Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
EU Communications Privacy

EU Companies Can Monitor Employees' Private Conversations While At Work (softpedia.com) 127

An anonymous reader writes: A recent ruling of the European Court of Human Rights has granted EU companies the right to monitor and log private conversations that employees have at work while using the employer's devices. The ruling came after a Romanian was fired for using Yahoo Messenger back in 2007, while at work, to have private conversations with his girlfriend. He argued that his employer was breaking his right for privacy and correspondence. Both Romanian and European courts disagreed.
This discussion has been archived. No new comments can be posted.

EU Companies Can Monitor Employees' Private Conversations While At Work

Comments Filter:
  • by Anonymous Coward on Thursday January 14, 2016 @10:43AM (#51299837)

    If you want to argue with your girlfriend, use your own cellphone. Jesus.

    • by greenfruitsalad ( 2008354 ) on Thursday January 14, 2016 @11:03AM (#51299985)

      warning: may seem sexist but it's my experience

      in my experience, it was always the women who used company email for private communication. as a former admin of such things, it annoyed the hell out of me. whenever a new employee took over an old mailbox (with a new name alias), they had to (for years) deal with stupid emails about - Mindy's wedding, Georgina's ugly baby, meet me for coffee beautiful, my period is late, etc. i never understood why they did it. they were always told to keep their mailboxes in a condition that would allow other people to use them in their absence, yet without exception, they treated their mailboxes like personal property and cursed me to hell for letting other people access their emails. i hated that job. people... what a bunch of bastards.

      • by tnk1 ( 899206 )

        Shouldn't changing the alias to the mailbox have kept anyone from the previous user from being able to reach that inbox? Or were your employees stupid enough to give out their email to their friends as "support@evil.org"?

        • by Anonymous Coward

          Shouldn't changing the alias to the mailbox have kept anyone from the previous user from being able to reach that inbox? Or were your employees stupid enough to give out their email to their friends as "support@evil.org"?

          you need to keep the old mailbox alias so that people that were communicating with the old mailbox owner will not find his e-mail bouncing back just because the person left and the person who replaces it and does the exact same job isn't on everyone's mailing list...

      • by Anonymous Coward

        Why do you alias boxes to new names instead of just giving the new names their own boxes and retiring the old names?

        • Why do you alias boxes to new names instead of just giving the new names their own boxes and retiring the old names?

          Exactly my thoughts. I'm like WTF does what the OP describes?

        • because logic. if email bounces and potential customer has to take additional steps to reach us, they are likely to open up a browser and research alternatives.

          instead, email will reach us anyway (old aliases are still in place) and a new person will respond and introduce her/himself as their new account manager.

      • they were always told to keep their mailboxes in a condition that would allow other people to use them in their absence, yet without exception, they treated their mailboxes like personal property and cursed me to hell for letting other people access their emails.

        So make everyone's "personal" work mailbox visible to everyone in the same team. Don't be subtle about it, make them show up as folders in the mail client. In other words, make public spaces public, not private-ish.

        This could be integrated into - o

      • by mjwx ( 966435 )

        warning: may seem sexist but it's my experience

        in my experience, it was always the women who used company email for private communication. as a former admin of such things, it annoyed the hell out of me. whenever a new employee took over an old mailbox (with a new name alias), they had to (for years) deal with stupid emails about - Mindy's wedding, Georgina's ugly baby, meet me for coffee beautiful, my period is late, etc. i never understood why they did it. they were always told to keep their mailboxes in a condition that would allow other people to use them in their absence, yet without exception, they treated their mailboxes like personal property and cursed me to hell for letting other people access their emails. i hated that job. people... what a bunch of bastards.

        Its not sexist because I've seen the same thing with mailboxes owned by men who dont care. Emails from lads mags, alerts from carsales, pics of some minging celebrity (OK, I'm pretty sure this kind of bollocks is unisex), sporting scores, betting sites, lotteries, so on and so forth.

