Intrusion Upon Seclusion

Intrusion upon seclusion is a privacy tort that protects individuals from unauthorized and offensive intrusions into their private spaces, communications, or personal affairs. Unlike public disclosure of private facts—which requires an act of publication—intrusion upon seclusion is actionable from the moment the intrusion occurs, regardless of whether the wrongdoer discloses what was discovered. It is, at its core, a tort about the act of looking where you have no right to look.

Elements of Intrusion Upon Seclusion

The Restatement (Second) of Torts § 652B defines intrusion upon seclusion as liability for one who intentionally intrudes, physically or otherwise, upon the solitude or seclusion of another or his private affairs or concerns, if the intrusion would be highly offensive to a reasonable person. Courts have derived three core elements from this definition:

1. Intentional intrusion: The defendant deliberately intruded, not inadvertently.
2. Into a private space or private affairs: The plaintiff had a reasonable expectation of privacy in the space or information intruded upon.
3. Highly offensive to a reasonable person: The intrusion was not merely embarrassing or unwelcome but would be highly offensive from the perspective of an objective reasonable person.

What Qualifies as an Intrusion?

Physical intrusion is the clearest form. Breaking into someone’s home, placing a recording device in a private space, or secretly photographing someone in a place where they have a reasonable expectation of privacy are textbook examples. Courts have consistently held that intrusion claims are available for physical invasions that would require physical presence in the absence of a device.

Electronic intrusion is equally recognized by most jurisdictions. Hacking into someone’s email account, installing spyware on a device without consent, accessing private financial records through unauthorized means, and intercepting private communications can all constitute intrusion upon seclusion. Courts in many states have specifically recognized computer hacking and unauthorized access to digital accounts as a basis for the tort.

Some courts take a narrower view, requiring that the intrusion be into a space where the plaintiff had a reasonable expectation of physical privacy—meaning the plaintiff must be able to show that a physical intruder, in the absence of technology, would have needed to physically enter the space to obtain the information. Courts applying this standard are more skeptical of claims arising from purely informational intrusion, such as accessing databases or public records, because there is no analogous physical entry.

Reasonable Expectation of Privacy

Whether an intrusion is actionable depends heavily on whether the plaintiff had a reasonable expectation of privacy in the space or information at issue. Courts look at both the subjective expectation—did the plaintiff actually expect privacy?—and whether that expectation was objectively reasonable.

Information voluntarily shared publicly does not give rise to a reasonable expectation of privacy. A plaintiff who posted personal information on a public social media profile cannot claim intrusion upon seclusion when someone reads it. Similarly, information accessible through public records—court filings, property records, business registrations—does not carry a reasonable expectation of privacy even if the plaintiff would prefer it remain unknown.

Workplaces create complex questions. Employees generally have a reduced expectation of privacy in employer-provided systems and equipment when they have been put on notice that monitoring may occur. However, employees retain meaningful privacy interests in their personal devices, personal accounts, and off-duty activities even in employment contexts.

Intrusion in the Digital Age: Emerging Issues

Digital technology has substantially expanded the ways in which intrusion upon seclusion can occur. Common modern fact patterns include:

• Unauthorized access to email, cloud storage, or social media accounts
• Installation of tracking software or keyloggers on a device without consent
• Use of GPS tracking or location data without authorization
• Accessing medical records, financial accounts, or private communications without authorization
• Covert video or audio recording in private spaces
• Scraping private information from password-protected websites or databases

In many of these scenarios, the intrusion also violates federal statutes including the Computer Fraud and Abuse Act (18 U.S.C. § 1030), the Electronic Communications Privacy Act (18 U.S.C. § 2511), and the Stored Communications Act (18 U.S.C. § 2701), which provide additional remedies beyond the common law tort.

Remedies

A successful plaintiff in an intrusion upon seclusion claim may recover actual damages including compensation for emotional distress, humiliation, and lost peace of mind. Courts may also award injunctive relief and, in appropriate cases, punitive damages when the defendant’s conduct was particularly outrageous.

Contact Revision Legal

If someone has intruded upon your privacy—whether physically or through digital means—Revision Legal’s internet privacy attorneys can assess your claims under both common law and applicable federal statutes. Contact us today to discuss your situation.

Intrusion Claims in Employment Contexts

Employment relationships generate a significant number of intrusion upon seclusion claims. Employers have legitimate interests in monitoring business communications and work activities, but those interests do not extend to unlimited surveillance of employees. Key legal principles governing workplace surveillance include:

• Employer-provided systems: Employees generally have a reduced expectation of privacy in employer-provided email, computer systems, and communications platforms when they have been notified that monitoring may occur. Courts have consistently upheld employer monitoring of business systems where the employer has provided clear notice.
• Personal devices and accounts: Even on employer premises, employees retain privacy interests in their personal devices, personal email accounts, and personal communications. An employer who accesses an employee’s personal accounts without consent faces potential intrusion claims.
• Video surveillance: Video monitoring of work areas is generally permitted with appropriate notice, but monitoring of bathrooms, changing rooms, or other spaces where employees have a heightened expectation of privacy is both legally prohibited and tortiously actionable.
• Off-duty activities: Surveillance of employees’ lawful off-duty activities—whether through GPS tracking, social media monitoring, or physical surveillance—raises serious intrusion claims in most jurisdictions.

Intrusion and Smart Devices

The proliferation of smart devices has created new intrusion scenarios that courts are only beginning to address. Smart speakers, home security cameras, connected appliances, and wearable devices continuously collect data about users’ private activities in their homes. When this data is accessed without authorization—by hackers, platform operators acting outside the scope of user consent, or law enforcement without appropriate process—intrusion claims may be available.

Manufacturers and operators of smart home devices face increasing litigation over whether their data collection practices are adequately disclosed to users and whether they constitute intrusion when they exceed the scope of what users reasonably expected when they agreed to terms of service. Courts are applying the reasonable expectation of privacy analysis to these novel contexts, often finding that a user who installed a smart speaker in their bedroom retained a reasonable expectation that continuous audio recording would not be transmitted to third parties without clear disclosure.

Criminal Remedies for Intrusion

Many intrusions that give rise to the civil tort also violate federal and state criminal statutes. The Electronic Communications Privacy Act (18 U.S.C. § 2511) prohibits unauthorized interception of wire and electronic communications. The Stored Communications Act (18 U.S.C. § 2701) prohibits unauthorized access to stored electronic communications. The Computer Fraud and Abuse Act (18 U.S.C. § 1030) prohibits unauthorized access to protected computers.

State laws often provide additional protections. Many states have enacted criminal statutes specifically addressing covert audio or video recording, unauthorized computer access, and interception of communications. These criminal statutes both deter intrusive conduct and, when violated, provide civil causes of action with attorney’s fee-shifting provisions.

Where a physical or electronic intrusion also violates one of these criminal statutes, the victim has multiple avenues of recourse—common law tort claims for intrusion upon seclusion and statutory claims under the applicable federal or state law. The statutory claims may provide more certain damages, clearer remedies, and attorney’s fees.

Contact Revision Legal’s privacy attorneys if you have been the victim of intrusion upon seclusion, whether through physical means, electronic surveillance, or unauthorized access to your accounts or devices.