Do employers in California have the right to monitor employees and track their employees’ whereabouts using GPS technology tracking devices?
The answer depends on whether, by doing so, the employer is infringing on the employee’s privacy rights.
To answer this question therefore requires a bit of a deep dive into the right of privacy, not only in California, but nationally because the “right of privacy” is different on both a federal and state level, and what might be acceptable under federal laws may not be acceptable under state laws (or vice versa).
So let’s unpack it a bit, because if you are a business owner in California who wants to do location tracking and you get this wrong, the penalties for wading illegally into these kinds of privacy issues can be very severe.
The Right of Privacy Under the United States Constitution
Yes, people like to think they have a legal “right of privacy,” and certainly we all have various expectations of privacy in our daily lives, but did you know that there actually is no explicit “right of privacy” in the United States Constitution?
No, the “right of privacy” was first enunciated, not in 1776, when the country was founded, not in 1781 when the Constitution was adopted, but almost two hundred years later. In 1965—in the landmark Supreme Court decision, Griswold v. Connecticut, the Court decided the federal Constitution protects the privacy right of married couples to buy and use contraceptives without interference by the government.
That is where the modern privacy right stems from—from whether or not you have the right to use contraceptives in the privacy of your own home; prior to 1965, that was a legally fuzzy issue if you can believe it.
Writing for the 7-2 majority, Justice William O. Douglas rhetorically asked, “Would we allow the police to search the sacred precincts of marital bedrooms for telltale signs of the use of contraceptives? The very idea is repulsive to the notions of privacy surrounding the marriage relationship.” Given that, the court found that, even if not explicitly stated in the Constitution or Bill of Rights, a “right of privacy” is nevertheless implied in the Fourth Amendment.
When you hear discussions and fights about abortion and Roe v Wade, it is this implicit federal right of privacy that is being debated.
Needless to say, the privacy rights of married couples under federal law are necessarily quite a bit different than those of employees and employers under state law, and in this case, it is state law that would be controlling.
The California Constitution
State constitutions generally, and the California Constitution specifically, are more explicit and expansive when it comes to giving citizens specific rights of privacy. This doesn’t mean you can’t track your employees’ whereabouts, it just means you need some familiarity with the law to get it right.
The first constitution in California was enacted in 1849, during the heady days of the gold rush. Altered and changed here and there over the years, the California Constitution was fundamentally amended in 1972 when the word “privacy” was specifically added to the list of “inalienable rights” guaranteed by the state’s constitution. It now reads,
1. Inalienable rights
Section 1. All people are by nature free and independent and have inalienable rights. Among these are enjoying and defending life and liberty, acquiring, possessing, and protecting property, and pursuing and obtaining safety, happiness, and privacy.
California’s privacy right has consistently been construed and interpreted more broadly than its federal counterpart, essentially because it was precisely mentioned in the state constitution as an “inalienable right.” It is not implied, it is not inferred, it is not a 200-year-old afterthought.
In California, the right of privacy is explicit and specific.
All of that said, no right is 100 percent guaranteed and fundamental. In California for example, while the state constitution seems to give employees the right to not have a tracking app of their employer's used without their consent, the state’s penal code does in fact open the door for the use of gps.
California Penal Code section 637.7 discusses this very issue. It states:
a) No person or entity in this state shall use an electronic tracking device to determine the location or movement of a person.
(b) This section shall not apply when the registered owner, lessor, or lessee of a vehicle has consented to the use of the electronic tracking device with respect to that vehicle.
(c) This section shall not apply to the lawful use of an electronic tracking device by a law enforcement agency.
(d) As used in this section, “electronic tracking device” means any device attached to a vehicle or other movable thing that reveals its location or movement by the transmission of electronic signals.
(e) A violation of this section is a misdemeanor.
Section 637.7(a) and (b) therefore seems to mean that it is illegal to track someone or their car without their consent, despite whatever business interests or business needs the company may profess.
But this is where things get sticky. Consider: If it is a company car, then it seems the company can give consent for a gps tracking device, because, after all, that is what section (b) above states. Right?
And it is here that I hate to sound like the lawyer I am, but the answer is, “maybe.”
Even if the company consents to have its company vehicle tracked, such tracking may nevertheless be a violation of either:
- Civil tort law, or
- A collective bargaining agreement, or
- The newly-enacted California Consumer Privacy Act (CCPA)
California Tort Law
“Torts” are one of those olde-English legal words that can sound complicated, but in actuality, it is not that at all. Tort simply means “wrongs.” Torts are wrongs done by one person or entity to another. A car accident is a tort.
