It was about noon. Samuel had concluded some routine workplace assignments, but had a few more to attend to. He heaved a sigh, and thought- 'I'll resume to those, after this well-deserved time-out'. Yes, time-out to look up the social media messages piling up, and the intermittent flashing notifications which never ceased to teasingly announce their arrival (into his smartphone). He was soon engrossed with this very absorbing act...far too busy to notice his Line Manager standing a few steps away, making a hand gesture in an apparent bid to get Samuel's attention. This continued for almost a minute, until he (the Line Manager) had to call out sharply, visibly irritated. Samuel was visibly startled. He had been animatedly responding to a thread message on a recent Facebook posting. The Line Manager left angry, only to return issuing Samuel with a query. Later that week, the office churned out a new policy on the use of social media in the workplace.
The above scenario is not one that is unfamiliar. It raises a number of issues which agitate the mind. Can an employer restrict its employees' use of social media or personal devices to engage in private correspondence in the workplace? Can an employer monitor an employees' private communications in the workplace, and to what extent? Questions like these, were at the fore in the judgment of the Grand Chamber of the European Court of Human Rights (ECtHR). And while actual reference to the facts may have played out in a foreign jurisdiction, it nonetheless raises issues and arguments which are just as valid and applicable on this side of the divide.
In the case of Bărbulescu v. Romania, Mr. Bogdan sued the Romanian government for its failure to take adequate measures to protect his right to privacy after it was allegedly breached by his employer. Mr. Bogdan was employed in the Bucharest office of S company from August 1, 2004 to August 6, 2007, as a sales engineer. The employer's internal regulations prohibited the use of company resources by employees in the following terms:
"Any disturbance of order and discipline on company premises shall be strictly forbidden, in particular:
... personal use of computers, photocopiers, telephones or telex or fax machines."
The regulations did not contain any reference to the possibility of the employer monitoring employees' communications. At any rate, Mr. Bogdan was informed and assented to the above conditions.
At his employer's request, and for responding to customers' enquiries, Mr. Bogdan created an account on Yahoo Messenger. On July 3, 2007, the Bucharest office received and circulated among its employees a notice requiring employees to ensure time at the office was well spent and that they do not engage in private communications. The notice further stated that employees' communications would be monitored and where found wanting, employees would be punished; evidence on record showed that Mr. Bogdan acquainted himself with the notice and signed it between July 3 and 13, 2007.
From July 5 to 13, 2007, the employer recorded Mr. Bogdan's Yahoo Messenger communications in real time and on July 13, 2007 invited him for questioning. He was informed that his Yahoo Messenger communications had been monitored and there was evidence that he had used the internet for personal purposes, in breach of the internal regulations. Mr. Bogdan was not informed whether the monitoring of his communications had included the content. He maintained that he had used Yahoo Messenger for work-related purposes only. At about 5.20 p.m. on the same day, Mr. Bogdan was again summoned to give an explanation by a notice which included a 45-page attachment showing personal communication with his fiancée and brother, some of which was said to have been "intimate". Mr Bogdan informed the employer in writing that, in his view, it had committed a criminal offence, namely breaching the secrecy of correspondence. On August 1, 2007, the employer terminated Mr. Bogdan's employment.
By an application to the Bucharest County Court, the employee challenged his dismissal, asking that same be set aside. He argued that an employee's telephone and email communications at the workplace were covered by the notions of "private life" and "correspondence" and thus protected by Article 8 of the Convention for the Protection of Individuals regarding Automatic Processing of Personal Data. He submitted that the decision to dismiss him was unlawful; alleging that he had been subjected to harassment by his employer through the monitoring of his communications and disclosure of the content "to colleagues who were involved in one way or another in the dismissal procedure". By a judgment delivered on December 7, 2007, the County Court rejected the employee's application and confirmed his dismissal as lawful. His appeal to the Romanian Court of Appeal was also dismissed on June 17, 2008. Unsatisfied, Mr. Bogdan applied to the ECtHR on December 15, 2008.
On January 12, 2016, a Chamber of the European Court of Human Rights unanimously held, by six votes to one, that there had been no violation of Article 8 of the Convention. The Court found that it is not unreasonable for an employer to want to verify that the employees are completing their professional tasks during work hours. The Court noted that only the communications on Mr. Bogdan's Yahoo Messenger account were examined, but not the other data and documents stored on his computer; "the employer's monitoring was limited in scope and proportionate". The Court concluded that there was nothing to indicate that the domestic authorities failed to strike a fair balance between the applicants's right to respect for his private life and his employer's interests.
