Strzok-Page Text Lawsuits Contain Lessons for Compliance
Last year, former FBI special agent Peter Strzok and former FBI lawyer Lisa Page both brought lawsuits against the agency and the Department of Justice, accusing the government of privacy violations. The lawsuits were based on the public release of 375 texts the two had sent to each other. Putting aside the politics of the situation, there are great lessons to the case for everyone whose work communications are monitored, as well as for the companies doing the monitoring.
First, some background.
Strzok was a veteran counterintelligence agent who helped lead FBI investigations into Hillary Clinton’s use of a private email server and ties between the Trump campaign and Russia. He was removed from special counsel Robert Mueller’s investigation of possible Trump-Russian collusion in 2017 after the texts, which could be seen as politically biased, came to light. He was later fired from the FBI. Page, with whom he was having an affair, had been involved in the Mueller probe at the beginning but left early on. She later resigned her position, noting the overwhelming pressure from the public disclosure of the texts.
While subsequent investigations found that the communications between Strzok and Page showed no evidence that they had done anything wrong, the damage was done. Both had suffered tremendous professional setbacks. And once their affair became public, both underwent personal turmoil for themselves, their spouses and children.
Their case is instructive on several levels:
1) There should be no expectation of privacy when it comes to work communications, whether they are in the form of emails, text or anything else.
The 375 texts that were released to the public had been sent over their agency-issued phones, so it should have been apparent to them that their employer would have access to their communications.
Remember, company employees who have the job of monitoring communications see everything, and on occasion, others may gain access as well.
Once released to the public, the texts ended up being the subject of tweets by President Donald Trump and were retweeted and favorited millions of times. That’s unlikely to happen to the average worker, but everyone should be aware that what you write will be seen by people beyond your target recipient. Page, in a tweet after bringing the lawsuit, complained that there were at least a dozen lawyers and investigators “poring over every text, email, and note I ever wrote.”
The best practice is to assume that every text, chat and email written may become known, so only communicate what is necessary and proper for work. Page and Strzok learned some painful lessons in carrying on their affair through their FBI phones.
2) The people who review work communications need to show sensitivity and discretion.
Unfortunately, in day-to-day life it is too convenient to use work email and phones to send personal communications. Few people like to carry and use separate devices or switch email accounts when dashing off a short note. So, like Page and Strzok, employees may include details of such non-work subjects as their love lives, medical issues and personal finances in work texts and emails.
It is important that the people who are the monitors of work communications understand that they really are looking into personal areas that in most cases should be private and never become known within an office. Managers need to make sure that these monitors show great discretion because any gossip or rumors that emerge could severely hurt office morale and performance.
3) Monitors should be aware that one part of their duties is to watch for situations that could become human resource issues.
While the main purpose of reviewing work communications is compliance with regulations, the people who are doing the reviews should be on watch for situations that could constitute workplace issues such as harassment and discrimination. A situation where someone is sending threatening messages to another employee, for instance, should not be ignored.
Companies need to develop policies that govern when reviewers should alert human resources to possible issues and how to handle communications in such cases.
Strzok and Page have paid severely for their indiscreet use of work communications.
When Strzok was fired, one reason listed in the dismissal letter was that he exercised bad judgment in using a work device to send the personal texts. Page’s lawsuit asserts that the disclosure of her messages caused a permanent loss of earning capacity due to the damage to her reputation. She also had to pay for a data-privacy service to attempt to protect the rest of her personal information, as well as therapy to cope with unwanted exposure and harassment.
In Congressional testimony, Strzok said he had the wrong expectation that the texts would not be made public. “I had no idea that this was going to happen and, darn, if I knew it, I never would have done it for sure.”
Compliance requirements are necessary and proper, but at times they can seem intrusive when employees and companies forget that all communications are monitored. It is best practice for everyone to remember the possibility of disclosure as well as the consequences.
Retain critical information in a single, secure, search-ready repository where it can be actively monitored and produced on-demand.
Share this post!
Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.