The CBI has slammed the proposed Data Protection Commission's (DPC) draft code of practice on interception of emails and phone calls. The code is currently based on what were draft regulations and so is out of date, it says.
Published one week after the government told employers they were entitled to read their staff's emails and listen in to their phone conversations, The DPC's code contradicted the government by saying employers should not be allowed legally to read personal correspondence.
But following a restrictive month-long consultation period, the CBI has decided that the whole process is one step behind and is asking the DPC for more recent information so it can review and comment on the controversial measures. At the moment, the code is "at odds" with the DTI's Lawful Business Practice Regulations, said the CBI.
Rod Armitage, CBI Head of Legal Affairs, was quoted in a press release*: "This code is confusing and at odds with other regulations. It has failed to recognise the context in which business email systems work. The code suggests that it is difficult to see how routine monitoring can be justified. But many businesses read emails and record telephone messages for security purposes and to ensure that their systems keep up with the commitments they are entering into. It is rarely obvious from the heading of an email whether it contains business or personal information. Personal emails may have to be opened to establish that they are not work related."
Bemoaning the fact that the DTI and DPC seem incapable of talking to one another, the CBI is simply asking that they sort their act out.
The issue of "employer snooping" has become a hot topic recently. The unpopular RIP Bill is nevertheless law and the government announced that employers were entitled to keep staff under surveillance. The DPC's code contradicted this and then, of course, there is the issue over whether snooping breaches the Human Rights Act, pulled into UK law recently. The CBI wants clarity.
We don't entirely agree with the CBI - the argument that employers should be entitled to know everything in detail that their staff do during working hours doesn't hold water with us. However, we do agree on one thing - that it is a right dog's dinner and needs someone to sort it out. Pronto. ®
* Just a small note about modern news management lunacy. The CBI put out a press release on 13 October, saying that on the 16 October it would attack the DPC's code on email snooping. We called up to find out if anything not in the press release had been said yesterday. No, because no one said it. The CBI doesn't even appear to have told the DTI and DPC direct. It was a press release about a press release that didn't exist. How are we expected to work with these materials? ®
Related Stories and links
Sponsored: Ransomware has gone nuclear