On January 12, 2015, the European Court of Human Rights (ECHR) ruled that an employer in Romania did not breach its employee’s privacy rights by monitoring and reading the employee’s instant messages (Case of Barbulescu v. Romania; application no. 61496/08). Our Global Workplace Insider blog also reported on the decision.
Background
A Romanian employee was dismissed by his Romanian employer in 2007 for privately using his Yahoo Messenger account at work in breach of company regulations. The messenger account was created merely for business use by the employee. Any use for personal purposes was expressly forbidden by company regulations. The employer discovered the employee’s breach by monitoring his communication from the messenger account. After having been confronted with his conduct by the employer, the employee denied any personal use of the account. The employer, however, presented a 45 page transcript of personal messages that the employee had exchanged.
The employee challenged the dismissal before the Bucharest County Court which dismissed his complaint. He appealed against this judgment which was, however, upheld by the Bucharest Court of Appeal. In its application to the ECHR, the employee – among other things – alleged that, with a view to these court rulings, the State of Romania failed to preserve the right to respect for private and family life and correspondence under Article 8 of the European Convention on Human Rights (Convention).
The Judgment
The ECHR ruled that the State of Romania did not breach its positive obligation to preserve the employee’s right to respect for private life and correspondence under Article 8 of the Convention: This right of the employee was in principle engaged when the communication from the messenger account was monitored by the employer and such information was further used in the court proceedings. The employee had a reasonable expectation of privacy also when communicating from his workplace messenger account. However, in the EHCR’s view the Romanian courts have struck a fair balance between the right of the employee to respect for his private life and correspondence under Article 8 of the Convention and the employer’s interests. It particularly found that “[…] it is not unreasonable for an employer to want to verify that the employees are completing their professional tasks during working hours.” and “[…] the employer’s monitoring was limited in scope and proportionate […].
Our Take
The judgment of the ECHR must not be seen as carte blanche for employers to monitor their employees’ communications at work. Employers should always bear in mind that the fact that the monitoring measure is not in breach of Article 8 of the Convention does not automatically mean that such measure is indeed permitted at the end of the day. Further limitations, in particular under national, general and sector specific data protection, telecommunication and employment laws will apply and differ from jurisdiction to jurisdiction. For example, in Germany, an employer allowing its employees to use a company email account for personal purposes is in many cases barred from accessing its employees emails due to German telecommunication laws. Further, monitoring employee email accounts in Germany will require the works council’s (if any) prior consent, i.e. in practice, the employer will have to negotiate and conclude a works agreement with the works council.
To subscribe for updates from our Data Protection Report blog, visit the email sign-up page.