“Prying by means of casual interrogation of acquaintances of the object of the prying must be distinguished from eavesdropping, electronically or otherwise, on a person’s conversations. A in conversation with B disparages C. If C has a right to hear this conversation, A, in choosing the words he uses to B, will have to consider the possible reactions of C. Conversation will be more costly because of the external effects, and the increased costs will result in less, and less effective, communication. After people adjust to this new world of public conversation, even the C’s of the world will cease to derive much benefit in the way of greater information from conversational publicity, for people will be more guarded in their speech. The principal effect of publicity will be to make conversation more formal and communication less effective rather than to increase the knowledge of interested third parties.”

7.11 An illustration which shows that safeguarding privacy would facilitate full and frank communication is the waiver provision in the United States Family Educational Rights and Privacy Act of 1974.[275] That law gives students a right to inspect and review confidential letters of recommendation written about them, unless they waive in advance their right to inspect or review. The overwhelming majority of students execute such waivers because they know that the value of a letter of recommendation to which they have access is much less than that of a private letter of recommendation.

7.12 We note that many conscientious reporters are reluctant to gather news by privacy-invasive means but nevertheless feel obliged to comply with the instructions of their superiors. If the use of intrusive means to obtain personal information is made unlawful by a statutory tort of privacy, it would operate to protect the journalists as well as ordinary citizens.

7.13 In order to protect the fundamental rights and freedoms guaranteed under the Basic Law and to impose civil liability for illegitimate surveillance whether conducted with or without the assistance of technical devices, a tort of invasion of privacy by intrusion should be created by statute. This would remove the need for the individual who is aggrieved by an invasion of privacy to seek relief by relying on a right of action in tort which is not primarily designed for the protection of individual privacy.

Intrusion upon the “solitude” or “seclusion” of another

7.14 Intrusion upon seclusion or solitude is actionable in the American courts. The Restatement of the Law of Torts in the United States[276] defines the intrusion tort as follows:

“One who intentionally intrudes, physically or otherwise, upon the solitude or seclusion of another or his private affairs or concerns, is subject to liability to the other for invasion of his privacy, if the intrusion would be highly offensive to a reasonable person.”

7.15 This tort requires proof of:

“Seclude 1. Shut off, obstruct the access to (a thing). ... 2. Shut or keep out from; deny entrance to; debar (from); prevent from doing. b. Prohibit (something), preclude. ..... 5. Enclose, confine, or shut off so as to prevent access or influence from outside; spec. hide or screen from public view; refl. live in retirement or solitude. ... 6. Separate, keep apart. ... .”

“secluded a. that has been secluded; (of a place) remote, screened from observation or access, seldom visited on account of distance or difficulty of approach ...”

“seclusion 1. The action of secluding something or someone. ... 2. The condition or state of being secluded; retirement, privacy; a period of this. ...”

“solitary A. adj. 1. Of a person or animal: unaccompanied; deprived of or avoiding the society of others; keeping apart or aloof; living alone. b. Sole, single; unsupported, unparalleled. 2. Of a place: remote, unfrequented, secluded, lonely. 3. Of an action, state, etc.: characterized by the absence of all companionship or society. ...”

“solitude 1. The state of being or living alone, solitariness. Later also, absence of life or disturbance. 2. A lonely, unfrequented, or uninhabited place. ...”

7.17 An individual has a reasonable expectation of privacy when in a state of solitude or seclusion. He must be able to retreat from time to time into his private spaces to work, relax or recover. One of the main functions of privacy is to keep certain aspects of an individual’s life or body out of the public realm. According to this view, a person experiences privacy when he is neither looked at nor listened to against his wish.[277] Another way to put it is that he experiences privacy when his private life is not exposed to the senses of others.

7.18 We think that individuals should be free to indulge in their personal preferences in sex, religion, reading, research, play or manner of communication in settings where they are not aurally or visually accessible to others. The ability to choose the circles in which we carry on such activities and to control the dissemination of personal information is important to a society which places a high value on liberal individualism.

7.19 One way to protect privacy is to prevent other people from gaining unwanted access to an individual. According to Ruth Gavison, an individual loses privacy when others gain physical access to him:

“Physical access here means physical proximity - that Y is close enough to touch or observe X through normal use of his senses. ... The following situations involving loss of privacy can best be understood in terms of physical access: (a) a stranger who gains entrance to a woman’s home on false pretenses in order to watch her giving birth; (b) Peeping Toms; (c) a stranger who chooses to sit on ‘our’ bench, even though the park is full of empty benches; and (d) a move from a single-person office to a much larger one that must be shared with a colleague. In each of these cases, the essence of the complaint is not that more information about us has been acquired, nor that more attention has been drawn to us, but that our spatial aloneness has been diminished.”[278]

7.20 Loss of privacy is often accompanied by an increase of knowledge about the subject. This increases the ability of the possessor of that knowledge to manipulate or exercise control over the subject: “by possessing information about B that B does not want known, A will have greater power over B and, concomitantly, B will have less power over A.”[279] Protecting the privacy of B will enable him to enjoy a greater degree of freedom of action.

7.21 Insofar as the right to privacy entails the liberty of the individual to restrict physical access to his person or his private affairs or concerns, and to avoid the society of others by retiring himself into a state of being or living alone, the law should protect the individual’s interests in seclusion and solitude by creating a tort of invasion of privacy by intrusion upon the seclusion or solitude of others. The claims for solitude and seclusion should be recognised not only because personal information should be protected from unauthorized acquisition but also because it serves to meet the basic needs such as relaxation and freedom from inhibition. No publication or communication to third persons is required where the invasion consists of an intrusion upon an individual’s seclusion or solitude.[280]

Intrusion

7.22 To be actionable for the intrusion tort, there must be something in the nature of prying or intrusion. Offensive manners and insulting gestures should not be enough. Moreover, the thing into which there is prying or intrusion must be private. Prosser and Keeton on Torts states:

