In the recent landmark case of Bărbulescu v Romania, the European Court of Human Rights held that there was no violation of Article 8 of the European Convention on Human Rights (the right to respect for private and family life, the home and correspondence) when an employee had been dismissed for using the company’s internet for personal purposes during working hours.
The court found the monitoring of the employees personal communications was in accordance with the workplace’s rules and regulations. By complying with the workplace’s Labour Code provisions on disciplinary proceedings and the employee had been appropriately informed of the employer’s regulations forbidding the use of company property for personal purposes, it was insignificant that employer had engaged with Article 8. Despite the aim of Article 8 being to protect an individual against irrational interference by public bodies, it does not enforce an umbrella obligation by the State to refrain from all such interferences.
We must ourselves whether there is a lawful balance between an employee’s rights to his private life and correspondence and the right of the employer to seek to verify that employees are completing their professional tasks during working hours. By a majority, the ECtHR believed this balance was legitimate in their ruling The decision in Strasbourg binds all countries that have ratified the European Convention on Human Rights and subsequently includes the UK.
Not a blanket ban
However, the judgment made it undoubtedly clear that employers would not be able to carry out unregulated checks on communication devices to protect employees “against unfettered snooping”. Judge Pinto De Albuquerque affirmed that “if the employer’s Internet monitoring breaches the internal data protection policy or the relevant law or collective agreement, it may entitle the employee to terminate his or her employment and claim constructive dismissal, in addition to pecuniary and non-pecuniary damages.”
Gap in the law
Nevertheless it must be noted that the device used was owned by the employer, with the judgment failing to establish whether a similar decision would have been made had the private messages been made on the employee’s personal device.
What must now be done?
This decision highlights the contemporary link between human rights and data privacy, as the issue continues to attract mainstream media attention. Employers must therefore be vigilant that if businesses do not take sufficient precautionary steps to prevent an infringement of rights occurring, claims under human rights law may be expected to rise. A set of stringent policies and regulations must now be established in order to define what information employers can collect and how they may do this.