the Irish for rights

Workplace surveillance, conditions of employment, and privacy

Surveillance widgets, by Chris Slane

The Hawthorne effect is alive and well, and living in the interstices between private law and privacy law. In particular, I recently saw the following clause in a contract (the names have been changed to protect the innocent, the guilty, bystanders, and anyone else involved ):

The employer’s workplaces are subject to overt workplace surveillance. You agree that you consent to this surveillance which is primarily to ensure the safety and security of the employer’s workplaces and the appropriate use of the employer’s resources. The overt surveillance is in the form of computer, internet usage and camera surveillance and is of an ongoing and continuous nature, in accordance with the employer’s relevant policies as amended from time to time.

This surveillance is carried out by all means available to the employer, which may include accessing your email account; accessing your files; accessing your computer or other electronic devices and recording internet usage by you including remote access internet usage and accessing those records.

The Citizens Information website has a lot of information on the legitimate scope of surveillance in the workplace, and the Data Protection Commissioner has issued Guidance Notes on the Monitoring of Staff, which emphasises that

monitoring, including employees’ email or internet usage, surveillance by camera, video cameras or location data must comply with the transparency requirements of data protection law. Staff must be informed of the existence of the surveillance, and also the purposes for which personal data are to be processed. If CCTV cameras are in operation, and public access is allowed, a notice to that effect should be displayed. Any monitoring must be carried out in the least intrusive way possible. Only in exceptional circumstances associated with a criminal investigation, and in consultation with the Gardai, should resort be made to covert surveillance.

The leading case is probably Barbulescu v Romania 61496/08 [2016] ECHR 61 (12 January 2016), in which the European Court of Human Rights held that there had been no violation of Article 8 when the applicant had been dismissed by his employer, a private company, for having used the company’s internet facilities for personal purposes during working hours in breach of internal regulations. The employer had monitored the applicant’s Yahoo Messenger communications, so the Court held that the applicant’s Article 8 rights relating to his “private life” and “correspondence” had been engaged, but that they had not been infringed:

56. The Court notes that the applicant was able to raise his arguments related to the alleged breach of his private life and correspondence by his employer before the domestic courts. It further notes that they duly examined his arguments and found that the employer had acted in the context of the disciplinary powers provided for by the Labour Code … The domestic courts also found that the applicant had used Yahoo Messenger on the company’s computer and that he had done so during working hours; his disciplinary breach was thus established …

57. In this context, the Court notes that both the County Court and the Court of Appeal attached particular importance to the fact that the employer had accessed the applicant’s Yahoo Messenger account in the belief that it had contained professional messages, since the latter had initially claimed that he had used it in order to advise clients …

59. While it is true that it had not been claimed that the applicant had caused actual damage to his employer … the Court finds that it is not unreasonable for an employer to want to verify that the employees are completing their professional tasks during working hours.

60. In addition, the Court notes that it appears that the communications on his Yahoo Messenger account were examined, but not the other data and documents that were stored on his computer. It therefore finds that the employer’s monitoring was limited in scope and proportionate …

Update (8 June 2016): Colin Foote, writing on Irish Legal News, reminds employers that covert surveillance will breach employees’ right to privacy if there is a reasonable expectation of privacy, and that employers must also comply with laws relating to data protection:

The Employment Practices Data Protection Code issued by the Information Commissioner [available here] provides guidance on monitoring employees and states that action should only be carried out if there are grounds to suspect criminal activity or serious malpractice. It also states that an employer would not be justified in carrying out monitoring where workers have a genuine and reasonable expectation of privacy, such as in workplace changing rooms or lavatories or at home. The code recommends that covert monitoring should only happen in extreme cases, for clearly targeted purposes, and only for a limited period of time. …

It is also advisable to have a clear policy on monitoring and employees should be made aware of its contents. A policy should set out why monitoring may take place, the nature of the monitoring, when information about employees is likely to be obtained, how it will be used and who will have access to it.

Leave a Reply



Me in a hatHi there! Thanks for dropping by. I'm Eoin O'Dell, and this is my blog: Cearta.ie - the Irish for rights.

"Cearta" really is the Irish word for rights, so the title provides a good sense of the scope of this blog.

In general, I write here about private law, free speech, and cyber law; and, in particular, I write about Irish law and education policy.

Academic links


  • RSS Feed
  • RSS Feed
  • Subscribe via Email
  • Twitter
  • LinkedIn

Archives by month

Categories by topic

My recent tweets

Blogroll (or, really, a non-blogroll)

What I'd like for here is a simple widget that takes the list of feeds from my existing RSS reader and displays it here as a blogroll. Nothing fancy. I'd love a recommendation, if you have one.

I had built a blogroll here on my Google Reader RSS subscriptions. Google Reader produced a line of html for each RSS subscription category, each of which I pasted here. So I had a list of my subscriptions as my blogroll, organised by category, which updated whenever I edited Google Reader. Easy peasy. However, with the sad and unnecessary demise of that product, so also went this blogroll. Please take a moment to mourn Google Reader. If there's an RSS reader which provides a line of html for the list of subscriptions, or for each RSS subscription category as Google Reader did, I'd happily use that. So, as I've already begged, I'd love a recommendation, if you have one.

Meanwhile, please bear with me until I find a new RSS+Blogroll solution




Creative Commons License

This blog is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. I am happy for you to reuse and adapt my content, provided that you attribute it to me, and do not use it commercially. Thanks. Eoin

Credit where it’s due

The image in the banner above is a detail from a photograph of the front of Trinity College Dublin night taken by Melanie May.

Others whose technical advice and help have proven invaluable in keeping this show on the road include Dermot Frost, Karlin Lillington, Daithí Mac Síthigh, and Antoin Ó Lachtnáin.

Thanks to Blacknight for hosting.