The recent case of Bogdan Barbulescu v Romania made waves in the press with some papers reporting that employers can now ‘legally snoop’ on their employees; in truth however, the reality is more nuanced.
Bogdan Barbulescu was employed as a sales engineer in Romania and was asked by his employer to create a Yahoo Messenger account so that he could respond to clients’ enquiries. Mr Barbulescu’s employer also had a policy that forbade the use of computers and other equipment for ‘personal purposes.’
Mr Barbulescu however, in breach of that policy, used Yahoo Messenger on his work computer during working hours to send private messages as well as to respond to clients’ enquiries. In July 2007, Mr Barbulescu’s employer informed him that he had been monitored for 9 days and, because he was in breach of the policy against personal use of work computers he was dismissed.
Mr Barbulescu argued that this surveillance of his personal messages breached his rights under Article 8 of the European Convention on Human Rights (the right to a private and family life, home and correspondence). The European Court of Human Rights (ECHR), therefore, considered whether an employer monitoring an employee’s online correspondence on a work device was a breach of the employee’s rights under Article 8.
Interference with a person’s Article 8 rights is only permitted when it is in accordance with the law, is necessary in a democratic society and is in pursuit of a legitimate aim (namely: national security, economic wellbeing, the prevention of disorder or crime, the protection of rights or morals, or the protection of the freedoms of others). For an interference to be ‘necessary in a democratic society’, there must be a pressing social need to interfere with that person’s rights under Article 8 and the interference must be proportionate in the circumstances.
In the absence of a warning to the contrary, therefore, people can have a reasonable expectation to privacy with regard to their private and personal correspondence, even at work.
However, the court ruled against Mr Barbulescu, declaring that ‘it is not unreasonable for an employer to want to verify that the employees are completing their professional tasks during working hours.’ It found that the employer’s searches against Mr Barbulescu were limited only to his Yahoo Messenger account rather than all messages that were stored on his computer and the employee gave no adequate reasons as to why he had to use his Yahoo Messenger account for personal purposes (Mr Barbulescu said that getting a personal computer was unaffordable).
What Does this Mean?
Under the Human Rights Act 1998, British courts must ‘take into account’ rulings from the ECHR when determining cases relating to the European Convention on Human Rights. This means that whilst the Barbulescu ruling does not bind the British courts or impose new law, it is persuasive to British courts if they consider a similar case.
In short, this means that employers can monitor some employees’ personal messages in the workplace to ensure that employees are doing their work. However, this should be proportionate and employees should be forewarned that they may have their personal communications and/or internet usage monitored by their employer and the employer personal communications and personal internet use at work.
Given the emphasis on the proportionality and limited nature of the company’s searches in Barbulescu, this ruling does not give employers carte blanche to spy on employees. Rather, any searches should be proportionate to the employer’s need to ensure its employees are carrying out their contractual obligations, and policies should be clear so that employees understand that their personal messages may be read if they are sent from a work device during normal working hours.
If you aren’t receiving our legal updates directly to your mailbox, please sign up now
Please note that this blog is provided for general information only. It is not intended to amount to advice on which you should rely. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content of this blog.
Edwin Coe LLP is a Limited Liability Partnership, registered in England & Wales (No.OC326366). The Firm is authorised and regulated by the Solicitors Regulation Authority. A list of members of the LLP is available for inspection at our registered office address: 2 Stone Buildings, Lincoln’s Inn, London, WC2A 3TH. “Partner” denotes a member of the LLP or an employee or consultant with the equivalent standing.