Email monitoring may contravene European laws

• Tags:
• Pinsent Masons,
• Acceptable Use Policy,
• Telecommunications System,
• Intercepted

Tom Espiner ZDNet.co.uk

Published: 11 Apr 2007 17:35 BST

• 
• 
• 
• 
• 

Monitoring employees' internet and telephone use at work may contravene human rights laws, after a landmark case in the European Court of Human Rights last week.

The case involved a public-sector employee, who won €3,000 in damages and €6,000 in court costs and expenses, after her communications were intercepted by her employer, Carmarthenshire College, based in South Wales. Lynette Copland successfully took the UK government to court after her personal internet usage and telephone calls were monitored by one of her bosses in 1999.

The ruling means that the private use of company telecoms equipment and internet access may be protected under European human rights legislation, if the company has an acceptable personal-use policy and fails to inform the employee that their communications may be monitored. Employee communications are also covered by human rights legislation if the organisation has no explicit acceptable use policy and fails to inform the employee of the monitoring of personal email.

Privacy experts at law firm Pinsent Masons said that although businesses now have clear guidance for monitoring work communications under the Regulation of Investigatory Powers Act (RIPA) 2000, personal communications at work may be protected by the European Convention on Human Rights, and the Human Rights Act 1998. "The lawful business practice regulations allow an employer to monitor and intercept business communications, so the court is implying that private use of a telecommunications system, assuming it is authorised via an acceptable-use policy, can be protected [by human rights legislation]," said Dr Chris Pounder, a privacy specialist. "The ruling is important in that it reinforces the need for a statutory basis for any interference with respect to private use of a telecommunications system by an employee," Pounder added.

Copland brought the case against the government after her communications were intercepted by the deputy principal of Carmarthenshire College, a publicly funded body, where she was employed as a personal assistant to the college principal. Her lawyers successfully argued that the activity breached her rights under Article 8 of the Convention on Human Rights, which says that "everyone has the right to respect for his private and family life, his home and his correspondence".

The government admitted that monitoring had taken place of dates, times and participants in email and telephone conversations, and of Copland's internet usage. The college had no policy in place at the time informing employees that their communications might be monitored.

"According to the court's case-law, telephone calls from business premises are prima facie covered by the notions of 'private life' and 'correspondence' for the purposes of Article 8," said the court's ruling. "It follows logically that emails sent from work should be similarly protected under Article 8, as should information derived from the monitoring of personal internet usage. The applicant in the present case had been given no warning that her calls would be liable to monitoring, therefore she had a reasonable expectation as to the privacy of calls made from her work telephone. The same expectation should apply in relation to the applicant's e-mail and internet usage."

Copland's damages and costs will be borne by UK taxpayers. She remains in post at the college.

• 
• 
• 
• 
• 

• Share this article:
• Digg
• Slashdot
• Del.ici.ous
• Stumble
• Reddit

• Most Recent
• Most Popular
• Most Discussed