There have been an increasing number of articles and cases about employees’ misdeeds spread across Facebook or other similar social media sites. With some of the stupid things employees post that basically give away the fact that they are abusing FMLA and other types of leave, employers may be very tempted to play private detective.

Before an employer dons a Sherlock Holmes Deerstalker hat and pipe, a quick refresher on a federal law, the Stored Communications Act, may be in order. The SCA makes it illegal to access stored electronic communications without the user’s consent. According to a 2010 case, Crispin v. Christian Audiger Inc., the Stored Communications Act (“SCA”) protects postings on social media accounts provided an employee has enabled the privacy settings.

Let’s say an employee who is on FMLA leave to care for his dying parent in Illinois is rumored to be on Facebook posting daily updates from a three-week Mediterranean cruise. A quick search of Facebook reveals that the employee has an account but the profile cannot be viewed by the public. An enterprising manager creates a profile, uploads a fake photo, and sends a friend request. Sounds easy and likely to work. The problem? This violates the SCA.

Another problem? Because the proof that the employee violated leave policies was obtained illegally, it may not be used to justify an employee’s termination. At least that is what an arbitrator recently found in a similar case involving abuse of military leave in Am. Fed’n of Gov’t Emps. v. DHS.

Although it may be tempting to try to trick employees into granting access to their social media accounts, the downside risk is too great for employers.