        Vain, vapid and idiotic men are just as annoying as vain, vapid, idiotic women.

        Some people just dont get that when you use your companies services (phone, email and what not) there is no expectation to privacy. I'd go as f

        • [quote] Some people just dont get that when you use your companies services (phone, email and what not) there is no expectation to privacy. [/quote] That may be true in the US but not in Europe. In Europe employee's do have a legally recognized expectation of privacy. You shouldn't expect as much privacy as in your own home but there is some privacy nevertheless. There is always some expectation of privacy. I'm sure everybody expects privacy when visiting the loo, even at work. There are borders, it's just
    • If you want to argue with your girlfriend, use your own cellphone. Jesus.

      Funny enough. Contrary to the misreported article. Using company email and telephone for private affairs is legal in most EU countries, and the company is NOT allowed to intercept or snoop on it in any way. But apparently not in Romania, and the non-EU human rights court does not think it needs to override Romanian law on the issue.

  • Well Duh! (Score:5, Insightful)

    by thechemic ( 1329333 ) on Thursday January 14, 2016 @10:43AM (#51299839)
    9 years later, we have a court ruling on common sense.
    • by Nutria ( 679911 )

      Europeans are slow like that... LOL

  • Monitor (Score:5, Interesting)

    by Thanshin ( 1188877 ) on Thursday January 14, 2016 @10:45AM (#51299851)

    Is it enough to RTFA to discover whether he was fired for the having non work related conversations during work or for the actual content of those conversations?

    Because I see some difference between monitoring the activity and monitoring the content.

    • Re:Monitor (Score:5, Informative)

      by I'm New Around Here ( 1154723 ) on Thursday January 14, 2016 @11:20AM (#51300131)

      I just read the first link above, and it seems to be just the activity itself, not specifically any "inappropriate" content such as phone-sex.

      But it also didn't say how much of the workday he spent talking to his girlfriend. I would assume it was quite a bit, since he went out of his way to avoid the employer's messenger account, and used his own which he figured was safe from monitoring. If it was simply a message here and there, why fire him? It was probably dozens of messages all day long.

      • If it was simply a message here and there, why fire him? It was probably dozens of messages all day long.

        OTOH, if it was because of his performance, they would not have to refer to his use of company resources as an issue; to me, it smells more of him expressing some views or intents that were sufficiently alarming to warrant firing him. In Europe - at least where I have worked - an employer can't just fire you on a whim; unless there are very serious, disciplinary problems, you have to go through a procedure where you essentially try to rectify the problems, and only if that fails can you fire the employee.

        • I don't know about Romania, but at least here in Finland, you cannot really fire a single employee for bad performance. If the guy cannot do his job at all, then maybe, but just for being the bottom of the barrel is not cause for firing. On the other hand, if the company does not need the employees work any more, they can fire him, but then they cannot immediate hire someone else to do it.

          All this means is that when a company wants someone to leave, they 1) sometimes offer money if you resign or 2) try to f

    • Re:Monitor (Score:5, Informative)

      by AmiMoJo ( 196126 ) <mojoNO@SPAMworld3.net> on Thursday January 14, 2016 @12:44PM (#51300745) Homepage

      He was using a company provided email account to discuss his STDs with his girlfriend. The company policy was not to use the company email account for personal business, and it was in his contract. They asked him if he was using it for private use, he said no, they checked and found he was so fired him. He complained that it was an intrusion on his right to privacy (which is a human right in the EU), but the court felt that as it was a company computer and email account he couldn't expect privacy.

      It's all down to the use of his employer's property.

    • by jabuzz ( 182671 )

      He was fired for using a work related account that should have been used exclusively for work related activities for personal communication. He was fired because the firm felt he should not be using a company account for private messages.

      He tried to argue that the company should not have been looking at the contents of a work account, and the ECHR has ruled that argument is nonsense.

      Oh and by the way the ECHR has *NOTHING WHATSOEVER* to do with the EU. I see Slashdot editors are as bad as the Daily Mail.