“The plaintiff has no right to complain when his pretrial testimony is recorded, or when the police, acting within their powers, take his photograph, fingerprints or measurements, or when there is inspection and public disclosure of corporate records which he is required by law to keep and make available. On the public street, or in any other public place, the plaintiff has no legal right to be alone; and it is no invasion of his privacy to do no more than follow him about and watch him there. Neither is it such an invasion to take his photograph in such a place, since this amounts to nothing more than making a record, not differing essentially from a full written description, of a public sight which anyone would be free to see. On the other hand, when the plaintiff is confined to a hospital bed, and when he is merely in the seclusion of his home, the making of a photograph is an invasion of a private right, of which he is entitled to complain.”[281]

7.23 We think that whether an intrusion amounts to an invasion of privacy depends on whether the individual has a reasonable or legitimate expectation of privacy. We agree with the view adopted by the United States courts that a person has a reasonable expectation of privacy if (a) he, by his conduct, has exhibited an actual (or subjective) expectation of privacy, that is, he has shown that he seeks to preserve something as private; and (b) his subjective expectation of privacy is one that society is prepared to recognise as reasonable, that is, the expectation, viewed objectively, is justifiable under the circumstances.[282] An individual does not have a subjective expectation of privacy if he has been put on notice that his activities in a particular place would be watched by others for a legitimate purpose. Factors determining the reasonableness of an expectation of privacy include: (a) whether the area is generally accessible to the public; (b) whether the individual has a proprietary interest in the area; (c) how the area is used; and (d) the general understanding of society that certain areas deserve the most scrupulous protection from intrusion.[283]

Physical intrusion

7.24 Where a person has secluded himself in his home or office or in a room in a hotel or hospital, he should have a right to bring an action against any one who ignores his objection and, without any proper authority, forces his way into the premises. Whether the place in which a person has secluded himself is private or public in nature is immaterial. The question of ownership is not decisive when it comes to the protection of privacy. A person is entitled to the privacy of his room or flat in which he has lawfully secluded himself even though he has no proprietary interest in it. The classic example of physical intrusion is the placement of a transmitting device inside the target premises. But eavesdropping may also be carried out by attaching a microphone to the outside of a window or by fixing a bug anywhere on the phone line. In Katz v United States,[284] FBI agents attached an electronic listening device to the outside of a glass telephone booth. Stewart J stated that:

“the Fourth Amendment protects people, not places. What a person knowingly exposes to the public, even in his own home or office, is not a subject of Fourth Amendment protection. ... But what he seeks to preserve as private, even in an area accessible to the public, may be constitutionally protected.”[285]

7.25 Although the person using the telephone booth was visible to the public, what he sought to exclude was not the intruding eye but the uninvited ear. Taking a photograph of two persons sitting inside a private car who are visible to the public is one thing; but placing an electronic device in the vehicle compartment for the purposes of listening and recording their conversations inside the compartment is another. The Supreme Court of the United States held that the surveillance in the Katz case was a “search” under the Fourth Amendment. We may add that although the right to privacy protects people, not places, the place where the intrusion occurs is also a major consideration. The level of privacy an individual expects depends on where he is and on the norms that society has prescribed for places of the same kind.

Non-physical intrusion

7.26 Apart from physical intrusion on a person’s home or room, non-physical intrusions such as looking onto a person’s private property and eavesdropping on private conversations are also objectionable. A person who surreptitiously overhears or observes the private affairs of another by the use of his senses, whether with or without the use of technical aids, intrudes upon another’s solitude or seclusion even though he has not trespassed on another’s property. If the intrusion tort is limited to physical intrusions, persons who conduct visual or aural surveillance without encroaching upon the premises in which the target is located or otherwise interfering with the target’s property would be able to avoid liability. This would be unjust to the persons who are subjected to surveillance. Peeping into a bedroom or overhearing a private conversation conducted inside a bedroom without technical aid is no less invasive than placing or using a surveillance device in the bedroom. The tort should therefore cover both physical and non-physical intrusions.

7.27 Non-physical intrusion may be effected by surveillance devices which do not need to physically intrude on property or come close to the target. These devices operate by intercepting at a distance information transmitted by satellite, microwave and radio, including mobile telephone transmissions. Some devices may even intercept electromagnetic radiation emitted from electronic equipment. Electronic devices such as computers and printers emit radiation through the air or through wires. A private detective can monitor and retrieve information in any electronic device while it is being processed without the knowledge of the user. Emanation monitoring is difficult to detect because it is passive and can be done at a distance from the target. Although much of such electromagnetic radiation is not intended to transmit information, the intercepted material may be reconstructed into useful intelligence. It is now technically possible to reconstruct the contents of computer terminal screens, the contents of a computer’s memory, or the contents of its mass storage devices at a distance.[286]

7.28 The Commission report on the regulation of interception of communications recommends that the interception of telecommunications while the messages are in the course of transmission be a crime. Telecommunications presuppose the existence of a sender and a recipient. The word “telecommunications” indicates that the sender is seeking to send signals or messages to the intended recipient by electronic equipment; it does not refer to the inadvertent emission of electromagnetic radiation. Insofar as emanated transient electromagnetic pulses are not telecommunications nor would they be regarded as a form of communication, the monitoring of electromagnetic emanations of electronic equipment would not be covered by the proposed interception offence. We think that such monitoring should give rise to liability in tort.

Aural surveillance

7.29 Aural surveillance generally refers to the surreptitious overhearing, either directly by ear or by means of some technical device such as a wiretap, microphone or amplifier, of conversations, or the preservation of such conversations by a recording device. Eavesdropping on private conversations intrudes on the solitude and seclusion of the parties to the conversations and enables the eavesdropper to pry into another’s private affairs. It constitutes an invasion of privacy and the victim should be able to maintain a civil action against the eavesdropper. The European Court of Human Rights recently held that intercepting telephone calls from an office in a police headquarters amounted to a breach of privacy under Article 8 of the European Convention on Human Rights.[287]

7.30 A victim of the interception offence proposed in the Commission report on Interception of Communications would have a right of action against the accused for invasion of privacy. Failure to impose liability on the eavesdropper would effectively deny the individual other rights and freedoms guaranteed under the Basic Law.[288] In Rhodes v Graham, which involved the tapping of a telephone line, the court held that-

