Restricting app access can be discrimination, court rules

There’s a recent court case that might have escaped your notice – but the decision could serve as a warning for IT pros.

Jillian John, an African-American staffing clerk, claimed she was denied access to timekeeping software by her boss. When she asked why she wasn’t allowed to access the software, which would’ve helped in her job, John was told she had access to all the needed.

John lodged a complaint, claiming she felt “humiliated[,] degraded and even discriminated against” at the hands of Kay based on an “act of segregation.” Johns was later promoted to a higher position, but still was given limited access to the timekeeping software.

Finally, after an investigation found Johns had engaged in improper behavior dealing with collecting money from other employees, she was fired.

The lawsuit

Johns filed a discrimination claim. She said that being denied access to the software was an “adverse employment action” which was evidence of the discrimination. She claims she was the only employee in the department who was denied full access.

Here’s where things get legally important: The court agreed that a lack of access to software could be considered discrimination. Johns had to ask lower-ranking employees to access the software for her. And as a manager, it was entirely reasonable to expect she should have access to that software.

But the judge still ruled against her for one very important reason: There was nothing presented in the case that made the connection between the limited access to software and Johns’s race.

Therefore, the judge threw out the discrimination suit.

Denying access can be discrimination

The important thing to note about this case is that the judge agreed there are cases where not having access to software can be grounds for a lawsuit.

This puts IT in a tough position. On the one hand, restricting access is an extremely important way to prevent data breaches and insider threats. Users should only have access to the software they need to do their jobs.

On the other hand, if a user feels there’s an unfair restriction on their ability to use your systems and software, they could go to court against the company – and, depending on the circumstances, come out victorious.

Restricting access the right way

The important thing to remember is that this case obviously doesn’t say everyone has to be given equal access to every application or program.

Talk with other managers in your company. Find out what their people do and what programs they need access to. Then go a step further and find out if they need full access, including the ability to edit and manipulate data, or if they just need the ability to read it.

Security obviously comes first, so protecting data will be your top priority and access should be restricted accordingly.

But if a user requests access to something they’re currently barred from or may not need, be sure to look into the matter fully to see if he or she – or any similarly situated employees – could have a legitimate use for the service.

Have you found any difficulties granting or restricting access? Do you think the court made the right decision? Leave your answer in the comments section below.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy