ECtHR: Monitoring of employee s s breached right to privacy

Similar documents
In the news. Mock Employment Tribunal. When Where Price (inclusive of VAT)

FINAL NOTICE. i. imposes on Peter Thomas Carron ( Mr Carron ) a financial penalty of 300,000; and

Equality Act Briefing Note Q & A

Employer Access to Instant Messaging Barbulescu Revisited by the ECHR

FIRST-TIER TRIBUNAL ASYLUM SUPPORT

IN THE COURT OF COMMON PLEAS CUYAHOGA COUNTY, OHIO

European Employment Law Briefing

EUROPEAN COURT OF HUMAN RIGHTS. Press release issued by the Registrar

Short notes on: DOUBLE JEOPARDY - WHEN WILL COURTS DISREGARD THIS RULE. Introduction

Short notes on: DOUBLE JEOPARDY - WHEN WILL COURTS DISREGARD THIS RULE. Introduction

HEARING DISCIPLINARY COMMITTEE OF THE ASSOCIATION OF CHARTERED CERTIFIED ACCOUNTANTS

Disability and sickness absence

Discrimination under the Equality Act 2010

Takeovers and Mergers Panel Disciplinary Decision -- South East Group Limited (formerly Benelux International Limited)

Law relating to the Stock Exchange

WHISTLE BLOWER POLICY

Approved by the Trust: Term

WORKPLACE VIOLENCE AND HARASSMENT POLICY

INTERNATIONAL SOS. Data Protection Policy. Version 1.8

(Updated and Effective as of April 24, 2012)

WHISTLEBLOWER POLICY

Welsh Triathlon. Whistle Blowing Policy

EMPLOYEE PRIVACY STATEMENT

Ward Hadaway Guest WiFi. Password: F1rew0rk$ Employment Update. Thursday, 13 September Newcastle Leeds Manchester

Complaint Number EM /31/89-DN DECISION AND ORDER. Complainant Mary J. Fernino ("Complainant") filed a verified

BETWEEN DECISION. The names and identifying details of the parties in this decision have been changed.

Respondent (the Commissioner) made under case number GAJB ,

2003 Collection and Assessment of Fines and Penalties

INSIDER TRADING POLICY

Saint Louis University Notice of Privacy Practices Effective Date: April 14, 2003 Amended: September 22, 2013

STURM, RUGER & COMPANY, INC. CODE OF BUSINESS CONDUCT AND ETHICS

INSURANCE AND FINANCIAL RISK NEWS

Commercial legal expenses. Summary of Cover AXA Business Insurance

SEC's Friendly Fire Against CCOs And How To Avoid It

CAREER SERVICE BOARD, CITY AND COUNTY OF DENVER, STATE OF COLORADO Appeal No A DECISION AND ORDER

- and - THE COMMISSIONERS FOR HER MAJESTY S REVENUE & CUSTOMS. TRIBUNAL: Judge Peter Kempster Mrs Shameem Akhtar

CANADA GOOSE HOLDINGS INC.

Would you like to receive s with special offers from Carolina Vein Center? yes no

Central Appeals Tribunal

v. STATE BOARD NEW BALTIMORE CITY BOARD OF SCHOOL COMMISSIONERS, Appellee Opinion No OPINION

AMBITIONS ACADEMIES TRUST WHISTLE BLOWING POLICY

Arbitration CAS 2010/A/2139 Kauno Futbolo Ir Beisbolo Klubas v. Fédération Internationale de Football Association (FIFA), award of 26 October 2010

HR Legal Briefing. July 2003

IN THE COMMONWEALTH COURT OF PENNSYLVANIA

2015 ANNUAL COMPLIANCE MEETING

THE LABOUR COURT OF SOUTH AFRICA, JOHANNESBURG SOUTH AFRICAN REVENUE SERVICES

The Panel found Dr Brew s fitness to practise was impaired and determined to erase his name from the Register.

e Services Agreement Disclosures

CALSONICKANSEI NORTH AMERICA, INC. CODE OF CONDUCT (U.S.A.)

prima facie case of contravention of the Personal Data (Privacy) Ordinance, Cap

Employment Update. March Abolition Of Default Retirement Age.

Code of Conduct U.S. Supplemental Requirements

Notice of Privacy Practices

COUR EUROPÉENNE DES DROITS DE L HOMME EUROPEAN COURTOFHUMAN RIGHTS

VIGIL M E C H ANISM AND WHISTLE-BLOWER POLICY

Monash University Policy. Deputy Vice Chancellor, Vice-President (Resources) Deputy Vice Chancellor (Resources) POLICY STATEMENT

Arbitration CAS 2005/A/899 FC Aris Thessaloniki v. FIFA & New Panionios N.F.C., award of 15 July 2005

Skip First Level Navigation Skip All Navigation. Site Map Home Contact Us Careers Calendar Search SEC:

The Fair Debt Collection Practices Act

Risk Oversight Committee

Mr Mustafa was present and represented by Mr Jonathan Goodwin, solicitor advocate.