“[i]t is the legal right of every man to enjoy social and business relations with his friends, neighbors, and acquaintances, and he is entitled to converse with them without molestation by intruders. ... The evil incident to the invasion of the privacy of the telephone is as great as that occasioned by unwarranted publicity in newspapers and by other means of a man’s private affairs for which courts have granted the injured person redress. Whenever a telephone line is tapped, the privacy of those talking over the line is invaded and conversations wholly proper and confidential may be overheard.”[289]

7.31 Eavesdropping by amplifying, transmitting or recording device is equally offensive. In McDaniel v Atlanta,[290] the defendant caused a listening device to be installed in the plaintiff’s hospital room in which personal and private conversations with her husband, nurses and friends were held. As a result, what was said and done by the plaintiff was listened to and recorded by the defendant. The court held that the defendant’s conduct was “as effectively an intrusion upon or an invasion of privacy of the plaintiff as if the agent had actually been in the room.” Similarly in Hamberger v Eastman,[291] the landlord had installed an eavesdropping device in the bedroom of the plaintiffs who were a husband and wife. The plaintiffs alleged that as a result of the discovery of the device, they were “greatly distressed, humiliated, and embarrassed,” and that they sustained “intense and severe mental suffering and distress, and have been rendered extremely nervous and upset.” The court held that it was highly offensive to intrude into marital bedrooms. It also ruled that an invasion of privacy is “an injury to personality. It impairs the mental peace and comfort of the individual and may produce suffering more acute than that produced by a mere bodily injury.”[292]

7.32 An individual’s right to privacy does not automatically cease when he leaves the confines of his home or other secluded premises. Intrusion by eavesdropping may occur in public places as well as private premises. A conversation between two persons sitting on a bench in a public park with no one sitting or standing nearby should be protected even though it is conducted in a public place. Granting legal protection to that conversation is in accordance with the reasonable expectations of the individuals because the words spoken are not sufficiently in the public domain as to justify their being overheard by another.

Visual surveillance

7.33 The respondents to the Baseline Opinion Survey commissioned by the Privacy Commissioner considered the opening of their personal mail by another and the taking of pictures of them through a window by an outsider as highly invasive.[293] Whether visual observation of a person or his personal property amounts to an intrusion upon another’s seclusion depends mainly on whether the individual has a reasonable expectation of privacy in the area in which he or his property is located. Where a picture of an individual is taken in a public place, it is most unlikely that his right to privacy has been violated, even though it is taken without his consent and may annoy him.[294] An individual has a reasonable expectation of privacy as to visual surveillance only when he is in areas not visible to the general public. He has no reasonable expectations of privacy if he allows himself or places his personal property in such a position that he or his property is readily accessible to the public. Surveillance through an open window of an individual’s home constitutes no invasion of privacy because any information acquired thereby is knowingly exposed by him.[295] Under this plain view doctrine, much of a vehicle’s interior is within the plain view of passers-by and is not protected from intrusion by curious onlookers.[296] A driver cannot complain if a journalist takes a picture of him driving the vehicle on the road. Nor can the shopowner complain if a journalist spots him selling prohibited drugs to customers over the counter which is accessible to the public. Where the individual or his property is in plain view and is perceptible to the naked eye, others may use binoculars or long-lens cameras to observe or record without infringing the individual’s expectation of privacy. However, there is an invasion of privacy if a technical device is used to collect data which would otherwise be shielded from observation but for the use of the device.[297]

7.34 In X v United Kingdom,[298]the applicant took part in a demonstration during a rugby match. She was photographed during the demonstration and again at the police station. The European Commission of Human Rights found that the taking and retention of the photographs did not interfere with her private life because the authorities had not entered her home and taken photographs of her there; the photographs related to a public incident in which she participated voluntarily; they were taken solely for the purpose of her future identification on similar public occasions; and there was no suggestion that the photographs would be made public or used for any other purpose.[299]

7.35 Where the photograph is taken within the privacy of a person’s home or hospital room, the photographer should normally be liable for invasion of privacy.[300] The taking of photographs of another on a “private occasion” is also objectionable. The Court of Appeal in Oriental Press Group Ltd v Apple Daily Ltd noted that “[p]ublic sentiment has turned, or seems to be turning, against those who are guilty of invasion of the privacy of public figures by taking their photographs on private occasions without their consent and then selling those photographs for large sums”.[301] In the aftermath of the tragic death of the Princess of Wales, Alan Rusbridger, editor of The Guardian, went so far as saying that “a woman going out with a boyfriend for dinner is not by any conceivable stretch of the imagination a public occasion.”[302] While we may not support this, we do agree that the fact that an individual is a public figure does not mean that reporters could freely take photographs of him wherever he goes.

7.36 There are some matters about an individual which are not exhibited to public gaze even though he is in a public place.[303] An example is a person’s underwear or lack of it. An intrusion into such matters is an invasion of privacy whether or not it takes place in a public place provided that the individual has sought to preserve their privacy wherever he goes. Thus, where a woman has taken precautions to protect her underwear from public view by wearing a skirt, other persons should not use covert means to observe or record data relating to her underwear. A person who takes a picture of her underwear should be liable for infringing her right of privacy no matter where the infringement takes place. However, no liability should be attached if a photograph is taken of a woman whose skirt is accidentally blown up by the wind. Some people put the blame on the individuals concerned for not putting on proper clothing. We agree that if a woman wears a mini-skirt which is so short that her underwear is easily exposed to public view, she may be taken as having waived her privacy as far as her underwear is concerned, or be held as having a lower expectation of privacy than those wearing a longer skirt.

7.37 It has been suggested that gathering news by taking photographs of individuals is acceptable as long as the reporter does not obstruct the activities being carried out by the person photographed.[304] This suggestion runs the risk of legitimizing the unauthorized installation or use of hidden devices within or without private premises by reporters notwithstanding that it constitutes a gross violation of the right of privacy.

