Feeds

EU court rules monitoring of employee breached human rights

UK gov coughs up £3,000 damages and costs

Next gen security for virtualised datacentres

The monitoring of an employee's email, phone and internet use by a Welsh college was a breach of her human rights, the European Court of Human Rights has ruled. The UK Government must pay £3,000 damages and legal costs in the case.

Lynette Copland said her email traffic, internet activity, and telephone usage were all monitored by the deputy prinicipal of Carmarthenshire College or his staff in a manner that breached her rights to a private life as enshrined in the European Convention on Human Rights.

Copland took a case against the government that the activity breached her rights under Article 8 of the Convention, which says that "everyone has the right to respect for his private and family life, his home and his correspondence". Her case was against the government because Carmarthern College is a publicly funded body.

The government argued that monitoring, which it said was far more limited than Copland claimed, was justified in order to determine whether or not she had been excessively using college resources for personal communication.

"The court is not convinced by the government's submission that the college was authorised under its statutory powers to do 'anything necessary or expedient' for the purposes of providing higher and further education, and finds the argument unpersuasive," said the court's ruling.

The events took place in the 18 months leading up to November 1999, when Copland claims that the deputy principal of the college not only monitored her use of phone, internet and email facilities but contacted some of the people she had communicated with to ask about the nature of the communications and enquired at another campus of the college about a visit she had made there with a male director while she was on holiday.

Copland said that the monitoring was extensive and took place over a period of 18 months. The government admitted that monitoring took place but said that it lasted only a few months. It admitted that the college monitored dates and times of emails. The college had no policy in place at the time informing employees that their communications might be monitored.

"According to the court's case-law, telephone calls from business premises are prima facie covered by the notions of 'private life' and 'correspondence' for the purposes of article eight," said the Court's ruling. "It follows logically that emails sent from work should be similarly protected under article eight, as should information derived from the monitoring of personal internet usage.

"The applicant in the present case had been given no warning that her calls would be liable to monitoring, therefore she had a reasonable expectation as to the privacy of calls made from her work telephone. The same expectation should apply in relation to the applicant's e-mail and internet usage," it said.

The court said the monitoring of Copland's activity was an interference with her rights, and that that interference was not "in accordance with the law" as the government had claimed, and that therefore there had been a violation of Copland's rights. The court noted that the Regulation of Investigatory Powers Act (RIPA), passed after these events in 2000, would have given a framework for the regulation of employer monitoring of communications.

"The ruling is important in that it re-inforces the need for a statutory basis for any interference with respect to private use of a telecommunications system by an employee," said Dr Chris Pounder, a privacy specialist at Pinsent Masons, the law firm behind OUT-LAW.COM. "The lawful business practice regulations [part of RIPA] allow an employer to monitor and intercept business communications, so the Court is implying that private use of a telecommunications system, assuming it is authorised via an acceptable use policy, can be protected."

Copland was awarded £3,000 in damages and £6,000 in costs.

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

The essential guide to IT transformation

More from The Register

next story
Super Cali signs a kill-switch, campaigners say it's atrocious
Remote-death button bad news for crooks, protesters – and great news for hackers?
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
The police are WRONG: Watching YouTube videos is NOT illegal
And our man Corfield is pretty bloody cross about it
Felony charges? Harsh! Alleged Anon hackers plead guilty to misdemeanours
US judge questions harsh sentence sought by prosecutors
'Stop dissing Google or quit': OK, I quit, says Code Club co-founder
And now a message from our sponsors: 'STFU or else'
prev story

Whitepapers

Best practices for enterprise data
Discussing how technology providers have innovated in order to solve new challenges, creating a new framework for enterprise data.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?