So, am I saying that tracking an employee is a tort?
No, not exactly.
One can understand that there are in fact times when an employer might have a legitimate interest in tracking the whereabouts of its cars and the employees driving those cars. Is the employee working or goofing off? Is the work car being used for non-work purposes? Are the employees, customers, and the public safe with this driver? All legit.
Given that, when determining whether or not an employer has the right to electronically track an employee or automobile, the interests of the employer must also be taken into account. And if there is one thing that the law is good at, it is weighing various interests and striving to craft solutions that balance those interests.
If the issue is consent, and the owner of the car can give consent, one can see a scenario where an employer might be tempted to, say, give an employee a business car and consent to tracking—without the employee knowing.
Is that kosher? No. Despite whatever legitimate business reasons a company might say it has, doing so would be of dubious legality and give rise to an invasion of privacy claim.
Indeed, the employer might be subject to a lawsuit for invasion of privacy under California tort law. A civil tort claim for monetary damages has two requirements that must be proven:
- That there was an “intentional intrusion into a place, conversation or matter as to which the plaintiff has a reasonable expectation of privacy”; and that intrusion was done in a manner…
- …highly offensive to a reasonable person.
Does an employee have a reasonable expectation of privacy when driving a company car? It is tough to say. A court would look at all sorts of factors when trying to determine whether the GPS tracking of an employee was “highly offensive to a reasonable person,” including how often the employee used the car and for what purposes, whether it was used during non-work hours, how extensive the tracking was, what non-work, private information was collected, the reason for the company’s actions, and so on.
The California Consumer Privacy Act (CCPA)
So yes, residents and employees in California clearly have an expectation of privacy that is well-protected by the California Constitution. That said, as indicated, a weighing of interests is typical in the law, and in this regard, employers do have a reasonable right to want or need to track employees during work hours.
How to balance these competing interests?
One recent law passed in the Golden State has sought to clarify this sort of sticky situation with required disclosures, but again, as has been the case in California, the law clearly favors the right of privacy for the individual over any need-to-know by an employer.
The California Consumer Privacy Act (CCPA) mandates disclosures in certain circumstances and by certain businesses. According to Investopedia, the CCPA is akin to the recently-enacted strict privacy law passed by the European Union. Under this new law, while an employer might have a very limited right to track using GPS, California residents have the right to access what information is being collected about them, as well as rights of disclosure, and even the right to potentially have information about them deleted upon request.
The law does not make any distinctions between the rights of residents and the rights of employees—it applies equally to both. Accordingly, an employee has the right to ask his or her employer to disclose any personal information that is being, or has been, collected and how it is being used. They have the right to access that info or even have it deleted (if it is not necessary to be held for a legitimate business purpose.) Given that GPS tracking data would be considered “personal information” under the law, employers have an affirmative duty to disclose their GPS policies and collection data and delete if appropriate.
Here we can see that tracking employees in California is definitely possible, as long as you stay current on the laws and have a clear company policy.
How an Employer in California Can Legitimately Track Employees Using GPS Technology
Needless to say, the road to tracking employees using GPS devices in California is one that requires some legal know-how. If your business has legitimate reasons to track employees and/or vehicles, these would be your best practices:
- Create a written data collection/employee monitoring/ gps tracking policy and share it with your workforce.
- Confirm that you have no collective bargaining or other legal prohibitions against tracking.
- Disclose in writing your specific intent to track specific employees.
- Get the consent of those employees in writing.
- Track only as much as necessary, and only during business hours. Have the tracking device turned off during non-work hours.
- To the extent possible, track using anonymous ID numbers and not employee names.
- Note that public companies must comply with California Government Code section 53166, which states that “every local agency that operates cellular communications interception technology” has to enact security procedures and privacy policies to make sure that data and information collected remains private.
- Store all tracked information securely and limit access to such information strictly.
Sample GPS Policy
Your company's GPS tracking policy should contain the following:
- Disclose up front your intent to track employees and why.
- Disclose which employee positions/jobs will be tracked.
- Disclose the nature of the tracking device(s).
- Explain what data you will be tracking, collecting, and storing.
- Explain the limits of what you will be tracking (e.g., while at work only, not during off-hours).
- Explain how the data will be used, stored, and secured.
- Disclose who will have access to the data.
- Explain how your employees' privacy will be secured and maintained.
- Explain how long the data will be kept and when it will be destroyed.
- Get the employee's consent in writing.
This is one of those areas where DIY law is not recommended; speak with your company attorney, go over these points, and have them draft a policy for your business.