European bosses aren't allowed to monitor employers without notice

[Levisallanon]

Apprently as a boss you have to be very carefull nowadays. Just stating in the rules that the use of a specific compagny asset is forbidden isn't enough anymore.

Quote

The case centred on the dispute between Bărbulescu and his employer after the latter read private messages he sent to his brother and fiancee from an online account he had been asked to set up for work purposes. The firm’s rules banned such use of online accounts.

The compagny set up this yahoo messenger account for him to talk to customers, but he also used it for some private conversation.

Quote

He said they were breached when his employer checked up on chat logs from his professional Yahoo Messenger account that included both his personal and private communications.

As a boss you should always inform your employers of the fact that their messages can be subject to monitoring.

Quote

The court found that Bărbulescu “had not been informed in advance of the extent and nature of his employer’s monitoring, or the possibility that the employer might have access to the actual contents of his messages”.

If you as a boss fail to do so the person in question can appeal to articel 8 of the European convention on human rights

Quote

“adequately protected Mr Bărbulescu’s right to respect for his private life and correspondence and that they had consequently failed to strike a fair balance between the interests at stake. There had therefore been a violation of article 8”

Probably this will cause a lot of compagnies to make their rules even stricter and have employers even sign more papers before they are allowed in their IT envirioment. Personally I don't know if this is a good development. On one hand it's good that pricacy still means something, but on the other hand this makes it even harder for bosses to make sure compagny assets aren't used for other stuff.

Source and complete article: https://www.theguardian.com/law/2017/sep/05/romanian-chat-messages-read-by-employer-had-privacy-breached-court-rules

[mr moose]

Why would any thinking brained person assume a company messenger service for talking to customers is a good place to have private conversations, let alone think they would not be seen by the company?

[You_are_a_cunt]

When I signed my contract I also agreed that activity on company PCs can be monitored without notice. Most companies actually have that as a clause in the contract, afaik

[Teddy07]

6 minutes ago, mr moose said:

Why would any thinking brained person assume a company messenger service for talking to customers is a good place to have private conversations, let alone think they would not be seen by the company?

No offense but haven´t you seen that there are so many retards out there? Ok I get it that it is hard for them to rub their two brain cells together

[porina]

It may be worth clarifying the region in the headline as that can and will vary significantly depending on the laws of the land.

 

Where I work, I have to annually reaffirm my understanding that I have agreed that any traffic over the work network may be monitored for any reason without any further notification. Basically, if I want to be sure it is private, don't use the work network. With the availability of mobile data, that is not much of a step.

[kilgore_T]

sometimes sheer boredom can only be combated by reckless irresponsible behaviour

[Sauron]

In this case it should probably go without saying, but at the same time it's a small effort to notify the employees and it can't hurt to have more information about privacy.

[Levisallanon]

8 minutes ago, mr moose said:

Why would any thinking brained person assume a company messenger service for talking to customers is a good place to have private conversations, let alone think they would not be seen by the company?

Well for example;
If the firewall is configured in a way you can't use any other communication and there is an emergency in the family you might consider using something like this to send private messages. I'm not sure if that was the case here tough.

 

4 minutes ago, revsilverspine said:

When I signed my contract I also agreed that activity on company PCs can be monitored without notice. Most companies actually have that as a clause in the contract, afaik

Yup, a lot of them do. But from what I understood (don't have a source sorry ) if the contract only states it can monitor the activity on your compagny PC it might not extent to cloud based services. Say for example a compagny facebook account isn't stored at your compagny pc at all etc. If you have the passwords to use it and use this for private conversation will this fall in the scope of your contract or not?

 

3 minutes ago, porina said:

It may be worth clarifying the region in the headline as that can and will vary significantly depending on the laws of the land.

 

[...]

Put it in the tags but might be good to put in the title too indeed, will do.

[You_are_a_cunt]

Just now, Levisallanon said:

Yup, a lot of them do. But from what I understood (don't have a source sorry ) if the contract only states it can monitor the activity on your compagny PC it might not extent to cloud based services. Say for example a compagny facebook account isn't stored at your compagny pc at all etc. If you have the passwords to use it and use this for private conversation will this fall in the scope of your contract or not?

From memory (keep in mind I read the contract some 3 years ago), the article states that any and all activity can be monitored, including key logging, browsing history, services being used and so on.

[Teddy07]

I remember when I was in my apprenticeship that I disconnected my PC from the network just in case. I then installed a chess program. I did this of course when I was the last guy in the office this day

[Mihle]

My Norwegian law, the boss would have to notify you for years....

[Doobeedoo]

This doesn't seem to be something new. It's expected really. 

[mr moose]

9 hours ago, Levisallanon said:

Well for example;
If the firewall is configured in a way you can't use any other communication and there is an emergency in the family you might consider using something like this to send private messages. I'm not sure if that was the case here tough.

Regardless, this person was at work and wants to send private messages, either use the mobile or wait till your lunch break.  Assuming privacy while using a corporate messenger service designed to communicate with  the public is still moronic. 

[SpaceGhostC2C]

10 hours ago, Levisallanon said:

Apprently as a boss you have to be very carefull nowadays. Just stating in the rules that the use of a specific compagny asset is forbidden isn't enough anymore.

Actually, it is enough. That is separate from whether a company has unlimited monitoring powers on its employees, and whether certain types of monitoring require explicit disclosure. If at all legal.

Just because your contract says you cannot do X (say, drink alcohol) during working hours it doesn't mean it is OK for them to tell you "hey, we saw you doing X with the cameras installed at every bathroom stall".

 

This case is not about whether the worker's behavior was or not in violation of the companies' rules, or whether or not they could penalize him for ir. It's only about which monitoring tools are legitimate and under which circumstances.

 

 

10 hours ago, Levisallanon said:

Probably this will cause a lot of compagnies to make their rules even stricter

I don't see why: stricter rules with equally poor enforcement are pointless. They only need to inform about monitoring tools whenever said tools may be in conflict with the employee's presumption of privacy.

 

10 hours ago, Levisallanon said:

and have employers even sign more papers before they are allowed in their IT envirioment.

That might be the case. Not a big deal, though.