7.38 We conclude that a person should be liable when he has intruded into a private place, or has otherwise invaded a private seclusion that the subject of intrusion has thrown about his person or affairs. A journalist who enters a person’s home or office by subterfuge or without consent to take a photograph should be liable for the intrusion tort.[305] Although the publications of material obtained by the intrusion may be justified if the publication is in the public interest, the legality of the subsequent publication does not affect the journalist’s liability for the original intrusion. A person should not be exempt from liability for unauthorized intrusion merely because the eventual disclosure can be justified in the public interest.[306]

Aerial surveillance

7.39 Aerial observation does not constitute an intrusion unless the individual has a reasonable expectation of privacy in the area exposed to aerial view. The factors which are taken into consideration by the American courts in determining whether warrantless aerial surveillance constitutes a “search” for the purposes of the Fourth Amendment are: “the height of the aircraft, the size of the objects observed, the nature of the area observed, including the uses to which it is put, the frequency of flights over the area, and the frequency and duration of the surveillance.”[307]

Intrusion into the private affairs or concerns of another

7.40 “Peeping Toms” and those who open another’s private and personal mail or examine another’s personal belongings such as diaries, handbags and private bank accounts should be liable for invasion of privacy by intrusion into another’s private affairs or concerns. Intrusions of this nature may take place in a private or public place.

Harassment

7.41 Whether unsolicited mails, house calls or telephone calls amount to intrusion depends on a number of factors:

Intrusion and the acquisition of personal information

7.43 An interference with private life does not necessarily involve an acquisition of personal information. Overhearing or observing an individual in circumstances where he has reasonable expectations of privacy is objectionable even though the person overhearing or observing does not acquire any sensitive or intimate information about him. The objection has no necessary connection with the quality of information obtained.[311] It is more to do with the loss of control over what, when and how information about the individual is disclosed. The acquisition of personal information should not be an element of the intrusion tort.

The basis of liability

7.44 The UK Consultation Paper examined whether a defendant should be liable only if he intended to invade the plaintiff’s privacy, or if he was reckless or negligent, or whether there should be strict liability, so that the defendant would be liable even though he could not be said to be at fault. The defendant may be said to be reckless in invading the plaintiff’s privacy if he has created a risk that the plaintiff’s privacy would be intruded upon and yet has gone on to take the risk, or has not given any thought to the possibility of there being any such risk. We think that indifference to the consequences of an invasion of privacy is as culpable as intentionally invading another’s privacy. The UK Consultation Paper commented that to limit liability to cases of intention would unduly restrict plaintiffs’ right to a remedy, but that the balance would be tilted too much in their favour if the tort were made one of strict liability. It suggested that the defendant should be liable where the infringement was caused intentionally, recklessly or negligently.[312]

7.45 There are two routes to establishing a claim against the defendant. The first is for the plaintiff to prove that the invasion was caused by the defendant intentionally or recklessly. The alternative is to hold the defendant liable regardless of his intention whenever the plaintiff is able to prove that he has invaded the plaintiff’s privacy. It is then up to the defendant to show that the invasion is innocent. For example, the statute may provide for a defence that “the defendant, having exercised reasonable care, neither knew nor should reasonably have known that the act, conduct or publication constituting the invasion would have invaded the privacy of any person.”[313]

7.46 We believe that it is better to place the burden on the plaintiff to prove all the elements of the tort, rather than for the defendant to prove that the intrusion is innocent. We agree that the plaintiff should not be allowed to recover if the intrusion was accidental or the defendant was merely negligent. The law should require that the intrusion was either intentional or reckless. The court may infer that the defendant committed the tort intentionally if he knew or ought to have known that the exposure of plaintiff’s private matters would follow from the his wrongful act.

Offensiveness to a reasonable person

7.47 Not every invasion of privacy warrants the imposition of civil liability. The bringing of trivial claims should be discouraged by the law. As Hong Kong is a densely populated city, all residents must accept that they are subject to a certain degree of scrutiny by their neighbours. An objective test should be adopted to determine the liability of the intruder. We think that an intrusion upon privacy should not be actionable unless it amounts to a substantial and unreasonable infringement of the right of privacy. The plaintiff must show that the intrusion is seriously offensive and objectionable to a reasonable person. This would ensure that the right of privacy would be determined by the norm of a person of ordinary or reasonable sensibilities and not that of a hypersensitive person. Where the intrusion would have caused mental distress or embarrassment to a person of ordinary sensibilities but the plaintiff himself was not substantially hurt, the plaintiff would be entitled to nominal damages only.[314]

Conclusion

7.48 On the basis of the foregoing discussion, we conclude that the new intrusion tort requires proof of the following elements:

a) either an intrusion upon the solitude or seclusion of another or an intrusion into another’s private affairs or concerns;

b) the intrusion may be physical or non-physical;

c) the intrusion must be done intentionally or recklessly; and

d) the intrusion must be seriously offensive and objectionable to a reasonable person of ordinary sensibilities.

Practical examples of reasonable expectations of privacy

(a) Privacy in public toilets[315]

7.49 Jurisprudence in the United States has considered what amounts to a reasonable expectation of privacy in public toilets. On the one hand, public toilets are private places because they have physical features designed to protect users from being watched by others on the street while performing intimate bodily functions. On the other hand, the toilets are accessible to the general public of the same sex. The male toilets also have urinals in the common area as well as enclosed toilet stalls. Toilet stalls have a higher level of expectation of privacy than the common area.

7.50 Common areas - In People v Lynch,[316] the defendant had been videotaped while engaging in homosexual activities in the common area of the public toilet. People who wished to visit the toilet had to go through the front door, vestibule and inner door before entering the common area. Hence anyone inside the common area would be warned of any incoming persons. The Court of Appeals held that although the structure preserved a certain amount of privacy to the users, “it can be presumed that any member of the public would expect that in the common area of the facility their privacy is not absolute and that any activity in that area is open to public examination.” The defendant had a subjective expectation of privacy in the common area of a public toilet, but that expectation was not reasonable because it was readily accessible to the public.

