Feeds

EU court rules monitoring of employee breached human rights

UK gov coughs up £3,000 damages and costs

Internet Security Threat Report 2014

The monitoring of an employee's email, phone and internet use by a Welsh college was a breach of her human rights, the European Court of Human Rights has ruled. The UK Government must pay £3,000 damages and legal costs in the case.

Lynette Copland said her email traffic, internet activity, and telephone usage were all monitored by the deputy prinicipal of Carmarthenshire College or his staff in a manner that breached her rights to a private life as enshrined in the European Convention on Human Rights.

Copland took a case against the government that the activity breached her rights under Article 8 of the Convention, which says that "everyone has the right to respect for his private and family life, his home and his correspondence". Her case was against the government because Carmarthern College is a publicly funded body.

The government argued that monitoring, which it said was far more limited than Copland claimed, was justified in order to determine whether or not she had been excessively using college resources for personal communication.

"The court is not convinced by the government's submission that the college was authorised under its statutory powers to do 'anything necessary or expedient' for the purposes of providing higher and further education, and finds the argument unpersuasive," said the court's ruling.

The events took place in the 18 months leading up to November 1999, when Copland claims that the deputy principal of the college not only monitored her use of phone, internet and email facilities but contacted some of the people she had communicated with to ask about the nature of the communications and enquired at another campus of the college about a visit she had made there with a male director while she was on holiday.

Copland said that the monitoring was extensive and took place over a period of 18 months. The government admitted that monitoring took place but said that it lasted only a few months. It admitted that the college monitored dates and times of emails. The college had no policy in place at the time informing employees that their communications might be monitored.

"According to the court's case-law, telephone calls from business premises are prima facie covered by the notions of 'private life' and 'correspondence' for the purposes of article eight," said the Court's ruling. "It follows logically that emails sent from work should be similarly protected under article eight, as should information derived from the monitoring of personal internet usage.

"The applicant in the present case had been given no warning that her calls would be liable to monitoring, therefore she had a reasonable expectation as to the privacy of calls made from her work telephone. The same expectation should apply in relation to the applicant's e-mail and internet usage," it said.

The court said the monitoring of Copland's activity was an interference with her rights, and that that interference was not "in accordance with the law" as the government had claimed, and that therefore there had been a violation of Copland's rights. The court noted that the Regulation of Investigatory Powers Act (RIPA), passed after these events in 2000, would have given a framework for the regulation of employer monitoring of communications.

"The ruling is important in that it re-inforces the need for a statutory basis for any interference with respect to private use of a telecommunications system by an employee," said Dr Chris Pounder, a privacy specialist at Pinsent Masons, the law firm behind OUT-LAW.COM. "The lawful business practice regulations [part of RIPA] allow an employer to monitor and intercept business communications, so the Court is implying that private use of a telecommunications system, assuming it is authorised via an acceptable use policy, can be protected."

Copland was awarded £3,000 in damages and £6,000 in costs.

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Providing a secure and efficient Helpdesk

More from The Register

next story
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
Spies, avert eyes! Tim Berners-Lee demands a UK digital bill of rights
Lobbies tetchy MPs 'to end indiscriminate online surveillance'
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
4chan outraged by Emma Watson nudie photo leak SCAM
In the immortal words of Shaggy, it wasn't me us ... amirite?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.