Employee data protection has been one of the most urgent topics on German political parties’ agendas for many years. One of the disputed questions was how such special protection could best be implemented. The available options were a separate act on employee privacy or an amendment of the Federal Data Protection Act (“FDPA”).
ANALYSIS: Obstacles To Non-EEA Multinationals’ Transfers Of Employee Personal Data Outside The EEA Under Existing EU Law And The Commission’s Proposed Data Protection Regulation
Multinationals with global headquarters outside the European Economic Area (EEA) rapidly learn that EU Member State employment laws may differ dramatically both from the norms of the headquarters’ jurisdiction and from each other. This is unsurprising in 27 Member States with very diverse political histories. Each separately attempts to balance the interests of the individual employee (including his or her interest in collective activity) against the interests of the business employing him or her. Some Member States are objectively far more employee-friendly than others to counterbalance what that State perceives as the relative inequality of bargaining power.
The Court of Appeal for Ontario recently recognized in Jones v. Tsige (Jones) that breaches of an individual’s privacy can provide the basis for a civil cause of action formally known as the tort of “intrusion upon seclusion”.
The decision has implications for employers and underscores the importance of safeguarding sensitive personal information that employees have access to at work.
In Jones, Winnie Tsige, a bank employee, viewed the bank records of Sandra Jones, a fellow bank employee, without authorization at least 174 times over a four-year period. In doing so, Tsige gained access to Jones’ personal information, including her financial transactions, date of birth, marital status, and address. When Jones became aware of Tsige’s actions, she complained to the bank.
ANALYSIS: French Appeals Court’s Suspension Of U.S. Company’s Whistleblowing Scheme Despite CNIL Approval: Reasons And Implications
On September 23, 2011, the Labor Chamber of the Caen Court of Appeals upheld a decision suspending a whistleblowing scheme implemented by Benoist Girard, a subsidiary of the U.S. group Stryker, even though the French data protection authority, the Commission nationale de l’informatique et des libertés (CNIL), had inspected and approved the scheme before its implementation…
ANALYSIS: Italian Privacy Law Changes Revise Rules On Application Of Privacy Code To Legal Entities, Rules On Processing Of Employment Candidates’ Personal, Sensitive Data
Recent legal developments in Italy have significantly revised the applicable data protection legal framework in terms of both the introduction of new rules and different interpretations of existing provisions. Law Decree May 13, 2011, n. 70, enacted into law with amendments by Law July 12, 2011, n. 106, amends, among other things, the application of privacy rules to legal entities and the rules governing the processing of employment candidates’ personal and sensitive information.
ANALYSIS: Canada’s Ontario Court Of Appeal’s Ruling Muddies The Waters As To Employee Privacy Rights Regarding Use Of Workplace Computers
In a decision released March 22, 2011, the Ontario Court of Appeal issued a surprising ruling affecting privacy rights in the workplace…
A recent criminal law proceeding against a manager of Deutsche Telekom AG ended up in a custodial sentence of three-and-a-half years due to, among other things, a violation of telecommunications secrecy…