Advertisement
News by VICE

A Lawyer Told Us Why Your Boss Is Entitled to Snoop on Your Private Messages at Work

A ruling by the European Court of Human Rights says a Romanian company was within its rights to monitor an employee's use of Yahoo Messenger and fire him for sending personal messages.

by Miriam Wells
Jan 13 2016, 5:30pm

Foto di Roman Pilipey/EPA

If you're reading this at work, be careful — you may be being watched. The European Court of Human Rights (ECHR) ruled on Sunday that companies have a right to monitor their employees' internet usage during working hours and fire them if it is not entirely professional. 

The case heard by Europe's highest rights court involved a Romanian engineer who was fired in 2007 after it was discovered he had used a Yahoo Messenger account set up to respond to client enquiries to also communicate with friends and family.

After claiming he had only used the account for professional purposes, Bogdan Mihai Barbulescu was presented with a transcript of his communications over a period of July 5-13 2007, which included "messages he had exchanged with his brother and his fiancée relating to personal matters such as his health and sex life."

'You have no privacy at work whatsoever'

Internal company regulations forbade the use of company resources for personal purposes, but Barbulescu argued that the monitoring of his communications constituted a breach of his right to privacy.

But the EHCR dismissed his argument, saying it "did not find it unreasonable that an employer would want to verify that employees were completing their professional tasks during working hours."

Monitoring Barbulescu's communications had been "the only method of establishing whether there had been a disciplinary breach," it said, though noted that the employer had originally accessed his messenger account in the belief that it contained "client-related communications."

Related: Is the UK Set To Become 'The Most Intrusive and Unaccountable Regime in the West'?

Whether or not an employer is allowed to look at an employee's personal emails and messages depends on laws in the relevant country and individual company policy. But it is typically the case that employers are allowed to monitor staff's email and internet usage, as long as they inform them of the policy.

"These days it's extremely common that you have no privacy at work whatsoever," said Paul Scholey, a lawyer specializing in employment rights with Morrish Solicitors in the UK. "Employers can say we're entitled to look at all communications because you're making them on our time and our equipment. They say you have a choice — and that's not to do it."

'I think it stinks'

Snooping does violate individuals' right to privacy and right to freedom of expression, but those rights are "qualified" rights under the European Convention on Human Rights, meaning they can be balanced against other things — in this case, the employers' interests, and their right to check the individual is doing their job.

A responsible internet use and social media policy is considered to be one in which the employer says it will only conduct random checks, not monitor all usage. "But how do you know?" said Scholey. "It's their equipment, their system, their internet connection."

Facebook use had become a major issue in recent years, said Scholey, who has defended multiple employees fired for bringing their company into disrepute or insulting their boss on the site. Courts in the UK and Europe had increasingly moved towards favoring companies over individuals, he added.

Related: The Growing Use of 'Voiceprint' Passwords Is Another Threat to Your Privacy

"I think it stinks," he said. Asking employees to behave in a grown-up way that doesn't destroy the company's reputation on internet was perfectly reasonable, he argued, but that was a very different proposition to saying "in a world where we can share a tweet in seconds" that people must never do such a thing during work time. 

"What's the difference between that and a chat by coffee machine or old-fashioned phone call?" he argued. "The only thing that's changed is the technology which means they can monitor what's being said and done. They do it because they can, and that's not a good enough reason."

'The rights of the individual are being seconded to the rights of big business'

Digital rights organization Open Rights Group called the ruling "a missed opportunity to develop clear principles about the limits of monitoring in the workplace."

The group's executive director Jim Killock added that the ruling did at least "reassert that workplace monitoring must only take place with employees' prior contractual agreement in order to restrict what companies can do."

Scholey's experience with the UK courts has left him more pessimistic. "If you're talking about your employer on social media, don't expect the law to protect you," he said. 

Using your own device when sending personal messages or using social media could protect you to a certain extent, but employees should stick to using 3G or 4G rather than WiFi, because "once it's plugged in to that then arguably it's part of their system and they can do what they like."

There was really not much employees could do other than be ultra-careful, Scholey concluded. "We've got the balancing act wrong," he said. "European courts are moving in the same way as UK courts and the rights of the individual are being seconded to the rights of big business."

Follow Miriam Wells on Twitter: @missmbc

Related: Surveillance, Paranoia, and Life Under a State of Emergency in France