UK businesses face legal minefield

UK businesses face a legal minefield because vital staff monitoring guidelines from the Information Commission (IC) have been delayed again.

The guidance, part of a document to help companies comply with the 1998 Data Protection Act (DPA), was originally due earlier this year, but assistant Information Commissioner David Smith said it now wouldn't be ready before the end of January.

A draft was published last October in response to business concerns that monitoring allowed under the Lawful Business Practices Regulation section of the Regulation of Investigatory Powers Act (RIPA) would breach both the DPA and Human Rights Act.

The IC said employers should only scrutinise staff email, internet and telephone activity when there is suspicion of criminal activity or behaviour that contravenes conditions of employment.

The revised final version is unlikely to be significantly different, said Smith.

"Businesses can't escape from the position that employee monitoring is subject to the Data Protection Act," he said.

"Blanket monitoring as a general practice is not acceptable, and each employer must look at the risks they face and adapt a proportionate and reasonable response."

But firms face legal uncertainty over the extent they can monitor staff communications. Businesses could be challenged in employment tribunals by employees citing the Data Protection and Human Rights Acts, according to legal experts.

"There is something of a dichotomy between the Data Protection Act and the Lawful Business Regulations, which has yet to be clarified," said Paula Barrett, partner at IT and ecommerce law firm, Eversheds.

"But businesses are still subject to the requirements of processing under the DPA - that it is adequate and necessary. Companies should be open, and clearly document the special business reasons why they monitor and why they can't obtain the information any other way."

The IC will send the staff monitoring section out to a technical consultant and then to about six influential business groups, including the CBI.

They will also be invited for face-to-face discussions with the Information Commissioner, Elizabeth France.

"If we stick to the timescales we are currently working on, we ought to have something by the end of January," said Smith.