The European Court of Human Rights (ECHR) has rules a company shouldn't have sacked one of its employees because he sent private emails from his work account during working hours.
The ECHR used the case of Romanian Bogdan Mihai Brbulescu vs Romania to stipulate what companies can and can't do when monitoring employee emails.
If a company wants to monitor employee email usage, it must notify the employee beforehand and tell them to what extent their communications will be monitored, whether the employer has legitimate reasons to monitor the content, whether it's possible to monitor the communications via other, less intrusive methods and the consequences if an employee is found to be misusing company email.
The court ruled the way the employer in this case monitored emails was against Brbulescu's human rights, explaining the employer "failed to strike a fair balance between the interests at stake: namely Mr Brbulescu's right to respect for his private life and correspondence, on the one hand, and his employer's right to take measures in order to ensure the smooth running of the company, on the other."
The court found no evidence that Brbulescu received a warning that his communications were being monitored prior to losing his job and even if he was told, he was unaware of the extent of the snooping. It concluded that the company had not protected his right to respect for his private life and correspondence under Article 8 of the Convention.
This overturns rulings made in Romanian courts, which said the employer was within its rights to monitor Brbulescu's computer activity using software.
"Although it was questionable whether Mr Brbulescu could have had a reasonable expectation of privacy in view of his employer's restrictive regulations on internet use, of which he had been informed, an employer's instructions could not reduce private social life in the workplace to zero," said the court in its decision.
Although this decision could concern other businesses that they are unable to monitor employee emails, the EHCR explained they can still dismiss employees if they're using business email for personal use. However, the employer must take sufficient safeguards to prevent abuse before it gets out of hand.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
