As summer stretches out and daylight lingers, the spotlight on workplace privacy only grows brighter.
This quarterly report focuses on decisions which strengthen data subject rights, reviewing employee monitoring and surveillance practices and enhancing data protection practices.
In Italy, authorities have confirmed that individuals are entitled to copies of their personal data, regardless of existing access, and have penalised a bank for delayed responses to such requests, rejecting Covid-related justifications. Regulators across Europe and Brazil have increased scrutiny of employee monitoring, issuing fines and reprimands for excessive video surveillance in France, geolocation tracking in Belgium, intrusive recruitment personality tests in Brazil, and improper access to private emails in Denmark. In Germany, the use of private investigators in the workplace has received regulatory approval.
Data retention practices have also come under review. Recent decisions in Poland and Slovakia have challenged the justification for retaining employee data post-employment. In Poland, the possibility of future litigation was found insufficient to justify ongoing data processing, while in Slovakia, indefinite retention of ex-employees' emails was deemed excessive, with a six-month retention period recommended.
In the UK, the Data (Use and Access) Bill has passed and is awaiting Royal Assent, indicating further changes to workplace privacy regulation.
For full access to these insights and more see our Workplace Data Privacy update in collaboration with our colleagues at Ius Laboris.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.