[ v61 p320 ]
61 FLRA No. 58
RAILROAD RETIREMENT BOARD
OF GOVERNMENT EMPLOYEES
September 30, 2005
Before the Authority: Dale Cabaniss, Chairman, and
Carol Waller Pope and Tony Armendariz, Members
I. Statement of the Case
This matter is before the Authority on exceptions to an award of Arbitrator Cyrus A. Alexander filed by the Agency under § 7122(a) of the Federal Service Labor-Management Relations Statute (the Statute) and part 2425 of the Authority's Regulations. The Union filed an opposition to the Agency's exceptions.
For the reasons that follow, we deny the Agency's exceptions.
The grievant logged on to her computer and, in so doing, also connected to a social security database which contains sensitive social security information. While logged on, the grievant left her work area on multiple occasions to retrieve documents from a printer three cubicles away from her own. While away from her computer, and unbeknownst to the grievant, someone accessed the sensitive social security database and ran a search on one of the employees who also worked in the unit. Award at 7.
The Agency notified the grievant of a proposed two-day suspension, in accordance with Agency guidance dealing with such misconduct, because the grievant "queried a NUMIDENT (Numeric Identification Database) record of a current Railroad Retirement Board Employee[,]" which is equivalent to a "Category I - Unauthorized Access Without Disclosure" violation dealing with unauthorized access to social security database information. Opposition, Ex 1.
The grievant grieved this proposed discipline. The Agency decision in response thereto noted that "[t]he offense underlying the proposed suspension involves improper access to an SSA [Social Security Administration] database" and acknowledged "there is no direct evidence that the [grievant] . . . committed the improper access." Exceptions, Attach. E, Ex. 7. However, the Agency concluded that the grievant's conduct was improper and mitigated the discipline to a one-day suspension.
The one-day suspension was submitted to arbitration. The parties stipulated to the following issue:
If the one-day suspension is appropriate where someone other than [the grievant] may have accessed the NUMIDENT record of another employee after [the grievant] logged on to the Social Security Administration (SSA) database with her PIN number and password?
Award at 3.
Before the Arbitrator, the Agency argued that the grievant's one-day suspension was consistent with Rule 11 of the employee handbook (unauthorized use of government equipment or property). Exceptions, Attach. C. (Agency Post-Hearing Brief) at 10-11. The Arbitrator determined that the grievant had in fact violated Rule 11 of the employee handbook but mitigated the discipline to a letter of warning. Award at 8. The Arbitrator noted that the punishment for violating this rule ranged from a "written warning to five (5) days' suspension[.]" Id. at 6. On balance, the Arbitrator determined that the grievant did not personally (or "knowingly") access the NUMIDENT database, but that she had engaged in an activity that most of her co-workers regularly engaged in (i.e., leaving her computer unattended without logging off), and was not trained on how to properly log off her system when she needed to step out of her cubicle.
Id. at 7. Accordingly, noting the range of penalties, the Arbitrator reduced the grievant's one-day suspension to a letter of warning.
III. Positions of the Parties
A. Agency's Exceptions
The Agency argues that the Arbitrator exceeded his authority when he failed to resolve the stipulated issue. Specifically, the Agency contends that the Arbitrator decided whether "the evidence supported a finding that [the grievant] knowingly made the unauthorized [ v61 p321 ] inquiry of the NUMIDENT database, not whether the evidence supported a finding that [the grievant], by failing to disconnect from the SSA system, provided the means used to make the unauthorized inquiry." Exceptions at 7. As such, it asserts that because the stipulated issue acknowledges that the grievant did not improperly access the NUMIDENT, the Arbitrator exceeded his authority by addressing that issue rather than the issue before him. Id.
Moreover, the Agency argues that the award is based on two nonfacts. Id. at 7-11. First, the Agency contends that the Arbitrator erred in finding that the grievant did not knowingly access the NUMIDENT database when she signed onto her computer. Id. at 8. The Agency states that "whether [the grievant] knowingly accessed the NUMIDENT database was not in dispute." Id. However, the Agency claims that the evidence clearly shows that the grievant "acted knowingly when she chose to leave her computer unattended while still connected to the SSA's system." Id. at 9.
Second, the Agency argues that the grievant was properly trained in how to secure her computer before leaving it unattended. Id. In this respect, it claims that the Union confused the Arbitrator by misrepresenting the testimony of the Agency's security manager. It argues that the security manager testified that employees are merely required to log off of their computers, a process that takes seconds, and not shut them down when they leave them unattended as argued by the Union. Id. at 10. Moreover, the Agency notes that the grievant testified that she knew how to log off the computer prior to leaving it unattended. Id. at 11. Accordingly, the Agency states the Arbitrator relied upon a nonfact, that the grievant was required to shut down her computer when she left instead of merely logging off, in rendering his decision.
B. Union's Opposition
The Union argues the original charge brought by the Agency dealt with whether the grievant knowingly accessed the NUMIDENT system but the charge was changed in the Agency's final appeal letter to one which did not require intent. Opposition at 3. The Union argues that "[t]he decision on the `not knowingly,' issue merely clarified the contention by the Union at the hearing that management did not have sufficient evidence to support the original charge[.]" Id.
