DATA AND EMPLOYMENT LAW
As digitalisation increases and enhances the analysis of people and processes, two branches of the law are being brought into conflict: employment law and data protection law.
“With more data being captured at the point of the machine or the workstation, it’s logical for companies looking to make cost reductions, to use this data in redundancy selection and performance management exercises,” says Glenn Hayes, partner and employment law expert at Irwin Mitchell.
Workstation performance data is just one of the criteria companies will consider; others include attendance and length of service. But machine performance data is objective and not subjective, making it compelling to use in court or tribunal.
“Particularly when grading your performance for a redundancy selection exercise, the more objective I can be, the more likely any outcome or dismissal will be fair,” says Glenn.
Data protection rights protect the employee by placing restrictions on how employers use this data. Taking data that relates to an employee, such as their productivity, without their knowledge and using it in an unexpected way to give the employer an advantage is a breach of GDPR. Employers can face huge fines; they must be rigorous in their risk assessments and transparency to avoid this.
“Companies can use data to monitor staff performance but it has to be transparent to people that you’re using it for that purpose,” says Joanne Bone, partner and data protection expert at Irwin Mitchell. The measurement must be legal, proportionate and transparent (via a privacy notice and monitoring policy) to comply with GDPR.
While data alone provides useful evidence to parties in a dispute, human interaction is required to understand the full context of what it is showing. Data alone won’t account for a disability, age, machine defects, or other mitigating reasons for sub-optimal performance.
“If an employee is 65 and is recorded with slower productivity, are they operating the machine slower because of their age, or their ability, or some defect with that machine?” says Glenn. “It’s unlawful to treat someone unfavourably because of a characteristic protected by discrimination laws. Employers have a duty to make reason able adjustments for disabled employees, so employers need to ask ‘is that discriminatory, and will the company have to make adjustments?’”
A wide selection of hardware and software technology is now available to monitor personnel performance, including CCTV, telematics for drivers, workstation monitoring, and recordings. None of these are barred from use in companies; rather it’s the necessary signposting that’s easy to miss.
“It’s a question of proportionality, risk assessment and transparency rather than being unable to use this type of technology,” says Joanne. “Many manufacturers miss the fact there are preliminary steps, rush ahead and install screen monitoring, CCTV, tracking telematics etc. without working through the issues to ensure that it’s legal.”
If a company is collecting data about a person at work, from a data protection point of view it must tell them what it’s collating the evidence for and stick to that.
Covert recording and filming employees
Knowledge of GDPR is empowering the workforce. There’s a rise in the number of cases where employees provide covertly recorded discussions as mitigating evidence in employment tribunals.
recent Irwin Mitchell case tested whether the act of concealing the recording was an example of gross misconduct. The case ruled that it wasn’t automatically deemed an act of gross misconduct but, if people are covertly recording private conversations, it could be judged as such in specific cases.
Filming people in the workplace with their knowledge is becoming more common, as companies trying to improve process flow and record staff movements between workstations. They can then redesign the factory more efficiently. CCTV could also flag inadvertent or deliberate time-wasting or other misconduct. This poses the question of whether it could lead to dismissal. Would that be fair?
Data protection issues are being brought into employment claims more and more. “Employees are leveraging their data protection rights to force a settlement – they know that dealing with a subject access request is potentially time consuming and expensive, and use this fact to try and get a settlement,” says Joanne.
It’s not just employment cases. In one matter where Irwin Mitchell acted for a consumer business, a buyer was unhappy with the product. When the business said it wasn’t at fault, the customer made a subject access request as it’d be expensive to deal with, and threatened to complain to the Information Commissioner’s Office, as well to trying to force a settlement. This performance monitoring could help to accelerate falling employment in manufacturing, as data identifies the weakest piece in the production system.
BEST PRACTICE GUIDE TO DATA COLLECTION NOTIFICATION
Irwin Mitchell recommends that you:
- Complete a Data Protection Impact Assessment, a form of risk assessment, to make sure you’re recording the data proportionately
- When you’re satisfied this is proportionate, assess if the information is transparent enough. Draw up an Employee Monitoring Policy
- Provide a privacy notice, explaining to the staff again what you intend to do and how the data is collected.