” and spell out disciplinary actions for violating the policy.

“The courts are loath to hold employers responsible” if they have used such means as an annual training seminar to make it clear to employees what is considered inappropriate behavior, says Jonathan D. Bick, of counsel with law firm Brach Eichler in Roseland, New Jersey.

Observers say software is available to prevent access to child pornography sites, including programs that recognize keywords or those that measure the amount of skin shown in photographs.

Companies should ensure that any policy that is developed is followed, says William P. Perkins, a partner with Seyfarth Shaw in New York. “The best evidence for a plaintiff attorney is for a company to have a policy that’s not followed.”

An Internet usage policy that is not followed is almost as bad as having no policy at all, he says.

Also, “be very careful to monitor your employees in general,” Aalberts says. “You don’t have to be crazy about it, but just be aware that this sort of thing can go on in the workplace” and look into it “if there are any hints it is going on.”