Can employers look at the company email accounts of employees, such as when they do not show up to work? Can employers monitor employee Internet use during working hours? Can employers read employee emails if they use the company email account for personal purposes?
Companies face these and many more questions about employer-provided email accounts and Internet access every day. To give employers guidance on this, the German Data Protection Authorities (“DPAs”) published “privacy guidelines” about using email and the Internet at the workplace. These guidelines provide essential information, practical tips and helpful advice on this topic.
On 29 February 2016 the European Commission issued the legal texts of the EU-U.S Privacy Shield which aims to replace the defunct EU-U.S Safe Harbor Framework as a legitimate mechanism for transferring personal data from the EU to the U.S.
In contrast to its predecessor, the Privacy Shield contains commitments from US government in relation to controls on access to personal data by public authorities. This is an aspect of the new scheme which aims to address the jurisprudence of the Court of Justice of the European Union and criticisms of the previous Safe Harbor Framework.
Yesterday, German federal and state (Länder) data protection authorities (“DPAs”) issued a Position Paper following the recent Court of Justice of the European Union (“CJEU”) ruling that struck down the EU-US Safe Harbor Framework. Read an unofficial translation of the German Position Paper here.
Unfortunately, the Position Paper does little to relieve the pressure many organisations are now facing in relation to their cross-Atlantic data transfer mechanisms, particularly those used to transfer data from Germany to the United States. READ MORE