Privacy rights in the workplace is increasingly becoming an emerging trend in today’s workplace. This concept has become an international practice which has gained international recognition. This paper considers recent developments pertaining to the privacy rights of the employee at the workplace. The paper critically examines the nature of the concept of privacy within the context of employment relations and the Legal Framework of same in Nigeria vis-a-vis other jurisdictions. The paper further x-rays the stance of the International Labour Organization (ILO) on the subject.
The paper adopts a doctrinal legal research methodology with the use of statutes, case laws, and journal articles; and it proffers recommendations regarding the urgent need to review the Labour Act to address privacy rights.
The workplace is not left behind in the record-breaking advancements in science and technology. From employees being issued laptops and smart phones ostensibly to enable them work smarter anytime and anywhere, to the use of closed-circuit cameras in the workplace supposedly to guard against employee and/or third-party misconduct, it is clear that while employees no longer have a hiding place, employers have perfected the art of playing “Big-Brother” over their employees both off and on duty. Indeed, as traffic on the so called “information superhighway” continues to explode, several substantive questions about the use and abuse of these information networks arise.
One issue of primary concern is whether the law provides adequate protection for the employee’s right to privacy in the workplace from various threats posed by computer technology, electronic eavesdropping, video and sound recording equipment, and databases filled with personal information. The questions are, what are the ramifications for the employee’s right to privacy in the workplace? Does an employer have the right to search the employee’s computer files or review the employee’s email etc.? What are the interests of the employer? Are they deserving of protection? etc.
History and Sources of the Right to Privacy
The history of the right to privacy has been linked to the Protestant Reformation of the sixteenth century and the emergence of a right to privacy in England.1 It was said that at the time, the Catholic tenet that the church had a right to its parishioners’ thoughts, and a responsibility to make sure they were pure, was antithetical to a notion of privacy. Protestant reformers, in contrast, proposed a more individual relationship with God and the Bible, keeping thoughts free from interference from the church. The people were therefore drawn to Protestantism which gained popularity in England.2
Two centuries later, Sir William Blackstone wrote that the state should have limited access to one’s private sphere. He argued that individuals possess three absolute rights vested in them by the immutable laws of nature, namely, the rights of personal security, personal liberty and private property.3 His works greatly influenced the artificial entrenchment of the right in national constitutions across the world.
Curiously, the right to privacy as we know it today became an international right before it became a nationally entrenched right.4 In spite of this early traction, the right to privacy remained relevant only for the protection of aspects of privacy such as the inviolability of the home and of correspondence.5
In recent times, the right to privacy has taken on a life of its own, breaking out of the restrictive scope of both international and constitutional laws and becoming a subject of debate at multiple levels of human endeavour.
What Is Privacy?
Privacy is one of the most important concepts of our time, yet it is also one of the most elusive. As rapidly changing technology makes information increasingly available, scholars, activists, and policymakers have struggled to define privacy, with many conceding that the task is virtually impossible.6
While almost everyone agrees that the right to privacy is a fundamental right, there is apparently no convergence on the exact definition or scope of the right.7 The earliest definition of privacy in English law was given by Thomas M. Cooley who defined privacy as “the right to be left alone”.8 Even though the Constitution of the Federal Republic of Nigeria 1999 (as amended) guarantees and protects the privacy of citizens, their homes, correspondence, telephone conversations and telegraphic communications, it stops short of defining the scope of the concept and so creates a temptation that citizens privacy relates only to domestic privacy.
Manifestations of Privacy Issues at the Workplace
There are several situations where employers tend to infringe on the privacy rights of employees. Some of these situations have been resolved by making recourse to the basic principles of torts, while others have been resolved through constitutional rights jurisprudence and other statutory provisions. Some of these situations are considered below:
(a) Intrusion into an employee’s private solitude or seclusion
This is a special form of invasion of privacy. It applies when someone intentionally intrudes, physically or otherwise, upon the solitude or seclusion of another. Consent is typically a strong defense to an intrusion claim. Consent can often be gained expressly, but can also be implied.