  • Time? (Score:2, Insightful)

    by Anonymous Coward
    I have no problem with some using work equipment for talking to his girlfriend, but if your employer shows a 45-page report of your conversations I think they were trying to say "get off Yahoo Messenger and do some work dammit!" It depends on the time you waste IMHO
  • Wait... (Score:5, Informative)

    by EmeraldBot ( 3513925 ) on Thursday January 14, 2016 @10:49AM (#51299875)
    Before everybody gets in a big huff, this applies only to devices the employer owns and lets employees use, not personal devices employees bring to work. The title here is slanted and a little misleading...
    • by cfalcon ( 779563 )

      "No personal electronics beyond this point"

      I mean, it's not a common thing or anything, but it is a bit frustrating. In the US they've long handled this with a click through screen that says you give consent to monitoring blah blah.

      • Re:Wait... (Score:4, Informative)

        by EzInKy ( 115248 ) on Thursday January 14, 2016 @11:04AM (#51299993)

        That too was addressed in the ruling. From TFA:

        "The ruling also said that, from now onwards, companies should also explain and notify employees if they monitor and log all their Internet activities, and they should also get consent from the employee in writing."

    • by demon driver ( 1046738 ) on Thursday January 14, 2016 @10:58AM (#51299939) Journal

      The information presented here is, indeed, grossly miseading. There is no such thing as an employer's right to monitor private communications in the EU; on the contrary, at leastmin some European countries, like, say, Germany, illegitimately monitoring an employee's private communocation may actually land someone in jail.

      • by Antique Geekmeister ( 740220 ) on Thursday January 14, 2016 @11:23AM (#51300151)

        Most international and US domestic employees include clauses in the employee contract that explicitly permit company monitoring of content on work owned or devices, including work owned telephones and networks. There is effectively no "private communication" on your corporate laptop or machines you use for work.

        • Most international and US domestic employees include clauses in the employee contract that explicitly permit company monitoring of content on work owned or devices, including work owned telephones and networks. There is effectively no "private communication" on your corporate laptop or machines you use for work.

          And in much of Europe the employer would be breaking the law (wiretapping) if they did such monitoring. Ownership of the "thing" the employee is using isn't the issue here. I've worn plenty of work clothes owned by the company, does that mean that the company can ask me to strip? Or perhaps a better analogue, ask me to empty my pockets? Since, after all it's company owned equipment and I can expect any privacy as to the content of my pockets?

          I, and fortunately the lawmakers where I live and work, think not.

          • > And in much of Europe the employer would be breaking the law (wiretapping) if they did such monitoring.

            There was a fairly clear recent EU case about just this sort of use of work resources for private communications.

            http://www.telegraph.co.uk/tec... [telegraph.co.uk]

            Quoting the article:

            But on Tuesday the court ruled that it was not "unreasonable for an employer to want to verify that the employees are completing their professional tasks during working hours"

            I'm a

            • I'm afraid that EU privacy laws and practices are widely misunderstood.

              No argument there. Quoting from your own citation:

              "The employer acted within its disciplinary powers since, as the domestic courts found, it had accessed the Yahoo Messenger account on the assumption that the information in question had been related to professional activities and that such access had therefore been legitimate."

              Tom De Cordier, a lawyer at CMS DeBacker in Brussels, said the court had taken a "very liberal stance".

              He said: "Much of the courtâ(TM)s decision seems to be based on the fact that the employee had claimed that the relevant communications were of a professional nature."

              The case in question was one where the company had accessed communications in the belief that they were not private, as the culprit claimed they weren't. The court, when challenged, then said that that was not unreasonable (as I assume most would agree), as that it was reasonable to then take that information into account (which is dodgier but I'll let it slide for now). But as you're taught in the corporate world here in Sweden if you clearly mark something

        • Most international and US domestic employees include clauses in the employee contract that explicitly permit company monitoring of content on work owned or devices, including work owned telephones and networks. There is effectively no "private communication" on your corporate laptop or machines you use for work.

