This document discusses balancing employees' privacy rights with employers' interests regarding internet and social media use in the workplace. It provides an overview of relevant case law and principles from the European Court of Human Rights and Data Protection Acts. Specifically, it examines cases related to monitoring employee internet/email use and social media posts. The document stresses the importance of employers establishing clear internet and social media use policies that are properly communicated to employees.

1. EMPLOYEES AND
INTERNET USE
Darius Whelan, Faculty of Law, University College Cork
Dublin Solicitors Bar Association Seminar, December 2012

2. BALANCING COMPETING INTERESTS
Employee’s Privacy Employer’s Interests
 Employees do not leave their privacy at the front door
when they come to work
2

3. EMPLOYER‟S INTERESTS / DUTIES
 Employers have general right to determine work
tasks and control contract performance
 Employer has property rights in equipment
 Employers may lay down quality and behaviour
standards
 Employer must safeguard employees‟ health, safety
and welfare
 Employer has duty of trust and confidence towards
employee
3

4. PRIVACY
 Halford v UK (1997):
 Assistant Chief Constable – Office phones „tapped‟ – No
warning
 She had a reasonable expectation of privacy and so art. 8
had been breached
 Copland v UK (2007):
 Employer (Welsh public college) monitoring internet
usage, e-mails and telephone traffic of Ms.C (employee)
without her knowledge
 Content not monitored; instead names of recipients etc.
 Held: Breach of Article 8
4

5. Köpke v Germany (2010)
 Employer had used covert video surveillance for
two weeks to investigate employee for theft
 Domestic law required proportionality, etc.
 ECtHR held complaint under art. 8 manifestly ill-
founded
5

6. KEY DATA PROTECTION PRINCIPLES
 Data Protection Acts 1988-2003:
 Data must be obtained and processed fairly
 Data subject must be informed of purpose for which data are
processed
 Legitimate Processing:
 Various categories including
 Data subject consenting to processing, or
 processing is for „legitimate interests‟ of controller without unduly
prejudicing subject‟s rights/ freedoms / interests
 Data must be kept for specified, explicit and legitimate
purposes
 There must be appropriate security measures
 Data subject has right of access to data
6

7. Gresham Hotel (2007)
 Data Protection Commissioner Case Study 6 of 2007
 Covert video surveillance
 Other employees being investigated, not this particular
employee
 Gardaí were not involved
 Commissioner found data was being processed in a manner
incompatible with its purpose
 Covert surveillance would require actual involvement of
Gardaí or intention to involve them
 Amicable resolution reached
7

8.  Ali v First Quench (2001)
 Covert video surveillance in off-licence office – thefts of
stock – Mr A prime suspect
 Mr A was filmed having sexual intercourse in office while
shop open
 Dismissal fair
 McGowan v Scottish Water (2004)
 Video surveillance of employee‟s house, due to
suspicion of timesheet irregularities
 Dismissal fair; did not breach privacy
8

9.  Mehigan v Dyflin Publications (Ireland, 2002)
 M received 3 pornographic images by e-mail and forwarded them
on to someone else
 Tribunal did not accept this was a one-off incident. Evidence of
other material on computer inc. sexual cartoons
 E-mails can often cause offence
 The EAT will be heavily influenced by the existence of a written
policy reserving right to dismiss
 Unlikely dismissal permissible otherwise
 Possible exception – downloading obscene pornography
 (Distinction between facts here and „exceptional‟ cases unclear)
 Onus on employer to introduce policy
 Dismissal unfair, but employee contributed substantially
 €2,000 for unfair dismissal plus €2,800 in lieu of notice
9

10. Murray and Rooney v ICS Building Society (2011)
 Two employees allegedly circulated pornography by
email
 EAT found investigation flawed
 Investigation took place without their knowledge;
they could not make submissions on terms of
reference
 Investigation involved only small sample of emails
and did not include employees who had deleted
emails
 Dismissal was disproportionate
10
 €30,000 to one employee; €36,000 to the other

11. Kiernan v A Wear (2008)
 Employee posted derogatory comments on BEBO
 E.g. Regarding manager “She called me a liar. I
f**ing hate that c**t”
 Visible to customers
 Fair investigation held. Employee dismissed
 EAT found dismissal disproportionate
 Employee contributed to her dismissal
 €4,000 for unfair dismissal
11

12. Walker v Bausch and Lomb (2009)
 Employee wrote on intranet: “500 jobs to be gone at
Waterford plant before end of first quarter 2008”
 No proof that employee had received intranet policy
 Fair hearing held. Employee dismissed.
 EAT found dismissal disproportionate
 Employee greatly contributed to situation
 €6,500 for unfair dismissal
12

13. O’Mahony v PJF Insurances (2011)
 Facebook – Employee called manager a “bitch”
 At first, the page was accidentally seen
 Employee then allowed full access
 A number of disparaging comments
 Suspended pending investigation
 EAT – Significant breach of trust which made
employment untenable
 Employer acted reasonably. Dismissal fair.
13

14. GUIDANCE
 Council of Europe
 Recommendation R (89) 2 on Protection of
Personal Data Used for Employment
Purposes 1989
 International Labour Organisation
 Code of Practice on Protection of Workers‟
Personal Data 1997

15.  Article 29 Working Party
 Opinion 8/2001 on processing of personal data in the
employment context
 Opinion 4/2004 on video surveillance
 Data Protection Commissioner (Ireland), Monitoring
of Staff, Guidance Note, 2004
 Data Protection Commissioner (Ireland), Data
Protection and CCTV, Guidance Note, 2004
15

16. DRAWING UP A POLICY
 Review legislation, guidance and cases
 Clarify purposes of monitoring (if any) – must be
proportionate
 Notify purposes of monitoring to employees – e.g.
state if can be used for disciplinary purposes; may
ultimately lead to dismissal; misconduct v gross
misconduct
 Clarify ownership of Twitter followers, etc.
 Perhaps permit reasonable personal use of e-mail /
internet / social media
 Regular reminders of policy
 Other issues – see material cited
16

17.  References - See list provided
 Contact Details:
 Dr Darius Whelan, Faculty of Law,
 University College Cork
 http://research.ucc.ie/profiles/B012/dwhelan
 Email d.whelan@ucc.ie
 Twitter: @dariuswirl
17