SUMMARY: A council in Wales has been warned about its future conduct after carrying out covert surveillance of an employee in breach of the Data Protection Act 1998
Circumstances of the warning
The ICO (Information Commissioner’s Office) has reported that the following occurred at Caerphilly council, resulting in a warning:
Breach of the Data Protection Act 1998 (“DPA”)
The Commissioner’s view was that there were not sufficient grounds at this early stage of the employee’s sickness absence to justify the authorisation of covert surveillance. The Commissioner therefore considered that the covert surveillance of the employee’s activities was unfair and in breach of the First Data Protection Principle (which is to process personal data fairly and lawfully).
How can employers comply with the DPA when carrying out CCTV surveillance of employees?
The ICO has made it clear that covert surveillance to monitor employee behaviour can be justified in some circumstances. However the employer must:
Particularly consider whether a medical report should be obtained and whether a discussion should take place with the employee – both of which we would advise carrying out in most cases; and
When authorising and following the authorisation of covert surveillance, after the above steps have been completed, the employer must:
Employers can find further information on surveillance in the ICO’s Employment Practices Code.
Contact Details
If you are considering covertly monitoring an employee or conducting an impact assessment in relation to covert surveillance we can advise – please contact:
+44 (0) 1604 871143
This update is for general guidance only and does not constitute definitive advice.
SUMMARY: A council in Wales has been warned about its future conduct after carrying out covert surveillance of an employee in breach of the Data Protection Act 1998
Circumstances of the warning
The ICO (Information Commissioner’s Office) has reported that the following occurred at Caerphilly council, resulting in a warning:
Breach of the Data Protection Act 1998 (“DPA”)
The Commissioner’s view was that there were not sufficient grounds at this early stage of the employee’s sickness absence to justify the authorisation of covert surveillance. The Commissioner therefore considered that the covert surveillance of the employee’s activities was unfair and in breach of the First Data Protection Principle (which is to process personal data fairly and lawfully).
How can employers comply with the DPA when carrying out CCTV surveillance of employees?
The ICO has made it clear that covert surveillance to monitor employee behaviour can be justified in some circumstances. However the employer must:
Particularly consider whether a medical report should be obtained and whether a discussion should take place with the employee – both of which we would advise carrying out in most cases; and
When authorising and following the authorisation of covert surveillance, after the above steps have been completed, the employer must:
Employers can find further information on surveillance in the ICO’s Employment Practices Code.
Contact Details
If you are considering covertly monitoring an employee or conducting an impact assessment in relation to covert surveillance we can advise – please contact:
+44 (0) 1604 871143
This update is for general guidance only and does not constitute definitive advice.