7.51 Enclosed toilet stalls - In one case,[317] the defendant was monitored by a video camera installed by the police in the ceiling above the bathroom stall. The court held that the bathroom stalls, like the telephone booth in the Katz case, were “temporarily private places whose momentary occupants’ expectations of privacy are recognised by society as reasonable.” It recognised that an expectation of privacy may be partial and yet receive constitutional protection. In another case,[318] the defendant and another man committed a homosexual act below the partition between two toilet stalls. The court held that he did not have a reasonable expectation of privacy in what could be seen from the common area:

“[A] bathroom stall ... does not afford complete privacy, but an occupant of the stall would reasonably expect to enjoy such privacy as the design of the stall afforded, i.e., to the extent that defendant’s activities were performed beneath a partition and could be viewed by one using the common area of the restroom, the defendant had no subjective expectation of privacy, and, even if he did, it would not be an expectation which society would recognise as reasonable ... .”[319]

7.52 We believe that a person has no reasonable expectations of privacy in the common area of a public toilet which is readily accessible to the public even though it is secluded and shielded from public view. However, a person has a reasonable expectation of privacy while he is in an enclosed toilet stall but only to the extent that his activities inside cannot be seen from the common area. A person who installs a camera in the ceiling of the stall or who looks down through ceiling vents should be liable for intruding upon the privacy of persons occupying the stall.

(b) Privacy in the workplace[320]

Traditional workplace privacy

7.53 Although an individual may have a privacy interest in his place of work, his expectations of privacy in the workplace is less than that in his residence. Workplace may include the reception area, general registry, rooms for senior staff, toilets, changing rooms, common rooms, canteen, locker rooms, company vehicles, and other open areas such as car park and areas which serve customers. Employees have different expectations of privacy in different parts of the workplace. A salesman in a departmental store expects less privacy than an office manager who has his own room. It should not be overlooked that surveillance in a place of work which is accessible to the public also puts the privacy of the general public at stake.

7.54 Generally speaking, offices are provided to employees for the sole purpose of facilitating the work of an organisation. Employees can easily avoid exposing their personal belongings by not bringing them to the office. However, if an employee has taken affirmative steps to put his closed personal luggage, handbag or briefcase in a place which is not accessible to the employer, he can reasonably expect privacy in the contents of such personal belongings even though they happen to be within the employer’s premises.

7.55 In O’Connor v Ortega,[321] a state hospital searched the office of one of its employees in connection with an investigation of alleged wrongdoing. The Supreme Court of the United States held that an employee has a reasonable expectation of privacy which must be determined in the context of the employment relation, subject to the “operational realities” of the workplace which reduce employee expectations by virtue of actual office practices and procedures or by legitimate regulation. An office, for instance, is not a private enclave free from entry by supervisors, other employees, and business and personal invitees. The supervisors may have to gain access to official property which is only available in the employee’s office or desk while he is away from office. They may also need to carry out a search to investigate violations of workplace rules or government regulations. The court therefore concluded that the employee in that case had a reasonable expectation of privacy at least in his desk and file cabinets on the grounds that (a) he did not share his desk or file cabinets with other employees, (b) his work related files were not kept in his office, (c) personal materials had been kept in his office for 17 years, and (d) the employer had no regulation or policy that discouraged employees from storing personal items in their desk or file cabinets. In another case, the employees were allowed to use the lockers provided by the employer with their own locks. The court held that the company violated the employee’s privacy by searching his locker even though the locker was owned by the company.[322]

Electronic surveillance in the workplace

7.56 Developments in surveillance technologies have increased the incidence of infringement of individual privacy in the workplace. Employers may monitor the performance, behaviour and communications of their employees in the following ways:

“1. Their use is a violation of basic human rights and dignity, and is often carried out without adequate consideration for such interests.

2. Computer data banks and telephone and video monitoring make prying into the private lives of workers easier and more difficult to detect than ever before.

3. Monitoring and surveillance give employees the feeling that they are not to be trusted and thus foster a divisive mentality which is destructive to both workers and employers.

4. Such practices can be used to discriminate or retaliate against workers, which may be difficult for workers to discover.

5. Monitoring and surveillance involve both issues of exercising control over workers and control over data relating to specific workers.”[323]

7.58 Paragraph 6.14 of the International Labour Organisation’s Code of Practice on the Protection of Worker’s Personal Data further provides:[324]

“(1) If workers are monitored they should be informed in advance of the reasons for monitoring, the time schedule, the methods and techniques used and the data to be collected, and the employer must minimize the intrusion to the privacy of workers.

Secret monitoring should be permitted only: (a) if it is in conformity with national legislation; or (b) if there is suspicion on reasonable grounds of criminal activity or other serious wrongdoing.

(3) Continuous monitoring should be permitted only if required for health and safety or the protection of property.”

7.59 Members of the Congress in the United States have introduced several bills in an attempt to regulate electronic surveillance of employees by employers. One of them is the proposed Privacy for Consumers and Workers Act.[325] The Act permits surveillance of employees by their employer if the latter has notified the former of matters such as the form of surveillance used, time of surveillance, type of data to be collected, use of the data and how the printouts would be interpreted. Prospective employees would be notified of the employer’s intent to use electronic surveillance in connection with the job for which they are applying. The employer need not give notice if he has reasonable suspicion that an employee may violate a criminal or civil law, or that the employee may cause the employer significant economic loss or injury.

Oral and telephone communications of employee

7.60 Individuals have the right to send and receive communications without unlawful or arbitrary interference. Monitoring of employee communications is not arbitrary if the employer has the express or implied consent of the employee. Thus, employers are generally not precluded from monitoring employee communications if they are business-related. Employees do not have a reasonable expectation of privacy in their business communications either on the ground that their performance is subject to the supervision of their employers under the terms of their contract of employment, or that they are deemed to have implicitly consented to allowing their employers access to their business communications made in the course of their employment using equipment provided by employers.

7.61 In a case concerning the application of the consent exception under the US Wiretap Act,[326] the employer informed its employees that it would be monitoring all of their telephone calls and that personal calls would be monitored only to the extent necessary to determine whether a particular call was business or personal. The American court held that the employees consented to the monitoring of business calls but not personal calls. It reasoned that consent should be found only when the employee knew or ought to have known of a policy of constantly monitoring calls, or when the employee has a personal conversation over a telephone line that is expressly reserved for business purposes only.[327]

7.62 The requirement of consent necessitates that certain communications among employees are protected even though such communications are made in the place of work. Hence, employees have a reasonable expectation of privacy in their oral communications engaged in an area normally restricted to employee use, e.g. recreation rooms and toilets.

