Employment home
Partners
Our Services
News
Legal Eye
Events
Testimonials
Employers Questions
Employment Audit
Employment Web Chat

Employers Questions - Monitoring at Work

Q1: Can I periodically monitor emails sent and received from employees?
Q2: My Company's telephone bills have been unusually high in recent months. I am concerned that this is due to excessive premium rate calls made by employees. Can I record employees' telephone calls to determine who the culprits are?
Q3: My Company has a communications policy prohibiting the private use of e-mail and telephone. The Company has in the past turned a "blind eye" to this policy and allowed employees free use of e-mail and telephone. Could this cause any problems for the Company?
Q4: Last month I was called anonymously and told that some staff members are downloading pornography at work. Can I go into my employees' computers to determine whether this is true?
Q5: A customer has recently complained about one of my employees. Can I look back through customer records to check that the employee dealing with the customer gave the correct advice?
Q6: I have informed my employees that the Company is going to install a CCTV camera in one of the factories where there is a lot of dangerous machinery. The purpose of this is to ensure that Health and Safety legislation is being complied with. I have consulted with my employees and they are all happy about this and have given their consent. However, can I also use the tapes for disciplinary purposes? Two employees had a fight last week and I want to use some video footage to prove which employee started it.
Q7: Due to complaints from numerous line managers that certain employees are abusing the e-mail system I have discussed with employees and sought their consent to monitor their use of the system. One employee who is subject to this monitoring has asked to see the information which has been collected in relation to him. Do I have to disclose it?
Q8: : I have good reason to believe that certain employees are taking drugs during working hours and on Company premises. I would like to monitor these employees but I do not want to alert them to the fact that I am doing so. Can I do this?


Did we answer your question? These questions will be updated periodically. If you would like to see an Employers Question featured here, email it to us at info@rawlisonbutler.com. Please note, we cannot answer your specific legal queries by email.

If you require legal advice on this or any other employment law issue, please contact Tony Hyams-Parish or your usual contact in the employment team at Rawlison Butler LLP.

This document is provided for information purposes only and does not constitute legal advice. Professional legal advice should be obtained before taking or refraining from taking any action as a result of the contents of this document.

 

 

 

_____________________________________________________________________________________________________

Answers to questions below, please click on the questions above to be directed to the correct answer.

 

 

A1: : If you monitor your workers by collecting or using information about them then the Data Protection Act 1998 (‘DPA’) will apply. The DPA does not stop you collecting and using information about workers, but it sets out principles which you must follow if and when you do so and it requires you to be open with your workers about any monitoring you undertake.

There are circumstances when emails can be monitored, but first you will need to be clear about your reasons for wanting to monitor them. Once you have established a genuine reason for monitoring, you must then consider whether there is any other way to achieve the particular business need, for example a less intrusive method. You must also consider the impact of the intended monitoring on the employee and whether it is justified in all the circumstances. Under the Human Rights Act 1998 (HRA) an individual has a right to respect for their private life, which includes a degree of privacy in the workplace, and therefore any interference with communications must also be justified in this respect.

The Employment Practices Data Protection Code of Practice ('the Code') which was issued following the introduction of the Data Protection Act 1998 (DPA) suggests that an impact assessment should be conducted to determine whether monitoring is justified and, if so, to determine its scope and nature. The less intrusive the monitoring is the better. For example, if an employer's primary concern is excessive use of personal emails by staff, the Code suggests that you should ask yourself whether analysis of email traffic rather than content of messages is more appropriate. If the problem is emails that contain 'inappropriate content' you should consider monitoring only email subject headings and/or whether an automated system could be used which detects certain offensive words. You should only read the content of emails if it is essential for a valid and defined reason.

Even if you believe you have a justified reason for monitoring the content of emails, you should not generally read personal emails because this will rarely be necessary. If workers are allowed to access personal email accounts from work, such emails should only be monitored in exceptional circumstances.

You must ensure that Company rules in relation to email use are clearly brought to the attention of all employees. Above all, if emails are to be monitored then employees must be informed not only of the fact that their emails are to be monitored but the reasons why. To avoid uncertainty some employers simply adopt a blanket policy prohibiting staff sending or receiving personal emails.

back to the questions

 

 

 

 

 

 

 

 

 

 

 

 

A2: Recording employees' telephone calls should be a last resort. If you record employees telephone calls, the Company will be vulnerable to claims under the Human Rights Act 1998 (HRA) and other legislation.

When considering monitoring telephone calls, you should adopt the least draconian measures possible to fulfil the relevant business need and you must be able to justify any measure you adopt. You should also consider carrying out an impact assessment in the same way that you would if you wanted to monitor emails.

Generally, you cannot intercept an electronic communication during the course of its transmission, without having the consent of the sender and recipient first.

An obvious first step in your case would be to check telephone logs or records before embarking on the recording of calls. It may not be justified to record these calls bearing in mind what you want to achieve. Checking telephone logs can offend the DPA but provided that you have carried out an impact assessment and you can justify that the risk to the Company is proportionate to any adverse impact on employees you will reduce your risk of any liability under the DPA.

