Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Category Archives: Employment Privacy

Subscribe to Employment Privacy RSS Feed
Posted in Cybersecurity & Data Breaches, Employment Privacy, International/EU Privacy

UK Council Successfully Appeals ICO Fine Arising from Processor Breach

The UK First Tier Tribunal issued a decision on August 21 finding that the Information Commissioner’s Office (ICO) was wrong to impose a £250,000 fine on Scottish Borders Council in relation to an incident where pension records of former Council employees were discovered overflowing from recycling bins outside a local supermarket. The Tribunal held that the contravention, while serious, was not of a kind likely to cause substantial damage or substantial distress, which is a requirement for imposing such a penalty. The decision may have implications for the ICO’s approach to imposing monetary penalties in the future.

Posted in Employment Privacy, International/EU Privacy

Disclosure of Employment Equality Data “Necessary” Under UK Data Protection Act

A Scottish council has been required to provide data indicating whether it pays traditionally “male” jobs more than traditionally “female” roles, after the Supreme Court rejected its argument that Data Protection legislation prevented disclosure. The case provides clarification on what is meant by the requirement that disclosure, and other forms of data processing, be “necessary” for the purposes of a legitimate interest.

Posted in Employment Privacy, International/EU Privacy

French Court Limits the Scope of Employee Data Protection

In a previous post back in 2010, we discussed a then-new data-privacy case decided by the French Cour de Casson (high court), called Bruno B v. Giraud et Migot, Cour de Cassation [Cass.], soc., Paris, 15 Dec. 2009, No. 07-44264. As we said at the time, Bruno B was “a significant development” because, previously, French privacy laws offered an extremely high level of protection for employees’ data, as exemplified by the 2001 decision, Nikon France v. Onof, Cour de Cassation [Cass.], soc., 2 Oct. 2001, No. 4164.

Posted in Employment Privacy, International/EU Privacy

The Spanish Constitutional Court Backs the Possibility of Accessing Private On-Line Conversations of Employees

The Spanish Constitutional Court has ruled against two company employees who claimed an infringement of their privacy right and their right to secrecy of communications, in a recent judgement from 17 December 2012, published in the States’ Official Gazette on 22 January 2013. The Constitutional Courts’ Decision 241/2012 (the “Decision“), is available (in Spanish) here: [...]

Posted in Employment Privacy, International/EU Privacy

New German Act on Employee Data Privacy Likely

Tim Wybitul, who is Of Counsel at Hogan Lovells in Frankfurt, provides this analysis of forthcoming German legislation on employee privacy.  James Denvil, an associate in our Washington office, contributed to the entry. Companies with employees in Germany should pay attention to data privacy legislation that is likely to affect their operations this year.  That [...]

Posted in Consumer Privacy, Employment Privacy

Michigan Becomes Latest State to Enact Social Media Privacy Law

Last week, Michigan enacted a social media privacy law that prohibits employers and educational institutions from requesting access to the personal social media or other internet-based accounts of employees or students.  The new law, known as the Internet Privacy Protection Act, provides that employers or educational institutions (ranging from elementary schools through institutions of higher learning) may not [...]

Posted in Consumer Privacy, Cybersecurity & Data Breaches, Employment Privacy, Health Privacy/HIPAA

What the States Did on Their “Summer Vacation”: Enact New Privacy Laws

This summer, several states have enacted legislation addressing a broad range of privacy issues including data breach notification, health care privacy, employer access to employees’ and applicants’ social networking accounts, the collection of Social Security numbers, and telemarketing. We provide an overview of the recent privacy regulation developments in Vermont, Connecticut, Hawaii, New York, and Illinois.

Posted in Employment Privacy

NLRB’s Newest Report Scrutinizes Social Media Policies and Provides a Sample Lawful Policy

On May 30 the National Labor Relations Board Acting General Counsel Lafe E. Solomon issued his third and latest report on social media cases, providing specific guidance on how to construct a lawful social media policy. In the report, Solomon takes a narrow view of what types of policy provisions are acceptable and instructs, for example, that certain confidentiality provisions, rules against “friending” co-workers, and blanket prohibitions of disparaging remarks are unlawful because they unduly restrict employees’ rights to discuss working conditions and terms and conditions of employment under the National Labor Relations Act.

