We would like to ensure that you are still receiving content that you find useful – please confirm that you would like to continue to receive ILO newsletters.
16 March 2016
The Data Protection Authority recently found that an employer's decision to suspend an employee was legitimate in light of its right to defence against the employee's breach of Article 24 of the Privacy Code and Articles 2104 and 2015 of the Civil Code.
An employee appealed to the Data Protection Authority against his employer processing his personal data, which was stored on his work computer. The computer had been seized when the employee was suspended. It was subsequently subjected to a content check and a copy of the hard disk was made.
The employee challenged the employer's actions as unlawful and arbitrary due to the absence of assurances regarding "the immutability of the contents of the PC" and the fact that the data acquisition took place "in his absence and in the presence of a third party unconnected to the company… in violation of the principles of relevance".
The authority's findings revealed the following:
The Data Protection Authority assessed the legitimacy of the employer's actions, having found that the employer was entitled to carry out proper checks on performance and protect its assets. It found that correct procedure had been followed in that regard, as the checks had aimed to protect the company's rights.
The authority's decision is notable because it examined a specific procedure that used digital forensics techniques to examine a company's computer system and IT tools entrusted to employees.
The materials contained on this website are for general information purposes only and are subject to the disclaimer.
ILO is a premium online legal update service for major companies and law firms worldwide. In-house corporate counsel and other users of legal services, as well as law firm partners, qualify for a free subscription.