          And those clauses would in invalid in Germany and many other countries and any company trying to enforce it would be commiting crimes.

      • The information presented here is, indeed, grossly miseading. There is no such thing as an employer's right to monitor private communications in the EU; ....

        Can you clarify if you mean companies cannot monitor computer and phone usage on their own systems?

        • In short, the court found that the right to privacy (in the European Convention of Human Rights) is not breached by a law that permits companies monitoring communications from their equipment. This means that the Romanian law (that permits such monitoring) complies with the treaty. The German law (which, AIUI, forbids such monitoring) obviously complies with the treaty because it doesn't permit others to read personal correspondence.

      • The information presented here is, indeed, grossly miseading. There is no such thing as an employer's right to monitor private communications in the EU; on the contrary, at leastmin some European countries, like, say, Germany, illegitimately monitoring an employee's private communocation may actually land someone in jail.

        We do, but not on company equipment: The upper court of Berlin and Brandenburg ruled on that, and so did the one in Hamm. [orrick.com]

    • Re: (Score:2, Informative)

      by Anonymous Coward

      It's common sense. If you are using your employer's network even with your own device, it's monitored and you should have no expectation of privacy. If you have difficulty understanding why businesses monitor their own network, then you may have limited career growth.

    • Re:Wait... (Score:5, Interesting)

      by Rob MacDonald ( 3394145 ) on Thursday January 14, 2016 @11:17AM (#51300099)
      Well you could, and I do, argue this extends to the network, so if you are on your personal device but using THEIR network, the ruling still applies. That said, I really doubt this gives them the right to break encryption or demand the keys. It's not the content of the discussion really, it's about the wasted time they got paid for.
    • by pla ( 258480 )
      Before everybody gets in a big huff, this applies only to devices the employer owns and lets employees use, not personal devices employees bring to work.

      My employer has given me a phone, a laptop, a tablet, and a VPN router, all of which I need to care for and feed regularly, outside of normal business hours and (usually) in my own home.

      Does it seem reasonable that I need to maintain duplicates of those devices for personal use? And if I pick up the "wrong" iPad while still at home and in private, acc
      • by cdrudge ( 68377 )

        Does it seem reasonable that I need to maintain duplicates of those devices for personal use?

        Yes, if you want complete privacy in your activities from company oversight.

      • i'd say yes, to all, if you're doing something that you don't want others to see, then onus is on you to do it on your own device.

        if it is their's then they can do whatever the hell they want with it. If it's yours same thing. in the case of BYOD, depends on who actually owns it, you cede certain considerations and rights when you opt in to a discount in my mind.

        the phone, laptop and vpn router, are you caring for these things outside of normal business hours to do business-related activities? or for pers

    • by houghi ( 78078 )

      Indeed. He used the messenger that was only for business use. He signed for that and used it for personal use.

      In a Belgian Newspaper it also was stated that control is possible, but must be reasonable AND people should be warned before AND it should be a clear and transparent policy.

      This means still no 100% big brother, but a perfectly humane 'I warned you and made it clear and you disobeyed' thing.

      Iyt comes down to 'Do not use company material if they forbid you to do so.' kind of thing. To be honest, this

      • by Teun ( 17872 )
        Indeed, companies need to have a written policy that has been read, agreed on and signed for by the employee.
        Up north here in The Netherlands that policy has to be vetted and agreed upon by the Works Council and any time the employer has reason to snoop on the covered means of communication he has to inform (not consult!) the Works Council.

        In this particular case there was a company policy, the Yahoo Messenger account was set up specifically for client contact and the employee lied when asked if he used
    • Such as a closed circuit camera mic? If the employer owns it and an employee gets close, technically they're using it, could be useful for your next employee review especially if they search for key words, facial expressions, body positions, and watch the highlights

  • Don't be an idiot. (Score:4, Interesting)

    by penguinoid ( 724646 ) on Thursday January 14, 2016 @11:01AM (#51299963) Homepage Journal

    Don't use your company's email or other stuff for personal business. It's unprofessional, and you might get your personal communications subpoenaed should your company be involved in a court case.

