In a world where everyone is glued to their smartphones and addicted to Facebook and Twitter, there are still a few people (usually those over 20) who want their personal communications to remain private. That is why there has been so much controversy recently over the Government’s proposals to introduce new laws allowing it to snoop on all electronic communications of UK citizens without a warrant. But how do people feel about their employers snooping on their personal communications?
Carrying a Blackberry 24/7 means that the line between your work and private life becomes more blurred, and most of us use work email for personal use. iPads are the latest “must-have” executive accessory for work and play, and people don’t think twice about forwarding confidential company documents to their personal email accounts so that they can access them away from their desks. This helps us cram more working hours into our days, and so has an obvious upside for business. But there are downsides too.
Sensitive confidential information may be lost or stolen. As staff “tweet” about their day or post comments on Facebook about their boss’s latest antics, their right to freedom of expression and privacy comes into direct conflict with the company’s interests to protect its professional reputation. This has led to a string of employment tribunal cases hitting the news in the past couple of years.
Here are some pointers:
If it is discovered that an employee has forwarded confidential information to their personal email account, the company will want to make sure that the information has not been misused or leaked. Often, an employer’s first step is to carry out an investigation (including a forensic IT investigation and an interview with the employee concerned). Then, the company may ask the employee to give written undertakings to confirm that the information has not been misused or disclosed to any third parties.
Some employers demand possession of the employee’s personal computers and other devices as part of the disciplinary process so that they can search for (and permanently delete) the company’s information. Understandably, most employees will regard this to be a gross intrusion into their privacy. In reality, we often store a huge amount of personal information and photographs on our personal computers, belonging to us and our families. Any proposed process for inspecting an employee’s personal devices must show respect for their privacy and property.
Here are some tips on best practice:
This generation of employees has learnt how to multi-task, so much so that we’re almost constantly online. The challenge for employers now is to help staff realise when it is appropriate to “switch-off” from their work email. It seems that we are still working-out where the dividing line should be, between work and our private lives.
Anne Hughes is a Senior Associate at Fox Solicitors. She advises employers, employees, partners and firms on their full range of employment and partnership law concerns.
Back on the 26 May 2011 the EU passed some amendments to the Privacy and Electronic Communications Regulations, further expanding its attempts to protect user privacy on the internet (in stark contrast to David Cameron's desire to wiretap every UK citizen). However, the requirements were given a grace period of 12 months before they came into effect. That means that website owners should be compliant by 26 May 2012 – are you?
Here's the definition of a cookie as used by the Information Commissioner's Office (ICO):
“The Regulations apply to cookies and also to similar technologies for storing information. This could include, for example, Local Shared Objects (commonly referred to as “Flash Cookies”), web beacons or bugs (including transparent or clear gifs).
A cookie is a small file, typically of letters and numbers, downloaded on to a device when the user accesses certain websites. Cookies allow a website to recognise a user’s device.”
The key change in the wording of the EU regulations is that whereas previously it was quite acceptable to assume that a user is happy to have a cookie from your site downloaded to their machine as long as you gave them a way of opting out, now it is a legal requirement to get consent before you can store a cookie.
There are, however, a few examples of exemptions to this requirement. The biggest is that cookies used to track goods being added to a shopping basket are considered to be strictly necessary and therefore exempt from the new rules.
At this point there seems to be a step missing which I certainly feel is going to harm our own users’ experience of our site, and thus harm the business.
This in itself isn’t an issue. But how can we tell if this is a user we’ve had before and whether they need to be pestered about cookies again? Simple, we’ll put a cookie... Oh! Any user not accepting our cookies will have a “Please let us monitor you” alert flash at them each time they hit the site.
An alternative to this is to show a display once and then assume consent. However the ICO says that, as knowledge about the extent of cookie tracking is so low, it’s not acceptable to do this.
There are several reasons why it’s a valid concern to UK businesses:
However, the ICO has put together a very detailed guide explaining the changes in the law and giving some examples and suggestions of both exemptions and possible ways of tackling the issue. It’s worth taking a look.
Michael Derges is a writer and researcher for Stinkyink.com.
• Read Rory MccGwire’s blog on the Law Society Gazette, and check out his comment below.
• Robert Peters looks at the marketing implications of the new cookie regulations on Marketing Donut.
• And IT Donut has a full guide to the new EU regulations on cookies.
A landmark judgment by the Supreme Court has highlighted the issue of whether employers can justify plans to compulsorily retire someone.
The high-profile age discrimination case of Seldon v Clarkson Wright and Jakes (CWJ) on Wednesday 25 April sparked a good deal of media interest on radio and BBC TV.
The case concerned Leslie Seldon, a partner at a firm of solicitors in Kent, whom I represented at an Employment Tribunal. Leslie Seldon had appealed to the Supreme Court to be allowed to continue working after the age of 65. His case was taken on by the Equality and Human Rights Commission and by Age UK.
CWJ admitted that this was direct age discrimination but sought to justify its retirement policy on the basis that younger employees needed the opportunity to move up through the ranks, that it enabled the law firm to forward plan more easily and prevented the firm from having to remove older partners using more confrontational mechanisms, like performance reviews.
The EHRC & Age UK supported Mr Seldon's case as a means of seeking clarity as to the correct test for justification in direct age discrimination cases. The Supreme Court used the opportunity to outline for the first time the powers that employers have to force workers to retire. These include ensuring they have a legitimate social policy type aim — such as making way for younger employees — and the retirement is proportionate, ie appropriate and necessary. Whether it was proportionate in Mr Seldon's case will now revert to the Employment Tribunal to decide with the benefit of the Supreme Court's ruling.
I welcome the fact that the case has brought some clarity for employers in relation to the policies they need to have in place in order to compulsorily retire someone. However, whether it will be proportionate is something that will have to be looked at by each business individually.
It is quite a minefield and companies aren’t really going to know until they are challenged whether or not they are going to succeed in showing someone’s retirement was justified.
The Supreme Court has made it clear they will scrutinise businesses on a case-by-case basis. If a company’s plans to retire someone can be justified as a legitimate aim, then the question is — could it be achieved in a less discriminatory way? For example, at 66 or 67 rather than 65.
It is about balancing the needs of older workers and younger ones who want to come up through the ranks. But this is not the end of the story for Mr Seldon.
Whilst remitting the specific case back to the Employment Tribunal for further consideration, Justice Hale concluded more generally that in order to justify a policy it is not sufficient for an employer to show that it has an aim which is capable of being a public interest aim; they need to show in addition that it is actually a legitimate aim in the particular circumstances of the employment and it is proportionate in the circumstances of the business at the time it is applied.
Jo Davis is head of employment law at Buckinghamshire-based B P Collins LLP.