Christiaan Hendrik Muller. Sharon Gail Yerman DECISION

THE IMMIGRATION ACTS. Promulgated On 22 December 2014 On 8 January Before DEPUTY UPPER TRIBUNAL JUDGE HANBURY. Between

Brexit Essentials: an update on data protection and privacy

Important Facts Regarding Our Practice

NN Group. Whistleblower. Policy. Version 2.3 Date September 2015 Department. Corporate Compliance

UK Employment Law Update September 2015

WHISTLE BLOWER POLICY

Quality Management Compliance with anti-bribery laws. Regulation # Updated: 31/12/17 Authorized by: Tal Bar-Or

LOGMEIN, INC. CODE OF BUSINESS CONDUCT AND ETHICS

Policy on Fraud Reporting

Whistleblowing policy and procedure. Speak up The ICO s whistleblowing policy and procedure

SPARK THERAPEUTICS, INC. CODE OF BUSINESS CONDUCT AND ETHICS

IN THE COMMONWEALTH COURT OF PENNSYLVANIA

Whistleblowers Protection Act 2001 Policy and Procedures ABN

New Provision in the 2 nd Edition of the BSB Handbook (New Text in Bold)

Barrett Spinal Care, PC 441 S Muskogee Ave. Tahlequah, OK Notice of Patient Privacy Policy

Part 6: Participant Records, Recertification, Exit Procedure and Termination

THE IMMIGRATION ACTS. Before UPPER TRIBUNAL JUDGE LATTER. Between ENTRY CLEARANCE OFFICER, MUSCAT. And

The Contractual Relationship between the Romanian Bureau and its Approved Correspondent

IN THE COURT OF APPEALS OF OHIO SIXTH APPELLATE DISTRICT WILLIAMS COUNTY. Court of Appeals No. WM Appellee Trial Court No.

THE IMMIGRATION ACT. Before DEPUTY UPPER TRIBUNAL JUDGE MCCLURE

SBI Canada Bank Privacy Policy

1.1 The complaint concerns the withholding of the complainant s withdrawal benefit.

ASA Board Message. The Cost of Achmea

PRIVACY POLICY (WEBSITE STATEMENT)

IN THE MATTER OF THE SECURITIES ACT, RSO 1990, c S.5 - AND -

In the Matter of James Reid Docket No (Merit System Board, decided January 17, 2007)

Arbitration CAS 2007/A/1367 FC Metallurg v. Leo Lerinc, award of 14 May Panel: Mr Otto de Witt Wijnen (the Netherlands), Sole Arbitrator

KBS REAL ESTATE INVESTMENT TRUST, INC. CODE OF CONDUCT AND ETHICS

2003 American Medical Association All Rights Reserved

MEC FOR HEALTH (GAUTENG) APPLICANT

v. STATE BOARD BOARD OF LIBRARY TRUSTEES OF BALTIMORE COUNTY, Appellee Opinion No OPINION

If you have any questions about this Notice please contact Eranga Cardiology.

In the Matter of Dumis Barreau, Judiciary, Vicinage 5, Essex County CSC Docket No (Civil Service Commission, decided February 24, 2010)

SECURITY SAFEGUARD BREACH GUIDE

THE IMMIGRATION ACTS. 19 November February Before MR C M G OCKELTON, VICE PRESIDENT UPPER TRIBUNAL JUDGE DEANS.

WHISTLE BLOWER POLICY

RIDERS AGENT REGULATIONS (version on )

IN THE LABOUR APPEAL COURT OF SOUTH AFRICA, JOHANNESBURG MEC FOR EDUCATION (NORTH WEST PROVINCIAL

Transcription:

