Most people would agree that phone tapping is unacceptable, so few commentators were surprised when a News of the World journalist, Clive Goodman, and a private investigator, Glenn Mulcaire, were jailed in January for unlawfully hacking into the mobile voicemail messages of staff members working in the Prince of Wales' household.
Both were convicted under the Regulation of Investigatory Powers Act 2000 (RIPA), which makes it illegal for people to intercept communications in the course of transmission without the consent of the sender and recipient.
By tapping into these voicemail messages, Goodman was able to write stories detailing Prince William's knee injury and other matters which could not have come into the public arena without a gross breach of privacy. The pair also broke data protection laws, which make it an offence for anyone to obtain personal information without the owner's consent or that of the data controller.
So what should employers be aware of when monitoring employees and doing this lawfully without falling foul of RIPA, the Data Protection Act 1998 (DPA) or human rights laws, which govern employees' right to privacy in the workplace?
Employee privacy is affected by the Human Rights Act 1998 (HRA) which gives employees the right to a certain degree of privacy in the workplace.
RIPA also affects what employers can and cannot do in relation to employee monitoring as this Act makes it a crime to intercept communications in the course of their transmission without the consent of the sender and the recipient.
However, the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 provide some exceptions where employers can intercept communications in a business context.
The Telecoms Regulations set out a number of reasons where employers can do this lawfully, such as to ensure compliance with regulatory practices and business procedures and to investigate crime. Employers also have to use reasonable efforts to tell potential users that their communications will be monitored under the rules. Since the Telecoms Regulations apply to business communications only, they cannot be applied to monitoring employees' personal and private communications.
Employers still need to comply with