As reality TV show Big Brother, having
completed its 7th series in the summer, and now about to run a
celebrity version, the show (which is now run in over 70 countries
worldwide), continues to be hugely popular here, we ask what impact
does a “big brother society” have on the workplace?
Despite the attraction of the TV show, very few people want
to be a part of the “big brother society” and are resistant to
invasion of their privacy. This is a particularly emotive issue in
the workplace. Employers have legitimate business interests to
protect, whilst employees should have their privacy and autonomy
Companies need to ensure that their systems are not being abused.
The solution to this problem is for employers, workers and their
unions to negotiate and implement sensible guidelines on good
business practice and agree what level of surveillance or monitoring
Monitoring or surveillance at work is not a new issue, however with
the advent of new technologies it has become more widespread. The
following types of monitoring are regularly used:
- opening individual worker’s emails
- listening to voicemail messages
- recording activities by audio or CCTV equipment
- gathering information from point of sale terminals
- using software to collect information about workers’ use of
- examining a log of websites visited
- keeping a record of personal telephone calls
- tagging systems on vehicles
- performance monitoring, for example the number of telephone
What about my private life?
The Human Rights Act introduced in 2000, gave individuals a right to
privacy and to a family life. However, it is clear that the Act has
not prevented the monitoring of employees in the workplace and nor
is it likely to.
When a senior police officer complained about her private telephone
calls being tapped by her employer, the European Court of Human
Rights held that she had “a reasonable expectation of privacy for
such calls”. The significance of this is that if an employee
does not have a reasonable expectation of privacy,
then an employer may be free to monitor telephone calls subject to
Covert surveillance is a clear intrusion into an employee’s private
life which they would not expect and so one would believe it is a
clear infringement of the right to a private life. However, the
Courts have held that such intrusion, which can extend to
surveillance at the employee’s private address, can be justified
where an employer is seeking to protect its assets. The crux
here is that the surveillance must be carried out with a view to
detecting a crime.
The Courts will balance the right to a fair trial against that of
the right to privacy. The former will usually prevail where the
evidence from covert surveillance goes to the very heart of the
case, eg. an employer’s insurance company hires an enquiry agent to
investigate the legitimacy of a personal injury claim. The enquiry
agent obtained access to the employee’s home posing as a market
researcher and filmed the employee using a hidden camera. The
evidence obtained proved the employee had virtually recovered from
her injuries, despite her allegations of continuing significant
disability. However, because of the way the evidence was obtained,
it was not admitted by the Court.
It is necessary to ensure that you have in place a policy which is
communicated to your employees and which makes it clear that
monitoring in various forms will take place. That way the employee
will not have an “expectation” of a private life at work, making
reliance on the Human Rights Act much more difficult.
Under the Human Rights Act, the employee may only bring Court
proceedings against a public body. In all other circumstances the
employee will not be able to make a complaint directly under the
Act. However, it is possible that an employee will be able to show
that a breach of the right to a private life is also a clear breach
of implied terms of trust and mutual confidence (in the employment
contract) entitling the individual to resign and claim constructive
unfair dismissal, eg. a secretary was subject to extensive
monitoring and surveillance by her manager who suspected her of
running her private life whilst at work, which extended to her email
use and logging the length of her telephone calls and the number of
calls received and made.
Those she had called were telephoned to check what the call was
about and who they were. The secretary was dismissed for misconduct.
The Tribunal found her dismissal unfair because the Company had no
rules on private use of the phone, IT system and had no policy on
You can’t read my emails!
Monitoring of staff usually takes the form of intercepting emails,
recording telephone calls, examining web logs and the use of CCTV.
The Regulatory and Investigatory Powers Act 2000 prohibits employers
from intercepting employee communications including the monitoring
of telephone calls, emails and the use of internet facilities at
work unless the sender and the recipient consent to the
interception being made. Unlawful interception can lead to a
criminal liability and a claim for damages from either the sender or
recipient or both.
Consent may be achieved by a well drafted IT Policy covering email
use (both internal and external) and internet use. However, there is
a get out clause! The Government issued complementary regulations
(“Interception of Communications”) to authorise interceptions
without the individual’s consent which appear to constitute a
legitimate business practise. These include:
- identifying the existence of facts relevant to the business
- ensuring quality standards
- preventing crime
- protecting the IT system from viruses
- determining the relevant of communications to the business.
These regulations give much greater scope for monitoring as they
clearly encompass monitoring for personnel and management issues
such as training, quality and compliance.
If employees have made all reasonable efforts to inform every person
who may use their system that interception of emails, telephone
calls and internet interactions at work may take place, employers
are also authorised to monitor or keep a record of calls on their
system for the purposes of detecting unauthorised use and to
establish the existence of facts relevant to the business – a very
wide and extensive right.
The easiest way to avoid liability under this Act is to ensure that
an IT Policy is in place which is disseminated to all staff and
clearly outlines the boundaries for the use of telecommunications
and the circumstances in which monitoring will take place.
So what about the Data Protection Act 1988 (DPA)?
The DPA regulates the manner in which businesses can obtain, hold
and use personal information about workers. This will include
data and information obtained through monitoring and surveillance.
A code supports the DPA which covers monitoring at work and this
places some genuine restrictions on employee monitoring and
outlining core principles that will usually be intrusive to
monitor your workers and reaffirming that workers have
legitimate expectations so they can keep their personal lives
private and they are also entitled to a degree of privacy.
The code emphasises the need to adhere to the following principles:
- you should inform workers about monitoring (preferably in
the form of a policy)
- all monitoring should be justified
- you should carry out adverse impact assessments (consider
less intrusive methods)
- retain impact assessments as evidence should your monitoring
methods be questioned
- any data obtained through monitoring should be processed in
accordance with the DPA
A breach of the DPA entitles an employee to make a complaint to the
Information Commissioner. However, many employees are unfamiliar
with this route and the process can be slow. Compensation can be
awarded for financial damage and distress but it is not possible to
claim compensation for distress alone. This leads to a result that
most complaints will lead to little or no compensation as more often
than not invasions of privacy will lead to a non-economic loss.
However, a breach of the code may be used as evidence to support a
claim for constructive unfair dismissal where an employee alleges
that such intrusive monitoring has destroyed the relationship of
mutual trust and confidence.
So what’s the answer?
Openness – consent - consultation – private permitted use or areas?
There is a common theme that runs through the legislation outlined
and that is the requirement to be open with your employees through
consultation and to communicate policies and procedures for
monitoring to them. Employees should be asked to sign an
acknowledgement that they have read, understood and agreed with the
terms of the policy. The method of monitoring should be determined
following impact assessments which will justify it as a
proportionate measure to protect the interests of the business as
opposed to the individuals’ right of privacy.
- remind users to keep passwords secure
- warn users not to send out confidential information by email
to inappropriate recipients
- warn users not to express themselves in ways that will be
- warn that emails may be checked for obscene, indecent or
- allow occasional personal use of email or the internet –
outside normal working hours
- cover procedures to check for viruses or to alert other
- set out email etiquette to avoid bullying or harassment
If you have policies and procedures in place, review them to ensure
that they are compliant with the legislation and remind employees
about them. Where you do not have any policies or procedures in
place, then now is the time to put this in order before it becomes
too late. A recent survey found that the weekly cost to employers in
the UK of workers accessing the Big Brother website reached £1.4
million. You have been warned!
Copyright 2006 - 2010 Taylors Solicitors