Posted in Consumer Privacy, Employment Privacy

FTC Fines Data Broker $800,000 for Marketing Consumer Profiles to Employers Without Complying with FCRA

In its first enforcement action under the Fair Credit Reporting Act (“FCRA”) about the sale of data compiled from publicly available online sources in the context of employment screening, the Federal Trade Commission (“FTC”) announced yesterday that it had entered into a $800,000 settlement with an online data broker, Spokeo, for allegedly marketing consumer profiles to employers and recruiters without complying with the requirements of FCRA. In addition, the FTC settled charges that Spokeo violated Section 5 of the FTC Act by posting surreptitious endorsements of its services under the names of others.

Posted in Employment Privacy, International/EU Privacy

French Court of Appeals reject company’s whistleblower system despite CNIL approval

A French Court of Appeals in Caen recently confirmed a lower court’s order for the suspension of a whistleblowing system implemented by French company Benoist Girard, a subsidiary of American group Stryker. The decision comes as a surprise as it rejects the approval of the whistleblower system by French data protection authority (the “CNIL”).

Posted in Employment Privacy

No Expectation of Privacy in Workplace E-mail Leads ABA to Impose Duty on Lawyers to Warn Clients

Employers have a right, and in some cases a duty, to monitor the e-mail communications of their employees that are sent from the employer’s e-mail system. As a general matter, employees have no expectation of privacy in e-mails sent through their workplace system. Since employees who communicate with their personal lawyers through their employer’s e-mail are subject to employer monitoring, the American Bar Association has issued a formal ethics opinion stating that lawyers have a duty to warn such employees that their e-mails may not be confidential.

Posted in Employment Privacy

German Higher Labor Court Permits Employers to Review Employees’ Emails

A decision by the Higher Labor Court of Berlin-Brandenburg Germany allowing an employer the right to access and review work-related email correspondence of an employee during his/her absence from work provides grounds for employers to access employees’ business-related email, even without the employee’s explicit consent, provided that the employer does not interfere with ongoing email traffic and does not access emails which are clearly private.

Posted in Employment Privacy

Supreme Court Defers on Constitutional Right to Information Privacy; Scalia Predicts Increased Litigation

On January 19, the Supreme Court decided NASA v. Nelson, a case brought by NASA contractors alleging that questions asked by the federal agency in a background check violated their constitutional right to information privacy — i.e., a constitutional privacy interest in the government “avoiding the disclosure of personal matters” recognized in a pair of 1977 cases, Whalen v. Roe and Nixon v. Administrator of General Services. At issue were questions that asked whether the contractors received “any treatment or counseling” regarding illegal drug use within the previous year (as a follow up to a question regarding whether they used, possessed, supplied or manufactured illegal drugs within that year), and questions directed toward references for information bearing on “suitability for government employment or security clearance,” including “adverse information” about an the contractor’s “honesty or trustworthiness,” “violations of the law,” “financial integrity,” “abuse of alcohol and/or drugs,” “mental or emotional stability,” “general behavior or conduct,” or “other matters.”

Posted in Employment Privacy

Supreme Court Finds Public Employer’s Search Motivated By Legitimate Work-Related Purposes Did Not Violate Fourth Amendment Protections Against Unreasonable Searches

Yesterday, the Supreme Court reversed a decision of the Ninth Circuit in City of Ontario v. Quon and unanimously decided in favor of a public employer that had engaged in a limited administrative/accounting review of employee text messages. In this blog entry, we explain how the Court avoided deciding what is a reasonable expectation of privacy in electronic devices; we observe how a dormant federal case allowing a private employer search of e-mail despite an expectation of privacy may have renewed vitality; but in light of a recent New Jersey Supreme Court case, we remind private employers of the importance of a clear electronic communications policy (to limit or defeat expectations of privacy), of training and of purpose-limited searches.

Posted in Employment Privacy

New Jersey Ruling in Favor of Employee’s E-Mail Privilege Claim Suggests Amendments to Corporate Monitoring Policies

The New Jersey Supreme Court’s recent decision in Stengart v. Loving Care Agency upheld attorney-client privilege protection for personal web-based e-mails sent by an employee planning to sue her employer, notwithstanding a broad electronic communications monitoring policy by the employer. The case, though limited jurisdictionally to New Jersey, may be followed elsewhere, and suggests additions to company monitoring policies, which we set forth in this blog entry.

Posted in Employment Privacy

Supreme Court to Decide Reasonable Expectation of Privacy in Text Messages on Employer-Provided Devices

On December 14, the Supreme Court granted certiorari in City of Ontario v. Quon, a case that could set the parameters for the rights of employees in the workplace to privacy in their electronic communications, or just as easily be narrowly resolved on constitutional grounds with little implications for private employers. Quon, an officer with the [...]