Employee electronic communications

7.63 Employers can monitor employee electronic communications by using the “Internet Management Software” which analyses Internet and intranet usage. It is now possible for an employer to track the web sites and “chat” groups that employees visit. A survey conducted by the Society for Human Resources Management in the United States found that 36% of the respondents monitored employee e-mail.[328] Another survey by MacWorld showed that about two-thirds of employers who monitored employee’s electronic communications and files did so without warning the employees.[329]

7.64 Employers may monitor employee e-mail for the following reasons:

“Normally, an employee creates an individual password to access his/her own e-mail messages. A personal password ... may support an argument that an employee’s e-mail messages are private, especially if the employees are unaware that their employer retains the ability to override passwords and access their e-mails. In addition, if the e-mail messages are encrypted or coded so that only the sender and the recipient can read the messages, a further expectation of privacy may be created. Absent a policy explaining that e-mail messages are not private, or explaining that the employer can gain access to e-mail despite a personal password, an employer is at greater risk that a court may find that the employee had a reasonable expectation of privacy with respect to his/her e-mail messages.”

7.69 We agree that employer monitoring of computer systems should be allowed if it is carried out in accordance with the data protection principles, as when it is done for reasonable business purposes, on prior notices to employees, and the use of any resulting information is consistent with employee expectations. However, where the electronic mail system has an option for marking messages as “private”, employees have a reasonable expectation of privacy that such messages be kept confidential and not subject to interception by employers unless the employees have been advised to the contrary.[333] Karen Casser states that it is important that employees be informed when and what is being monitored and what will be done with the resulting information. She suggests that the following action programme may be adopted:[334]

“1. Develop or extend corporate policies to address employee privacy expectations.

2. Determine the extent of any current monitoring and limit monitoring to ‘work related’ and supervisory activities. State extent of monitoring in policy.

3. Educate and periodically remind employees and management of policy.

4. Post a notice when employees log onto the computer network and require an affirmative acknowledgement by having the employee indicate that she has read the screen before moving on. The notice should state clearly that the system and e-mail are not private and will be audited and the parameters of employee use. ...

5. Address backup and retention of stored mail.

6. Set forth how any accessed information will be used.”

7.70 We agree that it is essential for an employer to establish an e-mail policy governing access to, and use and disclosure of e-mail sent and received by employees on office communications systems.[335] The policy should balance the employees’ reasonable expectations of privacy with the legitimate business interests of the employer.

Video surveillance in the workplace

7.71 Video surveillance can be used for a variety of purposes. The Report on Video Surveillance in the Workplace published by the Privacy Committee of New South Wales found that employers may use video surveillance for the following reasons:[336]

Covert video surveillance in the workplace

7.75 As a matter of principle, covert surveillance by hidden cameras should be prohibited unless there is a suspicion of illegal activity. The Commonwealth Privacy Commissioner of Australia has drawn up Guidelines on the application of information privacy principles to the conduct of covert optical surveillance by Commonwealth agencies.[341] The Guidelines do not apply to security agencies who use covert surveillance for law enforcement purposes. With respect to the decision to undertake covert surveillance, the Guidelines provide:

“1.1 Covert surveillance may only be undertaken for a lawful purpose which is related to the function and activity of the agency.

1.2 Each agency should identify the circumstances or offences for which covert surveillance may be used and the Acts which may justify the agency undertaking the practice.

1.3 Approval to conduct covert surveillance in any particular case should be made at a senior level, taking into account procedures in place for the conduct of such activities.

1.4 In deciding to conduct covert surveillance agencies should consider the following factors:

(a) That there be reasonable suspicion to believe that an offence or an unlawful activity is about to be committed, is being committed or has been committed.

(b) That other forms of investigation have been considered and have been assessed to be unsuitable, or other forms of investigation have been tried and have been found to be inconclusive or unsuitable.

(c) The benefits arising from obtaining relevant information by covert surveillance are considered to outweigh to a substantial degree the intrusion on the privacy of the surveillance subject/s.”

7.76 In its report on workplace surveillance, the Privacy Committee of New South Wales concludes that covert video surveillance conducted by persons other than law enforcement officers can be justified only when:

“1. Covert surveillance is introduced only when all other reasonable measures have proved ineffective in solving the problem.

2. Covert surveillance is conducted only for the purpose of protecting the employer against an identified risk to the security or safety of property, assets, employees, or members of the public.

3. Employers have substantial grounds to believe that unlawful activity is being undertaken.

4. Covert surveillance is limited in scope, targeting only areas in which unlawful conduct is likely to be recorded.

5. Covert surveillance does not intrude unreasonably into the privacy of employees or customers who are not under suspicion.

6. Covert surveillance is conducted only for a limited time period, such as until the perpetrator of the unlawful activity is identified.

7. Strict controls exist over the operation of the system, including authorisation of who may receive and view tapes, secure storage and erasure of recordings.

8. The operators of the system are accountable for their conduct to an external agency.

9. Proper records are maintained of the covert surveillance operation, including documentation of the final resolution of the problem.

10. The employees placed under covert surveillance are informed of the conduct of surveillance after a period of time if it did not lead to any individual’s apprehension. If covert surveillance was conducted in an area accessed by customers, a sign should be installed in the area informing customers of the recent conduct of covert surveillance.”

Recommendation

7.78 In the context of workplace surveillance, we have to balance the interests of employers, employees and the general public. An employee’s expectation of privacy in his activities in the workplace has to be balanced against the employer’s need to keep the workplace and his employees’ activities under surveillance for legitimate business purposes. In determining whether an employer would be liable for the intrusion tort on the ground that he has kept his employees under surveillance, the court would have to assess whether the employee has an expectation of privacy and, if so, whether the employer has a legitimate justification for the intrusion which renders the employee’s expectation unreasonable in the circumstances. This legitimate justification will usually be a business matter but it may be an external one, for example, investigation into crime which is unrelated to the business.