Of course, you should inform employees that the logs will be monitored and the extent of such monitoring. Ideally you should have a policy in force which sets out the Company's stance on telephone use.

back to the questions

 

 

 

 

 

 

 

 

 

 

 

 

A3: Yes it could. This is because workers will base their expectations of privacy not only on the employer's stated policy but also on the practice that the employer has allowed to develop. Therefore, you may not be able to rely on the complete ban as stated in your policy if you have allowed persistent breaches of it in the past in similar circumstances.

To prevent this problem from arising you should introduce a more realistic policy setting out the extent to which private use is permitted and/or restricted, the penalties for excessive personal use and the circumstances in which the Company may monitor such communications. You should ensure that you implement and apply the policy to all workers in a consistent way.

You should also ask your workers to consent to the policy by asking them to consider and sign it.

back to the questions

 

 

 

 

 

 

 

 

 

 

 

 

A4: Yes - there are circumstances in which you can go into your employees’ computers. Downloading pornography is a serious matter and downloading certain material can also be a criminal offence. You should have a reasonable belief that the source and content of the information you have been given regarding these allegations is genuine. Assuming that you do have the necessary evidence, you may be permitted to go into your employees' computers, but only as a last resort and after you have considered whether other less intrusive methods of resolving the matter are available. When considering whether to access employees’ computers in these circumstances you must weigh up the risks to the Company of employees accessing pornographic material against any adverse affect, that you accessing employees’ computers may have, on the employees. You should again keep employees fully informed and it is advisable to obtain employee consent.

In relation to monitoring the use of the internet generally, you may consider introducing an automated system which shows whether certain internet sites have been accessed. Once again an impact assessment should be conducted and you would need to inform employees of any monitoring and the reasons for it.

If it is not possible to introduce an automated system, for example for reasons related to cost and the size of your business, then it is more likely to be reasonable to directly access your employees' computers.

It is recommended that you have an internet policy in force which sets out restrictions on private use, what constitutes prohibited use and the penalties for breach of the policy.

back to the questions

 

 

 

 

 

 

 

 

 

 

 

 

A5: 'Monitoring' is not specifically defined for the purposes of the Data Protection Act 1998 (DPA) and the Code of Practice on the DPA, but these sources are aimed at the regulation of information collected for the purposes of monitoring employee performance and conduct. Generally there is nothing to stop you looking back over customer records in relation to a particular worker as part of a one-off investigation into a specific problem.

However, you should bear in mind that where you are processing personal data for the purposes of the DPA you must ensure that you adhere to the DPA principles. In these circumstances you may need to inform the employee that you are going to seek the information and consult with him/her about the purpose of obtaining it.

back to the questions

 

 

 

 

 

 

 

 

 

 

 

 

A6: The general rule is that personal information obtained for a particular purpose should not be used in a way that is incompatible with that purpose. Monitoring by way of CCTV is intended to address the Health and Safety issues, and it might be unfair to workers to tell them that the monitoring is undertaken for a particular purpose and then use the information for another purpose.

There are exceptions to this. For example, if the activities are such that a reasonable employer could not be expected to ignore the actions, for example, this might include a criminal activity such as fighting or an act of gross-misconduct.

It is advisable to incorporate a clause into employees' contracts, your handbook or communications policy that the monitoring is for the purposes of ensuring compliance with Health & Safety legislation but that if the tapes reveal an act of gross misconduct or criminal activity you reserve the right to use it for these purposes.


back to the questions

 

 

 

 

 

 

 

 

 

 

 

 

A7: There are certain limited exemptions in some circumstances, which include the following:

  • information consisting of records concerning intended negotiations with a worker;
  • information held for the prevention or detection of crime, apprehension or prosecution of offenders;
  • the assessment or collection of any tax or duty or of any imposition of a similar nature; and
  • information that consists of a reference given or to be given in confidence by the employer.



back to the questions

 

 

 

 

 

 

 

 

 

 

 

 

A8: The Data Protection Act 1998 (DPA) permits the use of covert monitoring only in very exceptional circumstances where there are grounds for suspecting that criminal activity or equivalent malpractice is taking place and where notifying workers about the monitoring would prejudice any investigation. It is important to use covert monitoring only as part of a specific investigation and to cease the monitoring once the investigation has been completed.

You should only operate covert audio or video monitoring in areas which workers would genuinely and reasonably expect to be private if the circumstances are serious enough so that you intend to involve the police. In any event you should not use covert audio or video monitoring in toilets or private offices. You should always take specific legal advice before embarking on any type of covert monitoring.


back to the questions

 

 

 

 

 

 

 

 

 

 

 

 
 
©Rawlison Butler LLP    Regulated by the SRA    Disclaimer/LLP Compliance    Text too small?    Add to Favourites   Links