In Barbulescu v. Romania the European Court of Human Rights (ECHR) held that it is not unlawful for the employer to access employees' communications to check they have been working. The case concerned a Romanian engineer who had been dismissed for breaching the company's policy on the use of company equipment for personal use. The company had accessed the employee's Yahoo messenger account and found that he had been communicating with his brother and fiancée as well as professional contacts. The employee contested the dismissal arguing that the company had breached his Article 8 Convention right to privacy. The ECHR found that the company's access was limited in scope and proportionate. However, the judgment contained a note of caution against "unfettered snooping" and advises employers to ensure that
- policies on employees' internet and electronic communication usage inside and outside working hours are clear;
- policies are explicitly communicated to employees;
- policies make clear how personal data is used, stored and accessed.
In light of this case, it is worth you checking your electronic communications and data protection policies, to ensure they are clear on the company's right to monitor and access employee usage. The employer in this case was able to demonstrate that all employees had been made aware of the relevant company policies. This is a crucial additional step to having the correct policy in place which is often overlooked.