For years now, employers have been warned that a detailed, electronic resources policy is the best defense against vicarious liability for the actions of employees who use corporate e-mail or Internet access like a bully in a sandbox. A recent decision from the California Court of Appeals highlights a potentially more potent defense that has received little attention in employment law circles.

The Communications Decency Act of 1996, 47 U.S.C. §230 [CDA] immunizes any “provider . . . of an interactive computer service” from liability under any state law for information published on the service by someone else. In Delfino v. Agilent Technologies, the plaintiffs sued Agilent for intentional infliction of emotional distress because a former Agilent employees had used Agilent’s e-mail system and Internet access to communicate numerous threatening messages to the plaintiffs. The California Court of Appeals affirmed summary judgment for Agilent based on the CDA.

As a matter of first impression, the court held that a corporate employer, like Agilent, who offers e-mail and Internet access is an interactive computer service provider for purposes of the Act. Because the employee, not Agilent, provided the threatening messages, and the plaintiffs sought relief only under state tort law, the CDA immunized Agilent from liability. By analogy, the CDA can be used to get rid of those pesky state law claims, like negligent hiring, negligent supervision, intentional infliction of emotional distress, and defamation, that tend to accompany Title VII claims alleging harassment through an employee’s use of corporate electronic resources.