Do employees really have the green light to snoop on employees private e mails and messages following European ruling?


‘WARNING: Your boss can now read EVERY Facebook and WhatsApp message you send at Work’   The Daily Express

‘Your boss now has the right to snoop on your private online messages’   The Metro

‘Bosses can snoop on workers’ private emails and messages, European court rules’  The Telegraph

In a decision by the European Court of Human Rights (ECHR) that has led to sensationalist news headlines in certain sections of the media, they have ruled that a company reading an employee’s Yahoo Messenger chats sent during work time was within its rights.

Not surprisingly the headlines that have greeted this decision like the ones above have caused a certain degree of alarm and consternation amongst employees in member states. On closer examination though, the decision does not give employers the right to snoop on their employees with quite the level of impunity the media have suggested?

What is the background to this case?

The judges said that the employee – in Romania – who was sending private messages to his fiancée and brother from his work computer when he supposed to be working and had breached the company’s rules and that they were therefore entitled to check his activities as a result of which he was eventually dismissed.

The decision, handed down at the start of the week, binds all countries that have ratified the European Convention on Human Rights, and this includes the UK,

The facts in the case go back to 2007. The engineer, a man called Bogdan Barbulescu, had been using a Yahoo Messenger set up for work as well as a second private one to chat with his family as well as professional contacts, and had asked the ECHR to rule that the company had breached his right to a private life by accessing and reading a log of his messages.

Crucially in the case the messages were sent from a work messaging account, Mr Barbulescu’s employer had a policy in place banning its staff from sending personal messages at work and had given him prior warning that the company could check his messages.

In July 2007, the employer informed him that his communications had been monitored, presenting him with a 45-page transcript of his messages, including exchanges with his fiancée and his brother.

He was dismissed for breaching the company’s e mail and internet policy, which clearly stated that it was strictly forbidden ‘to use computers, photocopiers, telephones, telex and fax machines for personal purposes’

What did the judges actually say?

It is important to note that whilst the case included claims in relation to both the work and private messaging account, the judges restricted their decision to discussing the work account.

They ruled the employer could monitor the messages because it believed it was accessing a work account.

The ECHR said that it was not unreasonable for an employer to want to verify their employees were completing their professional tasks during working hours.

The judges also stated the employer acted within its disciplinary powers since, as the domestic courts found, it had accessed the work Yahoo Messenger account on the assumption that the information in question had been related to professional activities and that such access had therefore been legitimate.

At the same time though the ECHR also made clear in its judgment that it was not acceptable to carry out unregulated snooping of staff’s private messages.

Employers needed to draw up policies to define the scope of the information they intended to collect and their method for doing so.

The judgment went on to state that If the employer’s internet monitoring breaches its own internal data protection policy or the relevant law or collective agreement, it may still entitle the employee to terminate his or her employment and claim constructive dismissal, in addition to pecuniary and non-pecuniary damages.

What does the case mean for employers and employees?

Contrary to the somewhat alarmist impression given in some sections of the media, the ECHR’s decision does not effectively give employers carte blanche to access and read employees’ private messages sent at work. Employers still need to proceed with caution.

The employer in this case had a clear, absolute ban in place clearly defined in its e mail and internet policy forbidding its employees from using its IT systems for personal messaging whilst working. The employee in question denied doing so.

In order to investigate whether the employee was in breach of this policy the court ruled it had to follow that to check his activities it was entitled to access his work messaging account and records.

An employer would therefore need a similar policy in place with clearly defined rules prohibiting its employees from using their IT resources for private messaging to be able to justify accessing and reading individual employees private messages sent via its IT systems.

Many UK employers have in place e mail and internet policies that allow, or at least tolerate, some level of personal email use at work (for example during work breaks).

An employee may have a claim for breach of contract, and/or constructive dismissal, not to mention the UK’s existing raft of data protection and electronic communications privacy statutory rules and legislation therefore without having suitable provisions also in place allowing the employer  to monitor private messages sent using its IT systems  together with providing reasons for the precise purpose for doing so.

Employers ought to ensure they have notified their employees individually that they have a policy in place at the start of their employment whereby their online activity may be monitored and that the content of this policy is properly communicated to them. Employees should be asked to indicate that they have read the policy and accepted its terms. Employers ought to be sent reminders about the policy and notified of any changes.

iLaw specialist employment lawyers

Given this is a fast changing area of law it is important to ensure your business has appropriate e mail and internet policies in place and they are reviewed on a regular basis so as to avoid unanticipated liabilities.

Here at iLaw we specialise in drafting and reviewing employment policies and procedures. Call Julian Cox, Head of Employment at iLaw on 0207 117 4737 or email to discuss your employment and HR requirements.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s