European trade unions are warning that a landmark EU court decision on private Internet use during working hours shouldn’t be “a green light for a free-for-all invasion” of employee privacy, despite fears that this could signal the introduction of tough, US-style corporate policies.
The European Court of Human Rights (ECHR) in Strasbourg ruled in mid-January that it "did not find it unreasonable that an employer would want to verify that employees were completing their professional tasks during working hours."
That’s why it said the company, not identified in the case documents, had the right to fire an engineer in 2007 after discovering he used a Yahoo Messenger account, which he was instructed to set up for client inquiries, to liaise with friends and family at the same time.
The court said the company’s monitoring of Bogdan Mihai Bărbulescu’s communications had been "the only method of establishing whether there had been a disciplinary breach." It said the employer had originally accessed Bărbulescu’s messenger account in the belief that it contained "client-related communications."
The San Francisco-based Electronic Frontier Foundation, which campaigns for Internet privacy, sees this as a landmark case with wider implications in Europe.
“Many US companies have fired employees for "inappropriate" use of the Internet like neglecting work while chatting with a fiancé, or viewing pornography during work hours,” Jeremy Malcolm, the foundation’s Senior Global Policy Analyst, tells Equal Times.
“In Europe, the law was never clear as to whether companies may prohibit employees from sending private emails, and I guess the answer is now yes, they can do so.”
But Peter Scherrer, Deputy General Secretary of the European Trade Union Confederation (ETUC), notes that the court did not give a blank check to employers. “The ruling should not be seen as a green light for a free-for-all invasion of employees at work,” he tells Equal Times. “We have to look at the circumstances of each case. In this situation, the contract specifically excluded personal use.”
Scherrer raises another related issue: unpaid overtime, including the time employees are expected to monitor and respond to emails outside of business hours.
“The occasional checking of emails and surfing of the net is nothing compared to the amount of unpaid overtime hours European workers are giving to their companies,” he says.
The court ruled that Bărbulescu crossed the line by combining private matters with business. The court records say Bărbulescu initially denied he was liaising with non-clients, until the company confronted him with evidence to the contrary.
Bărbulescu was presented with a transcript of his communications over the period between 5-23 July 2007, which the court records say included "messages he had exchanged with his brother and his fiancée relating to personal matters such as his health and sex life."
Bărbulescu argued that the monitoring of his communications constituted a breach of his right to privacy. But the EHCR rejected his argument.
“The employer’s monitoring was limited in scope and proportionate” and in addition, the employee hadn’t “convincingly explained why he had used the Yahoo messenger account for personal purposes,” the European court said. “There is nothing to indicate that the domestic authorities failed to strike a fair balance.”
Malcolm says the company policy was clear. “It prohibited the use of messaging apps for personal purposes. So the prospects of fighting this particular decision seem low.”
But there is a way to get around snooping bosses: workers can use private Internet connections via their mobile phones or personal devices while in the office – as long as it doesn’t interfere with their work, says the Electronic Frontier Foundation analyst. “Something else that they can do is to ask about their employer’s workplace Internet usage policy – though this certainly shouldn’t be their first question in a job interview!”
The European Parliament is close to voting on a new data protection regulation, but Malcolm says it “will not have any significant impact on the ability for companies to scrutinise the Internet usage of their employees.’’
He notes the need to “develop and promote a model workplace Internet usage policy that upholds the employee’s reasonable expectation to a basic level of contact with family and friends during working hours, so long as this doesn’t interfere with the execution of their work duties.”