Feeds

Employer snooping code: don't eavesdrop on staff

Delays anger unions

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Delays in the arrival of the code to set out employees rights regarding company snooping has been angering Unions.

The FT has quoted a senior TUC policy officer who believes the delays mean employee rights are inevitably going to be fought for via test cases in court.

Sarah Veale, senior policy officer at the Trades Union Congress, told the FT: "A lot of us were relying on the code to clarify when the right to privacy protects the employee . . . we need it to help employers, as much as employees. If we're not going to have a code (this year), then if someone gets unfairly treated it means we may have to go to court. That's got to be the inevitable consequence."

The full code of practice, being drawn up by the Information Commissioner's Office (ICO), is expected by the end of the year, but it will be released in instalments. Employer monitoring and surveillance of staff is considered the most difficult bit, and is being left until last. Rules about keeping staff records are due in May/June - a bit later than the end of March the Reg was quoted at the start of March.

The ICO is claiming it has never really set deadlines for drawing up the code - 'The Use of Personal Data in Employer/Employee relationships' as it's snappily and provisionally known - because it is such a complicated subject and it is concerned that it gets it right. Iain Bourne, strategic policy manager at the Information Commission, said: "Employers and employees want advice on this and it is important we get it absolutely right."

The code of practice is vital for clarifying what employees and employers are entitled to do in the workplace following several pieces of new legislation. The controversial RIP Act opens up the possibility of widespread email and phone surveillance. But this has also to tie in with the Human Rights Act, which enshrines the right to reasonable privacy, and the Data Protection Act, which insists that data is recovered "in a fair and proportionate manner".

One of the reasons things are taking so long is because the ICO received around 110 full responses regarding the implications and conflicts of the new legislation from a public consultation. Bourne described some of these as very substantial, critical, and technical.

Amongst the feedback the ICO has had is conflicting information about whether technical checks to see if staff are downloading porn actually work. Whatever the case, the ICO favours using technical tests rather than getting into an employees surfing history or hard disk to have a look at what they've been up, to.

Bourne used a phone analogy to give the ICO's view. "If you think an employee has been abusing the phone and making personal calls, don't listen in on them." He recommends checking the phone logs to see where they've been calling." ®

Related Link

FT story

Related Stories

Email snooping code of practice delayed
SurfControl sales rocket by 200%

Choosing a cloud hosting partner with confidence

More from The Register

next story
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
Assange™ slumps back on Ecuador's sofa after detention appeal binned
Swedish court rules there's 'great risk' WikiLeaker will dodge prosecution
NSA mass spying reform KILLED by US Senators
Democrats needed just TWO more votes to keep alive bill reining in some surveillance
'Internet Freedom Panel' to keep web overlord ICANN out of Russian hands – new proposal
Come back with our internet! cries Republican drawing up bill
What a Mesa: Apple vows to re-use titsup GT sapphire glass plant
Commits to American manufacturing ... of secret tech
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.