Additionally, the Union notes that the Arbitrator considered that the grievant was not trained in how to log off her system in mitigating the Agency's penalty. Moreover, it notes that other employees routinely left their computers unattended. Id. at 4. As such, the Union argues that the Arbitrator properly reduced the penalty to a letter of warning. Id.
With regard to the first nonfact argument raised by the Agency, the Union states "[t]his is just an attempt by management to mislead and confuse the issues." Opposition at 5. As to the second nonfact argument, the Union questions the veracity of the security manager's affidavit and alleges that during the hearing the manager testified "she did not know how to lock her computer" and that instead she told employees to "shut off their computer every time they left their office." Id. at 6. Accordingly, the Union contends that the Arbitrator's decision was "based on the facts as they were presented at the hearing[.]" Id. at 7.
IV. Analysis and Conclusions
A. The Arbitrator Did Not Exceed His Authority
Under Authority precedent, arbitrators exceed their authority when they fail to resolve an issue submitted to arbitration, resolve an issue not submitted to arbitration, disregard specific limitations on their authority, or award relief to those not encompassed within the grievance. See AFGE, Local 1617, 51 FLRA 1645, 1647 (1996). Arbitrators do not exceed their authority by addressing any issue that is necessary to decide a stipulated issue, or by addressing any issue that necessarily arises from issues specifically included in a stipulation. See NATCA, MEBA/NMU, 51 FLRA 993, 996 (1996); United States Dep't of Justice, Immigration & Naturalization Serv., Honolulu Dist. Office, Honolulu, Haw., 43 FLRA 927, 935 (1992) (citing United States Dep't of Health & Human Servs., Austin, Tex., 40 FLRA 1035, 1041 (1991) (HHS)); Air Force Space Div., L.A. Air Force Station, Cal., 24 FLRA 516, 519 (1986). Moreover, the Authority grants the arbitrator broad discretion to fashion a remedy that the arbitrator considers to be appropriate. See United States Dep't of the Interior, United States Geological Survey, Nat'l Mapping Div., Mapping Applications Ctr., 55 FLRA 30, 33 (1998).
The Arbitrator found that the grievant violated Rule 11 but determined that a one-day suspension was too severe. In reaching this conclusion, the Arbitrator emphasized three factual findings. First, he found that the grievant did not knowingly access the system as had been originally charged by the Agency. Second, he found that the grievant had not been trained to log off the system to avoid leaving her computer in an unsecured manner. Finally, the Arbitrator determined that many of the grievant's co-workers also routinely left [ v61 p322 ] their computers unattended without logging off. Award at 7.
Based on the above, we conclude that while the Arbitrator addressed whether the grievant knowingly accessed the system, the Arbitrator resolved the stipulated issue presented him by the parties, i.e., whether the Agency's one-day suspension was appropriate. In resolving that issue, the Arbitrator determined that while some punishment was warranted for the grievant's culpability in allowing an unauthorized access to occur from her computer under her logon, the penalty imposed was too severe given the mitigating evidence set forth above. Accordingly, the Agency has failed to show that the Arbitrator exceeded his authority by failing to resolve the parties' stipulated issue. AFGE, Local 507, 61 FLRA 88, 91 (2005).
B. The Award is Not Based on Nonfacts
To establish that an award is based on a nonfact, the appealing party must show that a central fact underlying the award is clearly erroneous, but for which the arbitrator would have reached a different result. United States Dep't of the Air Force, Lowry Air Force Base, Denver, Colo., 48 FLRA 589, 593 (1993) (Lowry). The Authority will not find an award deficient on the basis of an arbitrator's determination on any factual matter that the parties disputed at hearing. Id. at 594 (citing Nat'l Post Office Mailhandlers v. United States Postal Serv., 751 F.2d 834, 843 (6th Cir. 1985)).
With respect to the Agency's first contention regarding the grievant's "knowing" access to the social security database, the Agency does not contest the accuracy of the Arbitrator's finding. See Exceptions at 8 (Agency notes that "whether [the grievant] knowingly accessed the NUMIDENT database was not in dispute."). Instead, the Agency contests the "significance" of the finding. Id. As the Agency does not claim that the Arbitrator's finding is erroneous, the Agency provides no basis for finding that the award is based on a nonfact. [*] See United States Dep't of Defense, R.I., Nat'l Guard, Cranston, R.I., 57 FLRA 594, 596-97 (2001).
Turning to the Agency's second contention regarding the finding that the grievant had not been trained in protecting her computer, the parties disputed before the Arbitrator whether or not the grievant had been properly trained on how to protect her computer from unauthorized access. Award at 6; Exceptions, Attach. C (Agency Post-Hearing Brief) at 5. The Authority will not find an award deficient as based on a nonfact where the alleged nonfact was disputed by the parties at the hearing. Lowry, 48 FLRA at 594. Accordingly, we find that the award is not based on a nonfact.
The Agency's exceptions are denied.
Footnote * for 61 FLRA No. 58 - Authority's Decision
Chairman Cabaniss agrees with the above and further notes that the challenged finding reflects the Arbitrator's conclusion that a lesser penalty should be imposed, and not what misconduct took place. In that respect, as the grievant didn't know the NUMIDENT database existed, the Arbitrator found that she could not "knowingly" have allowed the improper access to it to have occurred.