Data protection and privacy

UK: Data Protection Bill published – employers should prepare now for GDPR

The Government published the draft Data Protection Bill (the “Bill”) on 14 September. The Bill will be debated at its second reading in the House of Lords on 10 October 2017. The Bill will replace the Data Protection Act 1998 … Continue reading

Leave a Comment

Filed under Data protection and privacy, Jurisdiction: UK

Asia: Pre-employment screening

Pre-employment screening can be a useful tool in ensuring you are hiring the right person for the right role. Here we look at the issues that may arise with asking a candidate about their criminal record in various jurisdictions in … Continue reading

Leave a Comment

Filed under Data protection and privacy, Jurisdiction: Asia

UK: GDPR – The “Whole of Business” Issue at the Top of Your Board Agenda

Almost all organisations use or process personal data. With less than 9 months to go before the EU General Data Protection Regulation (the “GDPR”) comes into force in the UK and across Europe, the run up to 25 May 2018 … Continue reading

Leave a Comment

Filed under Data protection and privacy, Jurisdiction: UK

UK: Limits on employers’ ability to monitor private communications

The Grand Chamber of the European Court of Human Rights’ (ECtHR) ruling in Barbulescu v Romania (61496/08) is a timely reminder of the limits of employers’ ability to monitor their employees’ private activity on work IT systems. The case concerned … Continue reading

Leave a Comment

Filed under Data protection and privacy, Jurisdiction: UK

UK Government Position Paper on International Transfers of Data – key points

Last week the UK Government released its negotiating position paper on international transfers of personal data within the EEA (The Exchange and Protection of Personal Data). Once the UK leaves the EEA it will no longer be subject to the … Continue reading

Leave a Comment

Filed under Data protection and privacy, Jurisdiction: UK

UK: Employee documents created using employer’s IT systems may not be privileged against the employer

Simpkin v The Berkeley Group Holdings plc highlights the potential benefits for employers of a clear and comprehensive IT policy, referred to in the employment contract and signed by an employee, which provides that emails and documents sent using the … Continue reading

Leave a Comment

Filed under Data protection and privacy, Jurisdiction: UK, Protection of business interests (including restrictive covenants and confidential information)

UK: Queen’s Speech and Brexit developments

The Queen’s Speech on 21 June 2017 set out the government’s programme for the next two years and was inevitably dominated by Brexit-related legislation. The principal bill will be the European Union (Withdrawal) Bill, subsequently published on 13 July 2017, … Continue reading

Leave a Comment

Filed under Data protection and privacy, Employment status (including agency workers, casual workers, use of contractors and 'dispatch' arrangements), International mobility (including secondments, migrant workers, territorial jurisdiction), Jurisdiction: UK, Workplace culture, diversity and discrimination (including bullying and harassment), Workplace flexibility and family-friendly rights

EU: Article 29 Working Party provides guidance on processing of employees’ personal data at work

Modern technology enables employees to be tracked over time, across workplaces and their homes, through many different devices, such as smartphones, desktops, tablets and wearable devices. If there are inappropriate limits to the processing, and if it is not transparent, … Continue reading

Leave a Comment

Filed under Data protection and privacy, Jurisdiction: France, Jurisdiction: Germany, Jurisdiction: Spain, Jurisdiction: UK

UK: updated ICO Code of Practice on subject access

Employers faced with a subject access request should ensure they refer to the updated guidance recently issued by the Information Commissioner’s Office.  The guidance has been amended to reflect recent case law (summarised here) and notes (at pages 43-44) that data controllers are … Continue reading

Leave a Comment

Filed under Data protection and privacy, Jurisdiction: UK

Asia: Mandatory Employment Policies

HR practitioners will be aware that work rules are mandatory in certain jurisdictions in Asia once an employer reaches a specified number of employees. However, an often-overlooked area is whether employers must or should establish other types of employment-related policies … Continue reading

1 Comment

Filed under Data protection and privacy, Industrial/workplace relations, collective bargaining, works councils, Jurisdiction: Asia, Remuneration (including bonus and incentive plans), Workplace culture, diversity and discrimination (including bullying and harassment), Workplace Health and Safety