7.79 However, the tort of intrusion upon solitude or seclusion may not afford adequate protection to employees. The employers might justify their intrusion on the grounds that it is reasonably necessary to protect property or personal safety. Additional measures are required to address the privacy concerns of surveillance in the workplace. In view of the difficulties of balancing the interests of employers, employees and the general public, the best way to address the issue of privacy in the workplace is probably by way of a code of practice so that all interested parties know where they stand.

7.80 We note that the Privacy Commissioner in Hong Kong may approve and issue codes of practice (whether prepared by him or not) for the purpose of providing practical guidance in respect of the data protection principles set out in the Personal Data (Privacy) Ordinance.[344] It would be extremely helpful if a specific code covering all forms of surveillance in the workplace could be issued by the Privacy Commissioner in consultation with employers associations, trade unions and, perhaps, the Consumer Council. Employers may then work out their policies using the code as a reference and employees and customers may consult the code to find out whether their expectations of privacy are reasonable or not. We believe that the Guidelines issued by the International Labour Organisation, the Commonwealth Privacy Commissioner of Australia, the Privacy Committee of New South Wales, and the proposed Privacy for Consumers and Workers Act of 1993 in the United States, could serve as a useful starting point for the development of such a code.

[270] M Nowak, 288.
[271] Pavesich v New England Life Ins Co, 122 Ga 190 at 196 (1905); quoted in E J Bloustein, 1002.
[272] Article 39 of the PRC Constitution provides: “The residences of citizens of the People’s Republic of China are inviolable. Unlawful search of, or intrusion into, a citizen’s residence is prohibited.”
[273] E J Bloustein, at 973-974.

[274] R A Posner, “The Right of Privacy” (1978) 12:3 Georgia Law Review 393, 401. This analysis can be extended to efforts to obtain letters and private papers of another.

[275] § 99.12; 20 USC § 1232g(a)(1); example given in R A Posner, 401-2.

[276] The Restatement represents the preponderance of opinion in American jurisdictions.

[277] J J Thomson, “The Right to Privacy” (1975) 4 Philosophy and Public Affairs 295, 300.

[278] R Gavison, “Privacy and the Limits of Law” (1980) 89 Yale LJ 421, at 433.

[279] F Schauer, 715-6.

[280] Fowler v Southern Bell Tel & Co (1965, CA5 Ga) 343 F2d 150.

[281] W P Keeton (ed), 855-6.

[282] Smith v Maryland, 442 US 735.

[283] Cf Oliver v United States, 466 US 170, 178-183.

[284] 389 US 347 (1967).

[285] At 351-2.

[286] J McNamara, “The Complete, Unofficial TEMPEST Information Page” (1997) at <http://www.eskimo.com/~joelm/tempest.html>; C Seline, “Eavesdropping on the Electromagnetic Emanations of Digital Equipment: The Laws of Canada, England and the United States” (1989), at <http://www.jya.com/tempest.htm>. TEMPEST is an acronym for Transient Electromagnetic Pulse Emanation Standard. It is a specification on the amount of electromagnetic radiation that a device may emit without compromising the information it is processing. TEMPEST technology can be used to intercept information stored in computers or displayed on computer terminals.

[287] Halford v United Kingdom [1997] The Times, 13 July .

[288] See A M Swarthout, “Eavesdropping as Violating Right of Privacy”, 11 ALR3d 1296.

[289] 238 Ky 225 (1931), quoted in 11 ALR3d 1296 at 1301.

[290] 60 Ga App 9 (1939) 2; cited in 11 ALR3d 1296 at 1303.

[291] 106 NH 107; 206 A2d 239 (1964).

[292] 106 NH 107 at 112; 206 A2d 239 at 242 (1964); quoting R Pound, Jurisprudence (1959) 58.

[293] Office of the Privacy Commissioner for Personal Data & HKU Social Sciences Research Centre, Baseline Opinion Survey: Public Attitudes to and Preparedness for the Personal Data (Privacy) Ordinance - Key Findings (March 1997), Figure 4.

[294] This may, however, constitutes an “unfair” collection of personal data in contravention of Data Protection Principle 1 under the Personal Data (Privacy) Ordinance.

[295] United States v Whaley, 479 US 1055 (1987).

[296] Maryland v Macon, 472 US 463.

[297] K J Rampino, “Observation through Binoculars as Constituting Unreasonable Search” 48 ALR3d 1178; Younger Report (1972), paras 553-559.

[298] Appl No 5877/72, 45 CD 90.

[299] Although taking a photograph of an individual in a public place does not normally invade his privacy, the photographer would be liable for the tort of harassment proposed in our Consultation Paper on Stalking if such behaviour amounts to harassment and is carried on persistently without justification: HKLRC, Privacy Sub-committee, Stalking - Consultation Paper (1998).

[300] P E Hassman, “Taking Unauthorized Photographs as Invasion of Privacy”, 86 ALR3d 374.

[301] [1997] 2 HKC 525.

[302] “Public Fury is Aimed at Tabloids”, International Herald Tribune, 1 September 1997.

[303] Restatement, Torts 2d, § 652B, Comment c.

[304] See Apple Daily, 7 September 1997.

[305] Dietemann v Time, Inc, (1971, CA9 Cal) 449 F2d 245; 1 Media LR 2417.

[306] See Chapter 11.

[307] See 68 Am Jur 2d, Searches and Seizures, § 59.

[308] 62A Am Jur 2d, § 64.

[309] 62A Am Jur 2d, § 65.

[310] HKLRC Privacy sub-committee, Stalking - Consultation Paper (1998).

[311] R Wacks, (1993), 247-248.

[312] Above, para. 5.35.

[313] Manitoba Act, section 5(b).

[314] American Jurisprudence provides: “In order to constitute an invasion of the right of privacy, an act must be of such a nature as a reasonable person can see might and probably would cause mental distress and injury to anyone possessed of ordinary feelings and intelligence, situated in like circumstances as the complainant.” See 62A Am Jur 2d, Privacy, § 40.

[315] See J R Scharrer, “Covert Electronic Surveillance of Public Rest Rooms: Privacy in the Common Area?” (1989) 6 Cooley LR 495; 68 Am Jur 2d, Searches and Seizures § 34.

[316] No 86-55700, slip op (Ingham Cir Ct Jan 11, 1988); cited in J R Scharrer, 504. See also People v Heydenberk 171 Mich App 494, 430 NW 2d 760 (1988); cited in J R Scharrer, 504.

[317] People v Dezek, 107 Mich App 78, 308 NW 2d 652 (1981); cited in J R Scharrer, 506.

[318] People v Kalchik, 160 Mich App 40, 407 NW 2d 627 (1987); cited in J R Scharrer, 506.

[319] At 48-49, 407 NW 2d at 631; cited in J R Scharrer 506.

[320] International Labour Organisation, “Monitoring and Surveillance in the Workplace” in Conditions of Work Digest (Vol 12, No 1, 1993); D R McCartney, “Electronic Surveillance and the Resulting Loss of Privacy in the Workplace” (1994) 62:4 University of Missouri-Kansas City Law Review 859; M S Dichter & M S Burkhardt, “Electronic Interaction in the Workplace: Monitoring, Retrieving and Storing Employee Communications in the Internet Age” (paper delivered at the Fourth Annual Conference of The American Employment Law Council in October 1996), at <http://www.mlb.com/speech1.htm>; J Green, “Electronic Monitoring in the Workplace: The Need for Standards”, (1984) 52:3 George Washington Law Review 438; The Privacy Committee of NSW, Invisible Eyes: Report on Video Surveillance in the Workplace (No 67, 1995); NSW Law Reform Commission, Surveillance (Issue Paper 12, 1997), ch 6.

[321] 480 US 709 (1987).

[322] K-Mart v Trotti, 677 S W 2d 632 (1984), cited in K L Casser, p 10. More recently, a partner of a law firm searched the office of a lawyer employed by the firm. The partner discovered a letter from the lawyer’s doctor relating to the latter’s HIV status. The court held that a search of an employee’s work area which is conducted in such a way as to reveal matters unrelated to work may constitute an invasion of privacy. Doe v Kohn, Nast & Graf, 862 F Supp 1310 at 1326 (E D Pa 1994); referred to in M S Dichter & M S Burkhardt, at p 8.

[323] International Labour Organisation, “Monitoring and Surveillance in the Workplace”, p 20 in Conditions of Work Digest (Vol 12, No 1, 1993).

[324] See “ILO Adopts Workers’ Privacy Code”, in: I-Ways: Digest of the Global Information Infrastructure Commission, First Quarter 1997, 41 - 46.

[325] S 984, 103d Cong, 1st Sess (1993); introduced by Senator Paul Simon. It was reported that no significant progress had been made with respect to the bill. Discussed in D R McCartney, “Electronic Surveillance and the Resulting Loss of Privacy in the Workplace” (1994) 62:4 UMKC Law Review 859, 882 et seq.

[326] Watkins v L M Berry & Co, 704 F 2d 577 (11th Cir 1983); referred to in M S Dichter & M S Burkhardt, at p 17.

[327] Cf Deal v Spears, 980 F 2d 1153 (8th Cir, 1992), referred to in M S Dichter & M S Burkhardt, at p 18 (No implied consent where an employee is informed by her employer that her telephone calls might be monitored because of theft and her excessive personal calls as opposed to being informed that her calls are being monitored.)

[328] “E-mail Snooping is OK in the Eyes of the Law”, Wall Street J, 19 March 1996, A1; referred to in S E Gindin, above.

[329] C Piller, “Bosses with X-Ray Eyes” Macworld, July 1993, at 118, 123; cited in S E Gindin, above.
[330] No B068705 (Cal Ct App, 1993) (unreported); referred to in M S Dichter & M S Burkhardt, at p 7.
[331] 914 F Supp 97 (E.D.Pa. 1996); referred to in M S Dichter & M S Burkhardt, at pp 6 - 7.
[332] Op cit, at 8.
[333] The Law Reform Commission’s Report on Privacy: Regulating the Interception of Communications (1996) commented at para 4.89: “As an employee is generally expected to devote all his working hours to performing official duties and a letter addressed to a company is normally treated as official unless the envelope indicates otherwise, we are of the opinion that in general all employers are implicitly authorised to open and read all incoming communications (including electronic mail) unless it is clear in the circumstances that the communication is intended to be private. In other words, a communication addressed or directed to a company should be presumed work-related unless words like ‘private’ or ‘personal’ are marked on the cover (or shown in the subject heading where it is an electronic communication).”
[334] K L Casser, “Employers, Employees, E-mail and the Internet”, in: The Computer Law Association, The Internet and Business: A Lawyer’s Guide to the Emerging Legal Issues (1996), at <http://cla.org/RuhBook/chp6.htm>, p 6.
[335] A sample e-mail (and Internet) policy can be found in M S Dichter & M S Burkhardt, at pp 25 - 29.
[336] The Privacy Committee of NSW, § 2.
[337] The Privacy Committee of NSW, Appendix 1, Guidelines on Overt Video Surveillance in the Workplace.
[338] Note also the requirements of Data Protection Principle 1 (purpose and manner of collection of personal data) in Cap 486.
[339] In Thomas v General Electric Co, 207 F Supp 792 (1962, DC Ky), cited in 86 ALR3d 374 at 382, the court held that an employee’s right to privacy was not violated when the employer monitored its employees by a camera for the purposes of increasing the efficiency of the employee’s operation and promoting the safety of its employees.
[340] To protect itself from possible liability, an employer may either notify its employees before they accept the contract of employment that snooping may occur without their knowledge, or ask them to sign waivers permitting the employer to monitor the workplace by hidden devices. See “Is Your Boss Spying on You?” Business Week, 15 Jan 1990, 74-75.

[341] Commonwealth Privacy Commissioner of Australia, Guidelines on Covert Optical Surveillance in Commonwealth Administration (1992).

[342] The Privacy Committee of NSW, § 4.3.

[343] The Privacy Committee of NSW, § 4.2. The Committee recommended that covert surveillance should only be allowed with a permit issued by the Industrial Relations Court and that there should be stringent controls over its conduct. Above, §6.4.3.

[344] Section 12.