1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Monitoring employees’ communications

The European Court of Human Rights has ruled that the Claimant's Article 8 right to privacy was breached when his employers investigated his private messages. This is notwithstanding the fact that the employer's policies clearly set out that personal use of its computer systems was prohibited.
Read more »
Monitoring employees’ communications

GDPR: time to start thinking about the new rules coming into force from 2018

The EU's General Data Protection Regulations (GDPR) will apply in the UK from 25 May next year. With increasingly tighter requirements around how employers must maintain and process personal data, and with the number of fines issued for breaches of UK data protection laws on the increase, many employers are already looking to employ permanent staff dedicated to ensure compliance with the new rules.
Read more »
GDPR: time to start thinking about the new rules coming into force from 2018

Insight: UK Employment Law Round-up – June 2016

In this issue we look into the implications of misusing data in the employment context. In particular, we utline recent ICO prosecutions of employees for unlawfully obtaining data. We also look at a decision involving interim relief and an order for the deletion of data.

UK Employment Law Round-up – June 2016In our case law review we also analyse the Advocate General’s view on a ban on wearing a headscarf at work and whether that is discriminatory under the European Directive.

For those concerned about issues involving working time, there is a helpful clarification about injury to feelings awards in the context of Working Time Regulations claims.

There are also some indications of future legislative changes in relation to the National Minimum Wage and increasing the representation of black and minority ethnic workers in the workplace.

Read the full newsletter here.

Insight: UK Employment Law Round-up – June 2016

Data protection: consent and the employment contract

The European Parliament has now passed the new General Data Protection Regulation. This will come into effect in 2018. The Regulation does make some changes to the law currently implemented by the Data Protection Act, which employers need to be aware of. In particular, the Regulation sets out tighter requirements for obtaining consent from employees to processing their personal data.

The current law requires that this consent must be “freely given, informed, and specific”. Under the new Regulation it must also be “explicit”. In addition, it states that where consent is given in a written document which also concerns other matters, it must be presented in a manner which is clearly distinguishable from those other matters.

This will have implications for employers who seek to obtain consent to data processing in the employment contract, as is often the case. Applying the Regulation, this would not be sufficient. This can probably be dealt with by asking staff to sign a separate document consenting to the processing of their data (in the same way that Working Time Regulation opt-outs are usually signed now). Employers will need to be careful of the wording of the consent forms to ensure that consent is freely given. They should also make sure that employees know exactly what they are consenting to.

Data protection: consent and the employment contract

A Snooper’s Charter?

Much has been made in the UK press of the European Court of Human Rights (ECtHR) decision in the case of Barbulescu v Romania – 61496/08 [2016] ECHR 61. Some have declared a ‘snooper’s charter’ and suggested that this is just another case of Europe infringing on the right to privacy of British citizens. However, in reality, the decision is likely to have limited impact on how employers monitor their employees in the UK.

The case had a rather unusual set of facts and concerned the monitoring of a Yahoo Messenger account which was set up by the Claimant to deal with client enquiries. The employer had strict policies in place strictly prohibiting any personal use whatsoever of its computers, internet or telephones. The Claimant was dismissed for breaching the policies, following an investigation which involved the employer monitoring the Claimant’s online communications.

The Claimant initially brought an action in the Romanian courts to challenge his dismissal but this was unsuccessful. He therefore brought a claim against the Romanian government in the ECtHR, principally on the grounds that it had failed to protect his rights to privacy and correspondence under Article 8.

Whilst the European Court of Human Rights held that his Article 8 rights had been engaged, it dismissed the case on the grounds that the interference had been proportionate.

In the UK, most employers allow, or at least tolerate, some personal internet and telephone usage at work and as such the case has limited impact. However, it highlights the need for employers to have in place full and effective social media and IT policies, and to consider carefully the concept of proportionality in the context of monitoring. Employers must also consider their obligations under the Data Protection Act 1998, as monitoring will involve the processing of personal data.

A Snooper’s Charter?

Insight: UK Employment Law Round-up – January 2016

UK Employment Newsletter 3DCover In this edition we will be taking a look at the issues that are likely to be affecting employers in 2016, starting with a round-up of the cases to watch out for which will affect redundancy consultation processes, the extent of whistleblower protections and what might be expected of data controllers when complying with subject access requests. There are, of course, many other cases coming before the appellate courts this year which will shape the ever-changing employment law landscape in 2016.

Read the full newsletter here.

Insight: UK Employment Law Round-up – January 2016

Insight: Vicarious liability and the dangerous repercussions of a rogue employee

Imagine the scenario: you have a disgruntled employee who decides to leak details about your staff on to the internet. You then receive a High Court claim from your staff because of this employee’s action. Can your staff really bring a claim against your business? The company did not leak the data, the employee did.

This is the situation that supermarket chain Morrisons now faces in the High Court, in what we are sure will be a hotly contested case. Andrew Skelton, a senior auditor at Morrisons, was disciplined for using the post room to send out personal packages. On March 14, 2014, Skelton (seemingly in an act of revenge) published online and sent a local newspaper personal data relating to 99,998 Morrisons staff. This information included bank account details and National Insurance numbers. Skelton was jailed for eight years in July 2015 for his actions.

On October 26, 2015, Senior Master Barbara Fontaine at the High Court (Queen’s Bench Division) allowed affected staff to pursue a group claim against Morrisons. At the moment, we understand that nearly 2,000 staff are part of this action but the Senior Master has stayed the proceedings for a four-month period to allow other affected employees to join the claim.

Read the full article here.

Insight: Vicarious liability and the dangerous repercussions of a rogue employee