43 The Impact of the Internet and New Technologies on the Workplace. A legal Analysis from a Comparative Point of View
Note on the author.. 6
Acknowledgements................. 7
Introduction.......... 8
1 An Economic Analysis OF Cyberspace LAW.... 11
1.1
An Economic Analysis of Cyberspace Law
11
1.1.1
Introduction
11
1.1.2
Reduction of Transaction Costs
11
1.1.3
Pluralities of Rules within Different Domains
12
1.1.4
Customization of Rules
12
1.1.5
The Internet Governance
13
1.1.6
To Regulate or not to Regulate?
14
1.1.7
A careful and well-timed Governance
16
1.1.8
Jurisdiction and Choice of Law Problems on the Internet
17
1.1.9
Harmonization of Legal Rules
19
1.1.10
Legal Enforcement and Self-Enforcement in Cyberspace
19
1.2
THE IMPACT OF THE INTERNET ON THE WORKPLACE 21
1.2.1
A "principle- agent" analysis 21
1.2.2
The Employer’s Perspective
22
1.2.3
The Employee’s Perspective
25
1.2.4
Electronic Privacy in the Workplace
27
1.2.5
Employee’s Arguments for Privacy
27
1.2.6
Employer’s Arguments against Privacy
29
1.2.7
Guiding Principles
30
1.2.8
E-Policies
34
2 Electronic monitoring and surveillance in the workplace 37
2.1
The ILO and The Code of Practice on Protection of Workers Personal Data
39
2.1.1
Definitions
40
2.1.2
Informed and explicit consent
41
2.1.3
Scope of application
42
2.1.4
The Finality Principle
42
2.1.5
Collection of personal data
44
2.1.6
Security and storage of
personal data
47
2.2
The Organisation for Economic Co-operation and Development
50
2.2.1
Objectives
52
2.2.2
Area of application
53
2.2.3
Basic Principles
54
2.2.3.1
Collection Limit Principle
54
2.2.3.2
Data Quality Principle
55
2.2.3.3
Purpose Specification Principle
55
2.2.3.4
Use Limitation Principle
56
2.2.3.5
Security Safeguards Principle
56
2.2.3.6
Openness Principle
57
2.2.3.7
Individual Participation Principle
57
2.2.3.8
Accountability Principle
58
2.2.4
Principles of International Application
58
2.2.5
Conflicts of Laws
59
2.3
The Council of Europe
61
2.3.1
Introduction
61
2.3.2
The European Convention on Human Rights
61
2.3.3
Convention for the Protection of Individuals with regard to the Automatic
Processing of Data
64
2.3.4
Recommendation No. R(89) 2 on the protection of personal data used for
employment purposes
66
2.3.5
Recommendation No. (99) 5 for the Protection of Privacy on the internet
68
2.4
The European Union the Data Protection Directive....
72
2.4.1
The Data Protection Directive
72
2.4.1.1
Scope
72
2.4.1.2
Purpose
72
2.4.1.3
Definitions
73
2.4.1.4
General Principles
74
2.4.1.5
Sensitive Data
75
2.4.1.6
Other obligations for Data Controllers
76
2.4.1.7
Rights of Data Subjects
77
2.4.1.8
Exceptions and limitations
78
2.4.1.9
The Employment Context
78
2.4.2
Directive 97/66/EC on the Telecommunication sector
79
2.4.3
Proposed Revisions to Existing Directives
81
3 PART III THE NATIONAL SCENARIO 83
3.1
France
83
3.1.1
The Computer Science and Freedom Act
83
3.1.2
The French Civil Code
84
3.1.3
The French Labour Code
85
3.1.4
Rules of employment and Individual Rights
86
3.1.5
Advance notice and consultation.
86
3.1.6
The French Penal Code
88
3.1.7
The secrecy of Correspondence with regard to e-mails in the workplace
89
3.1.8
E-mail and burden of the proof
90
3.1.9
The CNIL
90
3.1.10
On line practices and internal rules of good conduct
91
3.2 Germany
93
3.2.1
Privacy as “Personality Right” 93
3.2.2
The German Constitution
93
3.2.3
Act on workers' representation in the public sector
95
3.2.4
The Works Constitution Act and the “Co-determination rights”
95
3.2.5
The German Data Protection Act
97
3.2.6
Permitted and prohibited use of The internet
99
3.2.7
A parallel between e-mails and private phone calls
101
3.2.8
Final Considerations
105
3.3
United Kingdom...