ECtHR: Monitoring of employee s emails breached right to privacy September 2017 An employer s monitoring of an employee s work emails amounted to a violation of Article 8 (right to respect for private and family life, the home and correspondence) of the European Convention on Human Rights (ECHR), according to a recent judgment of the Grand Chamber of the European Court of Human Rights (ECtHR). It overturned a previous decision that the employer s actions did not violate Article 8 (Bărbulescu v Romania). Workplace communications B was employed by a Romanian company (S) as an engineer in charge of sales. At S s request, B created a Yahoo Messenger account for the purpose of responding to clients enquiries. On 3 rd July 2007, S informed its employees that one employee had been dismissed after she had privately used the internet. Monitoring S decided to monitor B s Yahoo accounts between 5 th and 12 th July. It found that B had been using the Yahoo Messenger account for personal purposes, to send messages to his fiancée and his brother. B denied using the account for personal purposes and S therefore presented him with a 45 page transcript of his personal emails, which related to intimate subjects including B s health and sex life. Dismissal and claim On 1 st August S terminated B s employment contract for breach of S s internal regulations that prohibited the use of company resources for personal purposes. B unsuccessfully challenged his dismissal before the Romanian courts, which found that S had complied with the relevant dismissal proceedings, had been entitled to set rules for the use of the internet, and had informed B of those rules. Privacy complaint B appealed to the ECtHR, arguing that S s decision to terminate his contract after monitoring his electronic communications and accessing their contents was in breach of his privacy, and that the Romanian courts had failed to protect his right to respect for his private life and correspondence under Article 8 EHRC. In its initial judgment, the ECtHR held that there had been no violation of Article 8 ECHR, and that the domestic courts had struck a fair balance between B s Article 8 rights and S s interests. Privacy at work The Grand Chamber of the ECtHR allowed B s appeal. It confirmed that, although it was

questionable to what extent B could have had a reasonable expectation of privacy, in view of S s restrictive regulations on internet use (of which he had been informed), an employer s instructions could not reduce private social life in the workplace to zero. The right to respect for private life and for the privacy of correspondence continued to exist, even if these might be restricted in so far as necessary. Balance not struck The ECtHR found that the Romanian courts had not struck the right balance between B s right to respect for his private life, and S s right to take measures in order to ensure the smooth running of the company. It noted in particular the following points: B had not been informed in advance of the extent and nature of the monitoring, or the possibility that S might have access to the actual contents of his messages. The ECtHR confirmed that, in order to qualify as prior notice, the warning from an employer had to be given before the monitoring was initiated, especially where it entailed accessing the contents of employees communications. In this case, employees were simply told, shortly before B s disciplinary sanction, that one of their colleagues had been dismissed for using the internet for personal purposes. In addition, the degree of intrusion into B s privacy was significant, since S had recorded all of B s communications during the monitoring period in real time and had printed out their contents. The Romanian court had failed to determine whether there had been any legitimate reasons justifying the monitoring. It had referred to the need to avoid S s IT systems being damaged, or liability being incurred by S in the event of illegal activities online. However, these examples could only be seen as theoretical, since there was no suggestion that B had actually exposed S to any of those risks. Further, the Romanian court had also not sufficiently examined whether the aim pursued by S could have been achieved by less intrusive methods than accessing the contents of B s communications. It had also not considered the seriousness of the consequences of the monitoring and the subsequent disciplinary proceedings, namely the fact that S had received the most severe disciplinary sanction. Implications for UK employers This judgment should not require a step change in how UK employers approach monitoring of employee communications. Many of the points made by the ECtHR in terms of advance notification of monitoring and the limitations on monitoring already apply in the UK, whether under the Data Protection Act 1998, the Regulation of Investigatory Powers Act 2000 or the Information Commissioner s Employment Practices Code. These principles are maintained under the General Data Protection Regulation (GDPR), which imposes strict notification requirements which employers must comply with before processing employee data. For further details, see our briefing: What do employers in the UK need to know about the new General Data Protection Regulation (GDPR) from an employment perspective?

In practice, this means that: Employers cannot entirely deny any right to privacy for employees using work computer systems, no matter how clear and well-communicated the policy is. Employers must therefore ensure that they approach any monitoring of employee s communications with care, having a clear business rationale for doing so, and carrying it out in a reasonable manner. Any monitoring should be limited (in time and scope) to what is strictly necessary, and carried out in accordance with the employer s policy. The policy must be notified to employees in advance of the monitoring taking place. The policy should make it clear when or if personal use of the employer s communication systems may be permitted. It should also (if appropriate) make it clear that the contents of communications may be viewed. This article was written by Rebecca Cousin and Charles Cameron. Slaughter and May advises on all aspects of data protection and privacy, including GDPR compliance audits. If you would like further information, please contact Rebecca or your usual Slaughter and May advisor. Further publications are available on our website. Rebecca Cousin T +44 (0)20 7090 3049 E rebecca.cousin@slaughterandmay.com Charles Cameron T +44 (0)20 7090 5086 E charles.cameron@slaughterandmay.com Slaughter and May 2017 This material is for general information only and is not intended to provide legal advice.

Dated September 2017 547107937

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback