Right to Privacy
Privacy is a basic human right. It is acknowledged by the Constitution and by the European Convention on Human Rights. Common law and statutory principles require in general that the employee’s privacy must be respected except in so far as its limitation is strictly necessary for the employer’s legitimate purposes.
The right to privacy is not abandoned or waived completely in the workplace. To the extent that the employee has a reasonable and legitimate expectation of privacy, his rights are retained. In order for monitoring to be compatible with the employee’s rights, they should be communicated or be foreseeable and apparent.
The Data Protection Act applies generally to the holding and use of information relating to a living individual. It grants significant rights to the person concerned and creates significant obligations for the business or person which holds or use his data. It has far reaching consequences in the context of the employment relationship.
The privacy issues that arise in employment will depend on the nature of the business. In recent years, the internet, intranets systems and e-mail have raised significant issues in relation to employees’ privacy. The last 15 years have seen a blurring of lines between the workplace and home, with mobile technology, laptops, and access to workplace systems and files over the Internet.
Working from home has increased. This raises considerations in relation to the inviolability of the dwelling house. The courts in recent years have adopted stricter standards of protection of the inviolability of the dwelling house in other contexts
An important consideration is that an employee may make his employer vicariously liable for his civil wrongs. The employer may be liable notwithstanding that the action is outside the scope of what the employer permits. If the acts are in the course of the employment, linked with or in furtherance of it, then notwithstanding that the employer would not or did not approve of the conduct concerned, it is likely to be held vicariously liable.
Privacy and employment.
Employees do not automatically abandon or waive their right to privacy and their data protection rights in employment. The rights are limited in accordance with the needs of the employer’s business. Although employment may inherently limit privacy, an employer cannot limit or interfere with the employee’s privacy in the course of employment, other than to the extent that it is objectively necessary for a legitimate reason.
The rights of the employee and his expectations must be balanced with the legitimate rights and interest of the employer. The employer is entitled to manage the business efficiently and protect itself from liability and other legal risks. Nonetheless, employees retain a legitimate expectation of a certain degree of privacy in the workplace.
Mutual Trust of Confidence
Employers and employees owe each other mutual obligations of trust and confidence. Each must maintain the trust and confidence that must necessarily underpin an employment relationship. This reflects the general obligations of parties to contracts which require cooperative interaction.
Neither party may without reasonable and proper cause, conduct himself in a manner which is calculated or is likely to destroy or seriously damage the relationship of confidence and trust between them. Breach of the duty is considered from an objective perspective. The intentions and motives of the parties are not necessarily the primary consideration.
The employer’s duty of trust and confidence requires that the employee to be treated with dignity and respect. Any intrusion upon the employee’s privacy must be such as to be compatible with this mutual duty.
Legitimate Interests 1
The employer has several important interests which may justify a limitation the employee’s privacy. The extent to which the interest is critical and leaves no other means of protection determines the extent to which an employer may interfere with the employer’s privacy.
The employer has a legitimate interest in employment performance. However, this will rarely justify intense scrutiny and monitoring. Where alternative methods of management and measurement are available, thy will usually be deemed sufficient, and nothing further is justifiable.
An employer has an interest in complying with its legal obligations and of avoiding liability to third parties. An employee may make his employer vicariously liable for his civil wrongs. The employer may be liable even if the employee acts outside the scope of what the employer permits. There are numerous legal risks and obligations which may arise. Some are sector specific.
Legitimate Interest 2
An employer has a legitimate interest in its business reputation. Employers have a legitimate interest in the protection of their intellectual property, which may be the product of significant investment. Information may be valuable and a key business asset.
An employee may incur liability for the employer by defaming another. An employer may incur liability for breach of a third party’s copyright and intellectual property if infringing copies or downloads enter its systems.
Protection from computer viruses is necessary to preserve the integrity of the IT system. The employer may owe duties to third parties in relation to data processing and control.
In some sectors, it may be legitimate to record conversations, such as in the financial service sectors, where confirmation of contract terms and important communications may be required. The recording of conversations should be limited to where it is strictly necessary.
Serious criminal offences may be committed through the dissemination of messages. Any dissemination or production of child pornography is a very serious criminal offence. The employee has a legitimate interest in avoiding criminal liability. There is a general public interest in the suppression of crime.
The Data Protection Act requires that personal data must be appropriately secured. This includes the employee’s personal data. This may require restricted access, the locking of manual files and the encryption and passwording of electronic files.
Data protection legislation gives significant rights to persons whose personal data or information is held by another in electronic or manual form. Personal data is this context, is information relating to a living individual who can be identified from it or from other data and information in possession of the person controlling the data. Data protection is dealt with in detail in another module.
There are general principles in relation to holding and processing personal data which have the force of law. The data protection principles must be complied with by employers in respect of all of the employee’s personal data or information.
The employee’s data must be secured and kept secure. The employer must take steps to ensure that data is secured and cannot be accessed by any person other than where strictly required. This requires that electronic data be sufficiently encrypted. It requires physical security for other data.
Data must be kept only for specified and lawful purposes. It must be accurate. Personal employee data must be a used (or “processed” in the language of the legislation) fairly. This requires that that the consent of the employee must be obtained to its use or that it is absolutely necessary. The consent must be free given A general statement / clause contained in an employment contract may not suffice as the consent must be freely and fairly given.
Alternatively (to express consent), the holding and processing of the information must be absolutely necessary for a legitimate purpose. The processing and use must be no more that strictly necessary for that purpose. The necessity must arise from the nature of the employment and must be required for the employer’s legitimate objectively justifiable needs.
Under data protection legislation, the employee has a right to copies of personal data and information held in relation to him for use by his employer. He may require the correction of information and the removal of information which is held in breach of the data protections principles.
The parameters of these rights are not fully defined The EU’s working party recognised there might be difficulties in granting access to employee’s evaluation data. Employees may have the right to this information even if it involves a subjective appraisal and assessment of the employee.
The European Court of Human Rights (ECHR) in Bărbulescu v. Romania held there had been a violation of Article 8 of the European Convention on Human Rights, where an employer monitored and accessed personal emails sent by an employee during work hours from his Yahoo Messenger account, using a company computer, without notifying the employee in advance of such monitoring. This is binding on States only.
References and Sources
Employment Law Meenan 2014 Ch.24
Employment Law Supplement Meenan 2016
Employment Law Regan & Murphy 2009 ( 2nd Ed 2017) Ch. 13
Employment Law in Ireland Cox & Ryan 2009 Ch 15
Practical Guide to Data Protection Law in Ireland 2003 A& L Goodbody
Data Protection: a Practical Guide to Irish & EU Law 2010 Carey
Privacy & Data Protection Law in Ireland 2015 2nd Ed Kelleher
Data Protection Law in Ireland: Sources & Issues 2016 2nd Ed Lamber
Other Irish Books
Employment Law Forde & Byrne 2009
Principles of Irish Employment Law Daly & Doherty 2010
Data Protection Act 1988
Data Protection (Amendment) Act 2003
Dismissal & Redundancy Consolidated Legislation Barrett, G 2007
Irish Employment legislation (Looseleaf) Kerr 1999-
Employment Rights Legislation (IEL offprint) Kerr 2006
Textbook on Employment Law, Honeyball, et al. 13th Ed. 2014
Labour Law, Deakin and Morris 5th Ed. 2012
Employment Law, Smith and Wood 13th Ed 2017
Selwyn’s law of Employment Emir A 19 Ed. 2016
Employment law : the essentials. Lewis D Sargeant M and Schwab M 11 Ed.2011
Labour Law Collins H, Ewing K D and McColgan 2012
Industrial relations law reports. (IRLR): Law Section,
Employment law Benny R Jefferson M and Sargent 5th Ed. 2012
Pitt’s Employment Law 10th Ed. Gwyneth Pitt 2016
CLP Legal Practice Guides: Employment Law 2016 Gillian Phillips, Karen Scott
Cases and Materials on Employment Law 10th Ed. Richard Painter, Ann E. M. Holmes 2015
Blackstone’s Statutes on Employment Law 2015 – 2016 Richard Kidner
Drafting Employment Contracts 3rd Ed. Gillian Howard 2017
The Contract of Employment Edited by Mark Freedland, Alan Bogg, David Cabrelli, Hugh Collins, Nicola Countouris, A.C.L. Davies, Simon Deakin, Jeremias Prassl 2016
UK Practitioner Services
Tolley’s Employment Handbook 2017 Mrs Justice Slade 2017
Butterworths Employment Law Handbook 2017 Peter Wallington 2017
Blackstone’s Employment Law Practice 2017 Edited by Gavin Mansfield, John Bowers, John Macmillan 2017