(b) Public disclosure of employee’s private facts
Here liability occurs when a person gives publicity to a matter that concerns the private life of another, a matter that would be highly offensive to a reasonable person and that is not of legitimate public concern.9
Defenses open to an employer include that there was a public benefit, consent or qualified privilege. Lastly, if the event took place in public then it is not an invasion of privacy.10
(c) Physical searches
An employer’s search of an employee’s person or private belongings is perhaps the most intrusive form of invasion of privacy. However, a physical search may be warranted and lawful under certain circumstances. For example, if a jewellery store videotape shows that an employee is stuffing jewellery in his or her pocket without paying for it, the employer may be justified in conducting a limited physical search of the employee.11
(e) Internet, Social Media and E-Mail Surveillance
This is the monitoring of the online behaviour, activities or other changing information of employees often carried out surreptitiously by employers.12
(f) Background Checks
Some employers usually probe into the criminal history, credit information and social media content of potential employees.
(g) Medical Records
The Nigerian Labour Act13 provides that every worker who enters into a contract shall be medically examined by a registered medical practitioner at the expense of the employer.14 It is important to state that questions with regard to the worker’s health, disability or medical history can only be justified if such questions are relevant to the nature of the job and/or the conditions of performance of the function or in cases where this would be legally required.
The Nigerian National Health Act15 (NHA) is the principal legislation regulating the Nigerian healthcare sector. It also makes adequate provisions for the privacy rights of patients. It provides that all information concerning a user, including information relating to his or her health status, treatment or stay in a health establishment is confidential. The provision imposes the legal obligation of confidentiality except as provided in the Act namely where there is a court order or where any law prescribes such disclosure with the consent of the owner in writing and when non-disclosure will pose a serious threat to public health.16
The Nigerian National Industrial Court has at least in one case suggested that the consent of an employee must be sought and obtained before their medical records are obtained or used for any purpose.17
The United Kingdom,18 as well as other jurisdictions frown at disclosure of employees’ medical record without consent.
(h) Electronic Surveillance Technologies
There are different methods used by some employers to monitor their employees which include but not limited to the following: Closed Circuit TVs (CCTVs), Audio Recording Devices, Vehicle or Mobile telephone tracking, Email and internet monitoring, physical monitoring, including drugs and alcohol testing and searches biometric tests, including fingerprinting, hand geometry, iris scanning, voice recognition and automated face recognition etc.
In 2017, the Isreali Privacy Protection Authority published guidelines on the use of surveillance cameras in the workplace and within the framework of employment relations.19
In the United States case of Lake V. WalMart Stores Inc.20, the issue of employee privacy in relation to CCTV camera was determined when the Supreme Court of Minnesota in upholding the claim stated inter alia that employers are bound to keep recorded CCTV information private and not to disclose same without the consent of the employee.
There are many reasons why an employer might want to monitor its employees. In certain circumstances, it may even feel obliged to do so, such as to:
- avoid harassment or other inappropriate behaviour by employees, particularly as the employer can be found vicariously liable for such actions monitor employees’ performance and for training purposes (eg monitoring of telephone calls to call centres);
- protect employees’ personal data;
- prevent theft or defend systems from attack (eg from hacking);
- control transmission of trade secrets and confidential information;
- prevent departing or former employees from soliciting current employees or customers; and/or
- ensure corporate policies and procedures are complied with.
International and Local Perspectives on Personal Data Protection
Recently, workplace employee privacy has been better expressed through the instrumentality of various data protection laws and regulations. These are aimed primarily against unlawful processing and abuse of personal information of data subjects (usually employees) by data controllers or administrators (usually employers). The most prominent of these data protection regulations are the General Data Protection Regulation 2018 applicable in Europe and the Nigerian Data Protection Regulations 2019 applicable in Nigeria.
The International Labour Organisation (ILO) and workers’ privacy rights
The ILO has identified the issue of privacy at work place and protection of employee’s data as a critical issue in employer and employee relationship. This informed the issuance for adoption codes of international labour Conventions and recommendations on data protection, privacy issues, and conditions of work, social security, industrial relations and labour administration, among others.
One of the codes issued by the ILO is the Code of Practice on the Protection of Workers’ Personal Data21. The essence of the code is to provide guidance on the protection of worker’s personal data and does not replace national laws, regulations, international labour standards or other accepted standards.
