By JoAnn Victor

As a company, you take seriously your obligations to maintain a workplace free from harassment. You have a zero tolerance policy for harassment in the workplace. You hold regular training sessions on the topic, instruct employees to report any unwelcome behavior to a supervisor or someone in human resources, and require that your human resources team not only investigate claims of harassment but also that it remain current on related state and federal laws. Your employee handbook highlights the company’s firm commitment to a harassment-free work environment.

But what about employee communications made on websites and not on company time? Can the law punish employers for failure to pull the plug on electronic messaging that mocks or ridicules fellow employees? Do employers need to address employee behavior that not only occurs after hours, but which takes place miles away from the workplace?

While the law is still developing in this area, recent cases have shown that employers can be found liable even when electronic postings are made outside the workplace and even when they are putatively anonymous.

For instance, in Espinoza v. County of Orange, plaintiff, a California corrections officer, was born with a right hand that had stubs instead of fingers and a thumb. The plaintiff felt self-conscious and often kept his hand in his pocket. Eventually, he became the subject of two blogs outside of work that contained anonymous posts making numerous offensive and explicitly derogatory comments about his hand and that disparaged him as, among other offensive names, a “one handed bandit” and a “claw boy.” The website also contained numerous derogatory posts about other employees.

After someone tipped off Espinoza to the blog, he monitored its contents for several weeks and then reported it to his employer. In response, an IT manager was instructed to investigate the matter to assess which of the employer’s computers were used to access the blog, along with information on who was accessing the blog. The investigation showed that numerous employees had actually accessed the blog from the defendant’s computers using generic login passwords, while others were using identifiable names.

Thereafter, a supervisor e-mailed all employees criticizing the blog, requesting that employees “stop the nonsense” and describing the blog as “hurtful, destructive, and highly unprofessional.” The employer also blocked access to the offending blog on its work computers through use of a generic password. Nevertheless, employees could still access the blog using specific login names. Meanwhile, the names of those who were thought to be accessing and posting on the blog were given to Human Resources. In spite of the employer’s actions, a jury found the employer liable for harassment based on disability and failure to prevent the harassment. The jury awarded $820,000 in damages, including $500,000 for emotional distress.

The employer appealed, claiming that the blog postings should not have been considered by the jury because it involved conduct outside the physical workplace and was unauthorized “non-place activity.” The employer also argued that it had initiated a prompt investigation, notified its employees that the blogs were inappropriate, and had long-before established and promulgated antidiscrimination policies, as well as effective procedures to stop alleged harassment. It also had in place policies to prevent discrimination, including discrimination based on disability, and provided regular training for employees.

So where did the employer go wrong? The court of appeals found that the jury could have taken a number of factors into consideration that made the employer’s response to the harassment deficient under California law. Among other things, the blog postings continued for eight weeks after the employer began its investigation. Although the employer had the software to completely block access to the offending blog from its workplace computers, it had delayed doing so for nearly two months. Even then, the employer blocked only those individuals using generic logins but not users with specific logins. Further, although the employer had been given the names of the possible offending employees (and thus the potential violators of its anti-harassment policies), it failed to interview any of those individuals or even Espinoza himself. Once the blogging evidence was admitted at trial, it reinforced other evidence that Espinoza was subjected to harassment, such as testimony that coworkers would isolate Espinoza and mock his attempts to hide his hand. Plaintiff had also found the word “claw” written in several places at work, including on a utility cart he used, which once had the form of a claw smudged on the windshield.

It is not unusual for employees to spend their off-hours on social networking sites. However, on-line chatter can sometimes desensitize employees to the unacceptability and legal consequences of posting negative comments about colleagues. In turn, such exchanges can become an expensive diversion for employers who find themselves mired in a lawsuit over harassing or discriminatory remarks. Thus, while employees may think they have an unfettered right to speak their minds off the clock, employers need to draw a line when it implicates fellow employees in legally impermissible ways, such as when blogs and tweets foster a hostile work environment - despite the fact such activity occurs outside the physical workplace.

As a result, employee handbooks must be sure to include policies that pertain to online employee behavior both at and away from work, when such behavior implicates company policy against harassing behavior. Such policies should expressly prohibit the use of websites both in and outside the workplace to harass, impermissibly annoy, or discriminate against fellow employees. Employers may also want to consider providing their IT department with the capability to block access to, and the sharing of, harassing material on computers at the employer’s work site. Further, supervisors and their employees must be trained that the employer’s policy prohibiting harassment extends to off-duty, online conduct that creates an offensive or hostile work environment. To ignore this burgeoning area of potential liability can be painfully costly for employers and employees alike.