    • by Anonymous Coward

      More sane employers will have the "Not for personal use" with the caveat of "except for limited tasks such as coordinating appointments, checking in on family, etc". The issue at hand here is the court confirming that an employee's right to privacy doesn't extend to work when using the employer's equipment for uses expressly prohibited.

  • by Anonymous Coward

    This was settled long ago in the US. Do your private stuff with your own communication equipment, preferably off company premises.

  • Misreported (Score:5, Interesting)

    by CAPSLOCK2000 ( 27149 ) on Thursday January 14, 2016 @11:23AM (#51300153) Homepage

    All reports miss an important part.
    Nobody went out to look at this guys private messages. During the course of an investigation into his performance at work some private messages were discovered. He argued that this alone was a violation of his privacy. The judge decided that the employer did the right thing. The employer was not intentionally looking for private messages and he did not read them when he discovered they were of a private nature.

    This is not a cart-blanche to spy on employee's.

    • by Anonymous Coward

      Your UID so low, yet you keep reading TFA. WHAT'S WRONG WITH YOU

  • Misleading headline (Score:5, Informative)

    by Kilobug ( 213978 ) <le-mig_g@@@epita...fr> on Thursday January 14, 2016 @11:37AM (#51300249)

    As some already reported, this is a highly misleading headlines.

    1. It's not EU, but ECHR, so much wider (it includes non-EU countries such as Russia or Turkey).

    2. The ECHR sets a minimal amount of human rights protection, not a maximal one - ECHR saying "we don't have any objection about it" doesn't mean it's legal in all ECHR countries, national government can pass higher levels of protection if they want.

    3. The ruling itself doesn't say "it's all fine to spy on employees in general", it said that in that specific case it's fine - it was a work mail account (not a private one), ...

    I advise you to read http://modulus.isonomia.net/la... [isonomia.net] for example, that gives a more detailed analysis on the ruling and reporting of it.

    • Amazing legal jurisdiction insight. I actually read this on a Guardian article, and I'm appalled they had no mention on this whatsoever. News papers today.
  • Buy one share of company stock, and bug the management and record all of their conversations and emails. After all, you are an owner of the company and have the right to know what goes on with executives, management and other owners. Let the courts play with why one group has more rights than an owner who also happens to be an employee.
  • Dunno about your company, but mine is pretty adamant about letting you know that "The use of this computer system and / or network is subject to monitoring at all times" and that, by utilizing it, you consent to such monitoring. It's pretty much the gist of the login banner every morning. It's also present in every single device I log into throughout the day.

    If you want to talk to your $person via IM, do it with your own device. Don't use company assets to do it with. Even if you get clever and encrypt t

  • I work for 2 companies. (hired by one, doing projects for another)
    One has recently changed the policy and has explicitly forbidden using emails for private needs.
    But it can't just go and monitor my emails, what can happen at most is that if employee isn't available (say, ill) yet someone needs to urgently take over hist duties, mailbox could be used by the other person.

    There are some funny rules too, it is prohibited to watch porn using your company notebook even if not working/at home. (afraid of viruses?)

  • In other places, the whole case was reported substantially different. First it must be said that a company will have the right to find out whether the phone calls you make at work are for business or private, but not to find out the contents of the private messages. On the other hand it should be obvious that a company can examine your work related phone calls.

    It seems the company was unhappy with his performance and noticed that he made a lot of phone calls during work time. They asked him about it, and
  • The title is wrong, both in the original article and in Slashdot summary.

    The European Court of Human Rights (ECHR) is not a European Union (EU) institution. It stems from the Council of Europe (CoE) [wikipedia.org], a much larger organization that includes 47 states. A lot of them are not part of EU, such as Russia for instance

"I think trash is the most important manifestation of culture we have in my lifetime." - Johnny Legend

Working...