Article 8 protects the right to respect for private life at the workplace, encompassing privacy of correspondence,[1] email use,[2] data protection,[3] access to data,[4] professional reputation,[5] and provides grounds for protection in cases of unfair dismissals.[6]

States may also be obliged to adopt measures designed to secure respect for private life even in the sphere of the relations of individuals between themselves, having regard to the fair balance that has to be struck between competing interests.[7] Taking into account that labour law leaves room for negotiations between the parties to a contract of employment  to regulate the content of their relations, States have a wide margin of appreciation in assessing the need to establish a legal framework governing the conditions in which an employer may regulate electronic or other communications of a non-professional nature by its employees in the workplace.[8] However, the domestic authorities should ensure that the introduction by an employer of measures to monitor correspondence and other communications, irrespective of the extent and duration of such measures, is accompanied by adequate and sufficient safeguards against abuse.[9] In light of the rapid developments in this area, relevant factors have been identified for proportionality, as well as procedural guarantees against arbitrariness.[10] The domestic authorities should ensure that an employee whose communications have been monitored has access to a remedy before a judicial body.[11]

Concerning lawfulness, employer policies may be sufficient in cases where labour market issues are, according to the State’s legal framework, mainly regulated by the parties on the labour market and allow for the employer's right to manage and organise the work. [12] For this to be so, in cases concerning the positive obligations of the State under Article 8, the individual’s right to privacy should be effectively protected and correctly balanced with the employer’s rights by national courts. This includes cases of dismissal of employees for non-compliance with their duties revealed through video surveillance,[13] monitoring of private messages sent from a corporate messenger account[14], and employer access to employee files on a computer.[15]

For the ESC, the right to work freely includes protection from unwarranted privacy intrusions (Article 1§2).[16] Privacy interference can take various forms, including employer data collection (through video surveillance[17] or checking employees’ emails[18]), storage, sharing, and use for employment decisions. Employees must be safeguarded against such interference, particularly when occurring through electronic communication and data processing.[19] Articles 1§2 and 26 (harassment protection) broadly protect against unnecessary workplace intrusion, but violations of employee privacy may also breach Article 3 (worker health, including mental health), Article 5 (trade union membership), Article 6 (collective bargaining), Article 11 (mental health), Article 20 (sex discrimination), and Article 24 (unjust dismissal).[20] The question of privacy at work can also be regulated by collective agreements.[21] In addition, Article 3 (the right to a safe and healthy workplace) applies across the public and private sectors, covering both employees and the self-employed.[22] In relation to the application of this right, the introduction of new technologies can generate, increase and shift factors of risk to the workers’ health and safety. In particular, new technology, organisational constraints and psychological demands favour the development of psychosocial factors of risk, leading to work-related stress, aggression, violence and harassment.[23] States Parties to the ESC (or Revised European Social Charter) should review occupational risk prevention at both national and company levels in consultation with social partners (Article 3§1).[24] Under Article 3§2, they should adopt health and safety regulations aligned with scientific and international standards,[25] ensuring clear employer responsibilities and worker rights and duties.

 


[1] Bărbulescu v. Romania [GC], No. 61496/08, 5 September 2017.

[2] Copland v. the United Kingdom, No. 62617/00, 3 April 2007.

[3] Surikov v. Ukraine, No. 42788/06, 26 January 2017.

[4] Yonchev v. Bulgaria, No. 12504/09, 7 December 2017.

[5] S.W. v. the United Kingdom, No. 87/18, 22 June 2021

[6] Ülya Ebru Demirel v. Turkey, No. 30733/08, 19 June 2018; Denisov v. Ukraine [GC], No. 76639/11, 25 September 2018.

[7] Köpke v. Germany (dec.), No. 420/07, 5 October 2010, with further references.

[8] Barbulescu v. Romania [GC], §§ 118-119.

[9] Ibid. § 120.

[10] Ibid. § 121. The relevant factors are: (i) whether the employee was clearly notified in advance about monitoring; (ii) the extent and intrusiveness of the monitoring; (iii) whether the employer had legitimate reasons for monitoring communications, especially for accessing their content; (iv) whether less intrusive alternatives were available; (v) the consequences for the employee and how the monitoring results were used; and (vi) whether adequate safeguards were in place to protect employee privacy.

[11] Ibid., § 122.

[12] Wretlund v. Sweden, No. 46210/99, decision of 9 March 2004 (inadmissible).

[13] Köpke v. Germany, No. 420/07, decision of 5 October 2010 (inadmissible); López Ribalda and Others v. Spain [GC], Nos. 1874/13 and 8567/13, 17 October 2019.

[15] Libert v. France, No. 588/13, 22 February 2018.

[24] Conclusions 2003, Statement of Interpretation on Article 3§1; see in particular Conclusions 2003, Bulgaria; Statement on Covid-19 and social rights adopted on 24 March 2021.

[25] Marangopoulos Foundation for Human Rights (MFHR) v. Greece, Complaint No. 30/2005, decision on the merits of 6 December 2006, §224.