Balancing the Employee’s Right to Privacy with the Employer’s Interests
A right to privacy is a fundamental right i.e. the right to one’s personal space (physical and cyber) and information/communication. While advancements in technology have expanded the territory, this has not removed that right. Despite an employer’s need to check an employee’s internet activities for its own safety, this fundamental right remains undisturbed. The reasons attributable for the surveillance of the employee’s use of the internet in the workplace, notwithstanding the extent to which that is permitted, is now a matter of consent, contract and policy.
The tendency for employees to exhibit indiscipline through unregulated use of the internet for personal, non-work-related activities, coupled with the employer’s need to improve employee productivity, save employer’s resources and protect employer’s reputation and security network are reasons that cannot be ignored. That said, the employee has an inviolable right to privacy that must be respected even where the contract specifically states that his or her internet activities will be monitored. Thus, an employee has a right to reasonable expectation of privacy while working on the network of the employee. The life of an employee thus cannot be reduced to point zero.
The position of the law is settled – the right to privacy of an employee in the workplace is guaranteed, albeit with limits. While the employer is permitted by law to monitor the workplace activities of its employees, it is also required to ensure the employee is duly informed of such monitoring and the information obtained is not misused. A more robust law/policy in this regard has thus proved important and the communication of same to the employees vital.
- Podcast: How Anne Boleyn gave us our right to privacy by Eric Krupke and Rachel Quester: http://iapp.org/news/video/podcast-how-anne-boleyn-gave-us-our-right-to-privacy/ (accessed 15th April, 2020)
- Op. Cit.
- Sir William Blackstone, Commentaries on the Laws of England, 4 vol. (1765–69) available at https://www.britannica.com/biography/William-Blackstone (accessed 15th April, 2020).
- See Oliver Diggelman, Maria Nicole Cleis, Human Rights Law Review, Vol. 14, Issue 3, September 2014 Pages 441-458, published 7 July 2014. Article 12 of the Universal Declaration of Human Rights (UDHR) provides that no one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. It goes further to state that everyone has the right to the protection of the law against such interference or attacks.
- For instance, the English Bill of Rights, the 4th Amendment to the United States Constitution, Chapter IV, Section 37 of the Constitution of the Federal Republic of Nigeria.
- Daniel J. Soloye, Understanding Privacy, Harvard University Press, May 2008; GWU Legal Studies Research Paper No. 420; GWU Law School Public Law Research Paper No. 420. Available at SSRN: https://ssrn.com/abstract=1127888 (accessed 15th April, 2020)
- In 1972, the Younger Committee, a British inquiry into privacy stated that the term could not be defined satisfactorily. Again in 1990, the British Calcutt Committee concluded that “nowhere have we found a wholly satisfactory statutory definition of privacy” – See “Princess Diana, Privacy Laws and Press Freedom in the United Kingdom” published 30 October 1997 available at Leeds.ac.uk (accessed 15th April, 2020) the Right to AGE-97warehouse and its premises the sum of belongs to the Licensee. across the worldctorily vacy, fa
- See Brandeis J in Olmstead v United States 277 US 438 478.
- For example, where an employer announces the divorce of an employee at the workplace which fact was not generally known by colleagues.
- http://aaronhall.com/public-disclosure-of-private-facts/ (accessed 15th April, 2020)
- 11 Common Workplace Privacy Issues (and 4 Common Law Claims) By Stephen Bruce, PhD, PHR Dec 11, 2013 https://hrdailyadvisor.blr.com/2013/12/11/11-common-workplace-privacy-issues-and-4-common-law-claims-2/ (accessed 15th April, 2020)
- A 2018 survey found that 22% of organisations worldwide are using employee-movement data, 17% are monitoring work-computer-usage data, and 16% are using Microsoft Outlook-or Calendar-Usage data.
- Cap.L1, LFN 2004
- See Section 8 ibid.
- National Health Act, 2014 Gazette No. 145, Vol. 101
- See Sections 25, 26, 27, 28 of the NHA
- Andrew Esiri Okoto v Guinness Nigeria Plc (Suit No. NICN/LA/72/2017)
- Section 182 of the UK Data Protection Act (DPA)
- No. 5/2017 published in October 17, 2017
- Op. Cit.
- Protection of Worker’s Personal Data: An ILO Code of Practice, Geneva, International Labour Office, I997. https://www.ilo.org/wcmsp5/groups/public/—ed_protect/—protrav safework/documents/normativeinstrument/wcms_107797.pdf (accessed 15th April, 2020)