106
3.3.1
The Human Rights Act
106
3.3.2
The Regulation of Investigatory Powers Act 2000
108
3.3.2.1
Unlawful interception
109
3.3.2.2
Criminal offence
110
3.3.2.3
Interception of a communication
111
3.3.3
The Telecommunications Regulations 2000
113
3.3.4
The Data Protection Act 1998
115
3.3.4.1
Definitions
115
3.3.4.2
Principles
116
3.3.5
The Rights and Remedies of a Data Subject
122
3.3.6
Final considerations
123
3.4
Italy
126
3.4.1
The
Italian Legal Framework
126
3.4.2
The
Workers’ Statute
129
3.4.3
The
Italian Data Protection Act No. 675/96
130
3.4.4
The
Authorisations on Processing of Sensitive Data for Employment Purposes
132
3.4.5
Surveillance
and Monitoring in the Electronic Environment
134
3.4.6
Use of electronic mail for personal reasons
134
3.4.7
Control of employees’ activity and messages
135
3.4.8
Confindustria's Guidelines
136
3.4.9
Conclusion: Monitoring with a Human dimension
136
3.5
Japan
138
3.5.1
Legal framework of workers individual rights
138
3.5.2
The Constitution
138
3.5.3
The Civil Code
138
3.5.4
The Labour Law
139
3.5.5
Workers’ privacy protection 140
3.5.6
The employee’s right to use e-mail
and the internet
142
3.5.7
Private Employment Services and
the privacy protection for job seekers
143
3.5.8
Trade Unions and “Cyber” Trade Unions
144
3.5.9
Conclusion
146
3.6
USA
147
3.6.1
Facts and Figures
147
3.6.2
Employee Misuse of E-mail and the Internet
148
3.6.2.1
Employee Chatroom Cases
148
3.6.2.2
Emulex, PairGain and Other Stock Manipulation Cases
149
3.6.2.3
Sexual and Racial Harassment
150
3.6.2.4
Defamation
151
3.6.2.5
Copyright Infringement
153
3.6.2.6
Union Issues
153
3.6.2.7
Negative Publicity
154
3.6.3
E-mail monitoring in the workplace: the legal framework
155
3.6.4
The Federal Constitution
155
3.6.5
Federal Legislation
157
3.6.5.1
Electronic Communications Privacy Act
157
3.6.5.1.1
The Consent Exception
158
3.6.5.1.2
The Provider Exception
158
3.6.5.1.3
The Business Extension Exception
161
3.6.5.2
Securing Information from Another’s System
161
3.6.6
The Communications Decency Act
163
3.6.7
The Child Online Protection Act
164
3.6.8
Anti Spam Statutes
166
3.6.9
The Cyberspace Electronic Security Act of 1999
168
3.6.10
The National Labour Relations Act
170
3.6.11
Proposed Federal Legislation
171
3.6.12
Positive State Law
173
3.6.13
The Common Law of Tort
175
3.6.14
Regulation by Contract
177
3.6.15
Regulation by Collective Agreement
177
3.6.16
Common Law on Invasion of Privacy issues
178
3.6.17
The U.S. Safe Habor Agreement with the E. U.
182
3.6.18
Conclusion
184
Epilogue............. 185
Selected Bibliography...... 186
Selected legislation........... 195
Selected Web sites............. 199
Michele Colucci graduated in Law at the University of Salerno (1995). In 1996 he obtained an LL.M. in Legal Theory at the Katholieke Universiteit Brussel (K.U.B.).
In 1997 he obtained a Diplôme d’Études Spécialisées (D.E.S.) in European Law at the Université Libre de Bruxelles, an LL.M. in International and Legal Co-operation at the Vrije Universiteit Brussel (V.U.B.), and in 2001 an LL.M. in Cyber Law at the University of Illinois at Urbana - Champaign (USA).
In 2002 he obtained his Ph.D. at the University of Salerno with a thesis on Labour and Cyber Law under the supervision of Prof. Roger Blanpain, Prof. Elvira Autorino, and Prof. Maria José Vaccaro.
Handler Fellow at the University of Illinois at Urbana - Champaign, he has been a researcher at the Instituut voor Arbeidsrecht of the Katholieke Universiteit Leuven (K.U.L.) and at the CER-Leuven.
He has published extensively in the field of Labour Law at European and Comparative level. His main publications are:
Il
Diritto Comunitario del Lavoro ed il Suo Impatto sull'Ordinamento Giuridico
Italiano, Institutional Changes and
European Social Policies after the Treaty of Amsterdam, Europa Diritto e Sport,
Het Verdrag van Amsterdam Institutioneel en Sociaal.
He is also co-editor, together with Prof. Blanpain, of the Codex of European Labour Law, within the International Encyclopaedia of Labour Law and editor in chief of The International Labour Law e-Journal.
As a lawyer he practices in the field of Labour Law, Sports Law and Cyber Law. Since January 2002 he has been a member of the Legal Service of the European Commission in Brussels, and a member of the FIFA International Dispute Resolution Chamber in Zurich.