PL&B International E-news, Issue 54

10 May, 2007
© Privacy Laws & Business 2007

1. France's CNIL Fines Tyco Healthcare for giving false information and non-cooperation
2. European Court of Human Rights gives judgment on an employer's monitoring of an employee's personal communications  
3. Italy's DPA issues legally binding rules on employee monitoring
4. EU takes action against three states for data law deficiencies
5. Dubai Data Protection Regulations now published

1. CNIL Fines Tyco Healthcare for giving false information and non-cooperation

On 12th April, France's data protection authority, the CNIL (Commission Nationale de l'informatique et des Libertés) fined the US-based Tyco Healthcare France corporation 30,000 Euros for non-cooperation and for providing CNIL with erroneous information. After Tyco Healthcare, which specializes in medical equipment manufacturing, was formally notified by CNIL to provide information about a file on the management of its 450 employees, Tyco made an inaccurate reply.  Tyco indicated to CNIL that it had suspended implementation of this file.

2. European Court of Human Rights

gives judgment on an employer's monitoring of an employee's personal communications

An employee's right to keep personal matters personal even when these intrude into the work place, subject to certain limitations, was confirmed by the European Court of Human Rights in April and applies to the 46 states of the Council of Europe.

The decision in the case of Copland v United Kingdom was delivered in April 2007 and demonstrates that even before the Data Protection Act 1998 and the Human Rights Act 1998 came into the force in the UK, an employer's ability to monitor an employee's private communications and internet use conducted over the employer's equipment has always been very limited. The law now specifies that unless an employer has the right policies and procedures in place the courts will not tolerate unwarranted intrusions into an employee's personal and private life.

A fuller report on this case will be published in the May issue of the Privacy Laws & Business International Newsletter.

3. Italy's DPA issues legally binding rules on employee monitoring

On 10 March, the Garante, Italy's data protection authority, issued a guidance paper which attempts to assist employers to overcome some of the hurdles and to allow monitoring in a way that satisfies the requirements of the EU Data Protection Directive as implemented in Italy. The paper contains a legally binding interpretation of the statutory requirements for monitoring in the workplace.

A fuller report on this case will be published in the May issue of the Privacy Laws & Business International Newsletter.

4. EU takes action against three states for data law deficiencies

The European Commission has launched proceedings against Germany, Austria and the United Kingdom for breaches of Community data protection law.

A fuller report on this case will be published in the May issue of the Privacy Laws & Business International Newsletter.

5. Dubai Data Protection Regulations now published

The Dubai International Financial Centre Authority issued on March 1st the Data Protection Regulations 2007, so that the system of regulation established under the Data Protection Law is now fully in place. This process illustrates the speed with which legislation enacted by a Ruler is possible. The Regulations are very similar to the systems established by legislation in most EU countries with one important exception.

Click here for further information about subscribing to the international newsletter.