Landmark Ruling in Employee Data Privacy Case

by securedatamgt | 17 Feb 2016

Data Protection Word Cloud

The European Court of Human Rights recently presided over a landmark case that has changed the rules when it comes to employee data privacy in the workplace. The matter was brought to the court in Strasbourg after an employee in Romania believed he was unjustly sacked in 2007.

The employee was dismissed after his private messages had been read by his employer. The employee’s Yahoo Chat messengers were intercepted after their employer suspected that this account, which was intended for professional purposes only, was being used for personal messages also. The employee had spoken to both his fiancée and brother using this Yahoo Chat account.

The Romanian employee, an engineer, had already had his case dismissed by Romanian courts before appealing to ECHR. The employer had told his employees that personal messages should not be sent during work hours and had warned that he was able to retrieve staff messages if necessary. The individual in question, Bogdan Mihai Barbulescu, had been asked by his employer to set up a Yahoo account specifically for communicating with clients. With all these facts considered only one of the judges presiding over the case was opposed to the final verdict, stating that employers must make their rules regarding internet usage clear to employees.

The case has sparked criticism from those concerned with employee data privacy rights, which many contend are gradually being eroded in the digital age. Some evidence provided during the courts’ deliberations, such as the transcript of the employees’ personal messages, has caused concern.

The decision is significant for all European countries that have signed up to the European Convention on Human Rights, which includes Britain. The ruling will set a precedent for other cases across Europe of a similar nature. For employees in the UK this means that popular messenger services such as Whatsapp could be monitored by employers.

However, before any panic sets in there are some important details that weakened the employee’s defence. First of all, the employee was using a device that belonged to the firm he worked for. Secondly, he messaged during working hours using this device. Employees often communicate with loved ones throughout the working day, in most instances out of necessity, and employers often permit this within reason. However whilst most employers do respect this right such communication is expected to take place on that employee’s own device.

The court was careful to highlight that an employer must have ample reason before delving through an employee’s communications. In this instance Barbulescu’s employer looked at the Yahoo messages in the expectation of seeing professional communications only. Importantly, the employer did not look at any other content on the employee’s work device. Employers are not permitted to knowingly look at an employee’s personal messages.

There is another reason though that employee’s shouldn’t be too worried about this latest showdown at the ECHR. Employers know that if they are caught snooping on employees, or are even are suspected of doing so, mistrust and resentment will result. What’s more, lawyers have warned that employers need to be vigilant in checking the UK’s legal restrictions first before assuming that they have right to monitor their employee’s communications. Not doing so risks involving themselves on the losing side of a costly legal battle.

For a harmonious workplace it is in the best interests of both employees and employers that transparency is promoted in all matters relating to data privacy. There are enough cyber criminals and other threats to employee’s data privacy without employers also wading in.