598 F.Supp.3d 719
W.D. Wis.2022Background
- Steven Bowers, a Taylor County sheriff’s sergeant, copied confidential county case files (from a county computer) into a personal Dropbox account he created using his work email and paid for personally; he also granted access to two TV-show staffers and his girlfriend.
- Sheriff Bruce Daniels, after learning Bowers had shared files with a Cold Justice crew and after Bowers admitted sharing, directed IT Director Melissa Lind to access Bowers’s Dropbox.
- Lind used Dropbox’s “lost password” workflow via Bowers’s county email to reset the password, signed into the account, and found a folder with confidential case records.
- Bowers sued under the Fourth Amendment for an unlawful search (and sought damages for emotional harms); defendants moved for summary judgment asserting the search was lawful or they are entitled to qualified immunity.
- The court held the Dropbox search was a Fourth Amendment search that should have been conducted with a warrant, but granted summary judgment to the defendants on qualified immunity grounds because the law was not clearly established and the search was reasonable under workplace-search principles.
Issues
| Issue | Plaintiff's Argument | Defendant's Argument | Held |
|---|---|---|---|
| Whether Bowers had a reasonable expectation of privacy in his Dropbox account | Bowers: account was personal, password-protected, paid for personally, stored off county servers — thus private | County: account tied to work email, contained work files uploaded from a work computer, and access was shared with others; county IT policy curtailed privacy | Court: Bowers had a reasonable expectation of privacy against his employer’s intrusion, but the law was not clearly established on that point |
| Whether a warrant was required before the employer searched the Dropbox account | Bowers: account was not within areas "generally within the employer’s control," so O’Connor warrant exception did not apply | County: employer-search exception applies to work-related searches; purpose was work-related misconduct investigation | Court: search should have been conducted with a warrant (O’Connor does not clearly cover this account), but authority was unsettled so not clearly established |
| Whether the search was reasonable in scope under the workplace-search standard | Bowers: password protection, personal files, and lack of specific authorization meant intrusion was unreasonable | County: reasonable grounds to suspect work-related misconduct existed; search focused on locating county files and recipients, not personal files | Court: even if warrant not required, the search was reasonable in inception and scope under O’Connor factors |
| Entitlement to qualified immunity | Bowers: defendants violated clearly established Fourth Amendment rights | County: no clearly established law; also relied on advice-of-counsel/extraordinary circumstances defense | Court: defendants entitled to qualified immunity because the legal contours were not clearly established at the time |
Key Cases Cited
- O'Connor v. Ortega, 480 U.S. 709 (plurality; workplace privacy balancing and employer-search standard)
- City of Ontario v. Quon, 560 U.S. 746 (assumed workplace privacy; urged caution in applying precedents to new technology)
- Riley v. California, 573 U.S. 373 (2014) (cell-phone searches require careful Fourth Amendment protection)
- Carpenter v. United States, 138 S. Ct. 2206 (2018) (limits to third-party doctrine for sensitive electronic data)
- Katz v. United States, 389 U.S. 347 (1967) (reasonable expectation of privacy framework)
- Narducci v. Moore, 572 F.3d 313 (7th Cir. 2009) (employee privacy against employer surveillance)
- Harlow v. Fitzgerald, 457 U.S. 800 (1982) (qualified immunity standard)
- Cibulka v. City of Madison, 992 F.3d 633 (7th Cir. 2021) (clarifying how plaintiff shows rights were clearly established)
- City of Tahlequah v. Bond, 142 S. Ct. 9 (2021) (warning against defining clearly established law too broadly)
