Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Maternity & paternity
    • Shared parental leave
    • Redundancy
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+

Personnel Today

Register
Log in
Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Maternity & paternity
    • Shared parental leave
    • Redundancy
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+

Employment lawStaff monitoring

Employee monitoring: policy clinic

by Personnel Today 14 Mar 2007
by Personnel Today 14 Mar 2007

Most people would agree that phone tapping is unacceptable, so few commentators were surprised when a News of the World journalist, Clive Goodman, and a private investigator, Glenn Mulcaire, were jailed in January for unlawfully hacking into the mobile voicemail messages of staff members working in the Prince of Wales’ household.

Both were convicted under the Regulation of Investigatory Powers Act 2000 (RIPA), which makes it illegal for people to intercept communications in the course of transmission without the consent of the sender and recipient.

By tapping into these voicemail messages, Goodman was able to write stories detailing Prince William’s knee injury and other matters which could not have come into the public arena without a gross breach of privacy. The pair also broke data protection laws, which make it an offence for anyone to obtain personal information without the owner’s consent or that of the data controller.

So what should employers be aware of when monitoring employees and doing this lawfully without falling foul of RIPA, the Data Protection Act 1998 (DPA) or human rights laws, which govern employees’ right to privacy in the workplace?

Act impact

Employee privacy is affected by the Human Rights Act 1998 (HRA) which gives employees the right to a certain degree of privacy in the workplace.

RIPA also affects what employers can and cannot do in relation to employee monitoring as this Act makes it a crime to intercept communications in the course of their transmission without the consent of the sender and the recipient.

However, the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 provide some exceptions where employers can intercept communications in a business context.

The Telecoms Regulations set out a number of reasons where employers can do this lawfully, such as to ensure compliance with regulatory practices and business procedures and to investigate crime. Employers also have to use reasonable efforts to tell potential users that their communications will be monitored under the rules. Since the Telecoms Regulations apply to business communications only, they cannot be applied to monitoring employees’ personal and private communications.

Employers still need to comply with the DPA in the context of employee data, including data collected through monitoring. Data protection issues have been in the news lately as a result of a crackdown by the Information Commissioner against people not properly complying with the DPA.

In May 2006, the Information Commissioner presented a report to Parliament entitled What Price Privacy? which revealed the wide extent of the ­illegal trade in personal information carried out by many businesses, such as debt collection agencies, newspapers, journalists and private investigators, who obtain and transfer personal information without the consent of the data controllers or individuals concerned.

The Information Commissioner has powers to enforce compliance with the DPA and has recently prosecuted several businesses such as solicitors, accountancy firms and private detectives who do not comply. Liverpool City Council was one such body that was prosecuted and fined.

As a result of the report’s findings, the Information Commissioner wants to make illegal trading in personal information an offence that is punishable by a two-year prison sentence, since the DPA does not send people to jail as yet.

Data protection developments

Now, more than ever, employers need to comply with the DPA to avoid an Information Commissioner who is ‘on the warpath’ and more likely to bring prosecutions.

Employers need to follow the Employment Codes of Practice issued by the Information Commissioner to stay within the DPA when dealing with employee data, especially where employers carry out employee monitoring.

The codes state that, when monitoring employees, employers have to take measures proportionate to the intrusion into the employees’ private lives, which can be done by using ‘impact assessments’.

Minimum best practice

  • Ensure you are properly registered on the Register of Data Controllers
  • Have in place comprehensive data protection, e-mail and internet policies
  • Do not give out employee data to any third party without finding out who the third party is, why they want the data and under what authority they can ask for it
  • Before doing any monitoring, identify the purpose of it, the benefits it will bring, do an ‘impact assessment’, inform employees and anyone else who uses your systems of the monitoring, its extent and how it will be done
  • Ask employees to explicitly agree to the monitoring – this can be done by asking employees to sign up to your data protection, e-mail and internet policy (which should include details of the monitoring) at the same time as signing employment contracts
  • Where people are given access to personal information, they should be subject to confidentiality and security obligations and given training on how to handle the information so that it is not misused or improperly disclosed
  • Be very careful in handling sensitive information (about a person’s health, sexual orientation, racial origin or trade union activities) as the DPA sets out more onerous rules about it

What should a good data protection policy cover?

  • Set out what data you want to collect and how you are going to achieve this, how long you will store it and what it will be used for
  • Describe how employees can access their own data
  • Set out to which third parties employee data may be disclosed

What should a good e-mail, phone and internet policy cover?

  • Set out clearly the rules and standards for using your facilities and what will happen if these are breached, including any applicable disciplinary action
  • Set out the nature of all monitoring, its extent, the reasons behind it and how it will be done

Mahbuba Chowdhury is assistant solicitor at Matthew Arnold & Baldwin

More information

Clive Goodman sentenced to four months



Personnel Today
Personnel Today

Personnel Today articles are written by an expert team of award-winning journalists who have been covering HR and L&D for many years. Some of our content is attributed to "Personnel Today" for a number of reasons, including: when numerous authors are associated with writing or editing a piece; or when the author is unknown (particularly for older articles).

previous post
Coastguards threaten strike in pursuit of pay claim
next post
Employers spending money on recruitment without measuring return on investment

You may also like

HMRC looking to recoup £1.4bn from businesses’ use...

1 Aug 2022

Ministers release guidance to clarify UK employment status...

28 Jul 2022

Underpayment not reported due to ‘fear and insecurity’

25 Jul 2022

Supreme Court: Holiday pay for part-year staff should...

20 Jul 2022

The risks of sexual harassment in the metaverse

14 Jul 2022

One in nine UK workers is in insecure...

12 Jul 2022

Should employers pay for restrictive covenants?

8 Jul 2022

Founder disputes: the significance of fair play

8 Jul 2022

Employment law changes for 2022 and beyond: update...

1 Jul 2022

Oxford study highlights best gig economy firms to...

9 Jun 2022
  • 6 reasons why work-based learning is better than traditional training PROMOTED | A recent Fortune/Deloitte survey found that 71% of CEOs are anticipating that this year’s biggest business disrupter...Read more
  • Strengthening Scotland’s public services through virtual recruiting PROMOTED | This website is Scotland's go-to place for job seekers looking to apply for roles in public services...Read more
  • What’s next for L&D? Enter Alchemist… PROMOTED | It’s time to turn off the tedious and get ready for interactive and immersive learning experiences...Read more
  • Simple mistakes are blighting the onboarding experience PROMOTED | The onboarding of new hires is a company’s best chance...Read more
  • Preventing Burnout: How can HR help key workers get the right help? PROMOTED | Workplace wellbeing may seem a distant memory...Read more

Personnel Today Jobs
 

Search Jobs

PERSONNEL TODAY

About us
Contact us
Browse all HR topics
Email newsletters
Content feeds
Cookies policy
Privacy policy
Terms and conditions

JOBS

Personnel Today Jobs
Post a job
Why advertise with us?

EVENTS & PRODUCTS

The Personnel Today Awards
The RAD Awards
Employee Benefits
Forum for Expatriate Management
OHW+
Whatmedia

ADVERTISING & PR

Advertising opportunities
Features list 2022

  • Facebook
  • Twitter
  • Instagram
  • Linkedin


© 2011 - 2022 DVV Media International Ltd

Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Maternity & paternity
    • Shared parental leave
    • Redundancy
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+