ARTICLE
17 June 2026

Workplace Data Privacy Update No. 7, June 2026

IL
Ius Laboris

Contributor

Ius Laboris logo
Ius Laboris is consistently recognised as the leading legal service provider in employment, immigration and pensions law. Our firms help international employers navigate the world of work successfully.
Explore Firm Details
The first half of 2026 has witnessed accelerating workplace privacy developments across multiple jurisdictions, from employee monitoring regulations and AI governance frameworks to biometric data enforcement and cybersecurity measures. This comprehensive update examines how data protection authorities worldwide are addressing emerging challenges in employee data rights, tracking technologies, and the implementation of new legislative frameworks including the EU AI Act and Chile's data protection regime.
United Kingdom Privacy
Alexander Milner-Smith (Lewis Silkin LLP)
Alexander Milner-Smith (Lewis Silkin LLP)’s articles from Ius Laboris are most popular:
  • in European Union
Ius Laboris are most popular:
  • within Wealth Management topic(s)
  • with Senior Company Executives, HR and Inhouse Counsel

The first half of 2026 has seen workplace privacy developments gather pace worldwide. In this update, our experts explore developments in employee monitoring, AI governance, data rights, biometric data, cybersecurity enforcement and more.

Employee monitoring remains firmly in the regulatory spotlight, with Slovenia’s Information Commissioner addressing the use of tracking chips in employee work clothing.AI governance in the workplace also continues to demand attention, with the Turkish DPA publishing guidelines on both generative and agentic AI use in the workplace, and Singapore launching its Model Governance Framework for Agentic AI. In Ireland, the General Scheme of the Artificial Intelligence Bill has been published to implement the EU AI Act, while the groundwork has also been laid for the EU Data Act.

Employee data rights have been tested in the courts, with a French Court of Appeal decision confirming that employees cannot rely on subject access requests to obtain wholesale copies of work emails, and a Polish court dismissing a GDPR damages claim where a data breach caused no actual harm. In Belgium, the DPA has addressed unlawful WhatsApp disclosures, post-termination email account retention, and employee misuse of database access rights.Biometric data remains a hot topic in Spain, where the AEPD has fined FC Barcelona for deploying facial and voice biometric technologies without a data privacy impact assessment, and imposed a fine on a company for the unlawful processing of biometric data.

This edition also covers cybersecurity enforcement from Sweden, Romania and Ireland, data retention guidance from Finland and Slovenia, and Chile’s comprehensive new data protection framework coming into force later this year.

For the UK, we explore the introduction of a new statutory right to complain under the Data Use and Access Act 2025 from June 2026. We also set out three key data, privacy and cyber watch outs for UK employers this year.

Find further details on these updates, and more, please download the full update.

To view the full article, click here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Alexander Milner-Smith (Lewis Silkin LLP)
Alexander Milner-Smith (Lewis Silkin LLP)
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More