Mr. Bogdan further appealed to the Grand Chamber of the ECtHR. It was at this point that the tables turned. The court not only held that Article 8 was in issue but that it was breached. On whether Mr. Bogdan was informed that his communications would be monitored, the Court observed that it appeared that the domestic courts failed to determine, in particular, whether the employee had received prior notice from his employer of the possibility that his communications on Yahoo Messenger might be monitored; nor did they have regard either to the fact that he had not been informed of the nature or the extent of the monitoring, or to the degree of intrusion into his private life and correspondence. The Court found the Court of Appeal's conclusion that a fair balance was struck questionable. It observed that it had found a violation of Article 8 in that the national courts failed to establish the relevant facts to perform an adequate balancing exercise between the employee's right to respect for his private life and correspondence and the employer's interests.
Whilst the above may not be a decision of a Nigerian court(s), and there is no judgment yet on the subject of workplace privacy in Nigeria, the decisions of the National Industrial Court (NIC) in recent times show that it may be minded to follow the reasoning and decision in the case of Bărbulescu v. Romania. This is especially considering the NIC's part in the rapid and contuing development in Nigerian labour law.
The Reasonable Expectation of Privacy
A right to privacy is a fundamental right; i.e. the right to one's personal space (physical and cyber) and information/communication. While advancements in technology have expanded that territory, this has not removed that right. Despite an employer's desirability to check employee internet activities for its own safety, this fundamental right remains undisturbed. The reasons attributable for the surveillance of the employee's use of the internet in the workplace notwithstanding; the extent to which that is permitted, is now a matter of consent, contract and policy.
The degeneracy of employee discipline through unregulated use of the internet for personal, non-work-related activities, the need to improve employee productivity, save employer's resources and protect employer reputation and security network are reasons that cannot be ignored. That said, the employee has an inviolable right to privacy that must be respected even where the contract specifically states that his or her internet activities will be monitored. As noted by Justice Murphy in a decided case in 1942, "the search of one's home or office no longer requires physical entry, for science has brought forth far more effective devices for the invasion of a person's privacy than the direct and obvious methods of oppression which were detested by our forebears and which inspired the Fourth Amendment." Thus, as noted by the Grand Chamber, an employee has a right to reasonable expectation of privacy while working on the network of the employee. The life of an employee thus cannot be reduced to point zero.
The above said, employees need to keep in mind that the right to cyber workplace privacy is not one that is sacrosanct; nor is the right of the employer to police the activities of the employee on the internet absolute. The vocation of the court when faced with a question of competing rights is to place the facts before it on an imaginary scale and see where it tilts. The determination of what may constitute reasonable expectation of privacy for an employee therefore is a question of fact that will be assessed from the evidence before the court.
According to the Grand Chamber, the rule to be applied is:
- Whether the employee has been notified of the possibility that the employer might take measures to monitor correspondence and other communication of the employee and the implementation of such measures;
- The extent of the monitoring by the employer and the degree of intrusion into the privacy of the employee;
- Whether the employer has provided legitimate reasons to justify monitoring the communication and accessing their actual content;
- Whether it would have been possible to establish monitoring system based on less intrusive methods and measures instead than directly accessing the content of the employee;
- The consequence of the monitoring and the use by the employer of the information gathered; and
- Whether the employee has been given safeguards, especially where the monitoring is intrusive.
Workplace Privacy in the Nigerian Context
While there are no specific provisions for the enforcement of workplace privacy in the workplace in Nigeria, there are Constitutional and statutory provisions for the protection of the right. The Constitution of Federal Republic of Nigeria 1999 (as amended) guarantees the right to privacy of citizens, their homes, correspondence, telephone conversations and telegraphic communications is hereby guaranteed and protected. The NIC, by the Constitution, is also empowered to apply international treaties and covenants such as the International Covenant on Civil and Political Rights to which Nigeria is a signatory, which guarantees a right to privacy, and consider foreign judgments.
The posture of the NIC to protecting the human rights of an employee in the workplace has been viewed to lean in favour of the employee. In the case of Ejike Maduka v Microsoft Corporation & Ors, heavy damages were awarded against the employers of Mrs. Ejike Maduka for infringing on her right against discrimination and right to dignity of human person. The Tort of breach of confidence and misuse of information are Common Law remedies an aggrieved employee may have against the employer for wrongful use or misuse of his or her personal information.
The position of the law is settled; the right to privacy of an employee in the workplace is guaranteed, albeit with limits. While the employer is permitted by law to monitor the internet activities of the employees, it is also required to ensure the employee is duly informed of such monitoring and the information obtained is not misused. A policy is this regard has thus proved important and the communication of same to the employee vital.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.