The Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000
Employees should be able to carry out their work without fear that their actions are scrutinised at every turn. An effective business needs for there to be mutual trust and confidence between the employer and each employee.
Under the Human Rights Act 1998, employees have a right to privacy and perhaps a right to object to carrying out a task if privacy was not ensured.
The Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 (the Regulations) give businesses the right to monitor communications on their own networks. Previously such interception would have been unlawful unless consent had been given by both the sender and the recipient.
The Regulations became effective on 24th October 2000, implementing Article 5 of the EU Telecoms Privacy Directive. Under that directive, businesses in EU member states may legally record communications on private networks that occur as part of lawful business practice, and for the certain purposes.
Interception is lawful for the purposes of monitoring or recording, if doing so:
allows the business to comply with other regulation
establishes the existence of facts
acts as a means of verification that the person being monitored is performing his or her work to standards
is in the interests of UK security
may prevent or detect criminal activity
ensures the communication system operates effectively
allows the business to detect unauthorised use of the system
The Data Protection Commissioner has published a Code of Practice that sets out how employers should monitor employee activities, such as use of e-mail, telephone and Internet. Despite the permissible interceptions, the Code states that employees (but not necessarily correspondents) should be notified that communications might be intercepted.
One of the criticisms of the Regulations regards outsourcing. While certain service industries may permissibly intercept communications in order to comply with regulation, service providers to those industries who are not regulated, may not intercept the same communications. That places a regulatory burden on some providers.
The Data Protection Act 1998 is likely to govern information obtained through monitoring. There are particular rules around the use and storage of sensitive personal data, that must be followed, but which are difficult to keep private. In other words, if sensitive employee data is collected (such as relating to medical issues), the employee might have to be told that the employer knows.
Employees in the UK spend longer hours at their workplace, and mix both work and domestic tasks together during the day, for example, ordering shopping online during a lunch break. There are increasing numbers of forms of communication as well, from telephone conversations, to e-mail, to instant messaging that occur over many different types of device. Employers need to be sensitive to their employees’ need for privacy if they are to maintain levels of productivity and morale.
Please note that the information provided on this page:
- Does not provide a complete or authoritative statement of the law;
- Does not constitute legal advice by Net Lawman;
- Does not create a contractual relationship;
- Does not form part of any other advice, whether paid or free.
We would love to hear what you think about this article and how we could improve it. Please do let us know. However, we shan't be able to reply to your specific questions. If you have a question about a document, please contact us.
If you have noticed a bug or a mistake on this page, or just want to give us feedback, we'd love to know. Nothing is too small or too big. Send your message on this feedback page.