News

Remote work has redefined the business world during the last few years. According to the Remote Work Observatory of the Politecnico di Milano School of Management, in 2022 remote workers in Italy accounted for about 3.6 million individuals. In this context, can the employer monitor remote workers? And if so, how does this differ from other countries?

According to the research made by Daverio & Florio Law Firm, employers in Italy can monitor remote workers, also with the aid of external tools, such as software. This is also the case for The Netherlands, UK, Spain, and Australia, but they must respect some limitations in line with requirements by the General Data Protection Regulation (GDPR) and by article 4 of the Workers Statute. In contrast, countries such as Germany, Switzerland, Ireland, Belgium, and Sweden, have stricter limitations regarding the monitoring process.

Starting with Italy, the employer is allowed to track the work activities of the employees, even when working from home, but with some specific limitations. The first limitation is that remote monitoring systems, such as software, can be used exclusively for organizational and productive needs, work safety purposes and for the protection of the company assets. Software can only be installed after signing a union agreement and on the condition that the workers are adequately informed. Additionally, monitoring working tools (used by the employee to fulfill their work activity) and the tools used to register accesses and presence of the workers (like the access badge), does not require a single union agreement, but the collected data can be used for any employment relationship related purpose, as long as the employees receive proper information about it.

In the Netherlands, similarly, the employer is allowed to check the working activities of an employee working from home, but must abide by certain conditions, especially the right to privacy has to be respected. Before proceeding to monitor the employee, the employer must conduct a data protection impact assessment to evaluate what the employee's privacy risks are. If the organization has a Works Council, it must agree to the monitoring system. In addition, the employee must be informed prior to the monitoring and must be informed about when the audit will be done and why it is being done. In addition, the employee has the right to know what data the audit looks at.

In special cases, the employer may conduct an audit without informing the employee in advance, but only if there«s a reasonable suspicion that the employee is doing something illegal. Finally, it is important that the employee be informed about the check afterward.

In the United Kingdom is a similar situation. Employers can monitor employees who are working from home, for example by looking at the use of email, checking website visits and recording or listening to phone calls. But they must ensure that the level of monitoring remains proportionate and reasonable in meeting the aim of ensuring health & safety for their employees as well as complying with their working time regulations obligations, maintaining productivity, quality of output and effective supervision.

In Spain, also, the company can track the use of electronic means when the employee is working remotely, but only if these means are company properties (i.e., laptops or any other IT resource). This monitoring on the part of the employer must be respectful with data protection regulations and the right to privacy. In any case, any form of control made by the employer must be balanced and proportionate.

No no specific laws that regulate the employees monitoring system exist in Belgium, meaning that the same rules of office work apply to remote work, the employer's right to control telework has nevertheless been recognised. The employer can exercise appropriate and proportionate control over the results and/or performance of the work. This means checking whether the work to be performed in the context of telework was actually and correctly performed. At the same time, the employer must take measures, particularly regarding software, to ensure the protection of data used and processed by the teleworker.

In Germany, employers, in general, cannot adopt tracking systems like software – except in the case of suspected criminal acts – but they can record the working time of employees, e.g., via log-in data. However, in this regard, the employer must always take into account the co-determination rights of the works council and data protection rules.

In Switzerland, the employer must register the employees« working time, regardless from whether they work in the office or at home, and how it is arranged is up to the employer. Therefore, the employer can also arrange for regular management checks (calls/emails etc.), but it is not generally allowed to install software which would record what the employees are doing.

As of today, in Ireland, there is currently no specific piece of legislation governing the monitoring of employees. In deciding whether or how much to monitor, employers will need to respect their employees« constitutional rights including the right to privacy and respect for family life, which of course have particular significance in circumstances where employees are working in their homes. Employers must also comply with the Data Protection Act 2018 and with the GDPR. To fully comply with their obligations in this regard, employers must process the personal data of their employees in a lawful, fair, and transparent manner, for a specified, explicit, and legitimate purpose; and data collection should be limited to what is necessary in relation to the purposes for which they are processed.

In Sweden as well, the same responsibility applies for the employer regardless of where the employee works. However, the possibility to monitor an employee working from home is limited due to privacy reasons.

Further afield in Australia, employers can lawfully implement software that monitors an employee«s computer activity while the employee works from home (including monitoring of emails, internet usage and keystroke activity). The specific requirements for implementing this kind of workplace surveillance differ across the Australian territories, but generally, the surveillance can be implemented pursuant to a detailed policy and after providing written notice of implementation.