New technology and respect for privacy at the workplace
Published: 12 August 2007
In 2005, the internet was used by 20.8% of the total population in Romania, compared with 13.8% in 2004. According to data from the National Institute of Statistics (Institutul Naţional de Statistică, INS [1]), in the private sector, the proportion of companies connected to the internet increased to 26% in 2005, compared with 21.4% in 2004 (Table 1).[1] http://www.insse.ro/
The use of new information and communication technologies (ICT) at the workplace has spread rapidly in recent years, raising numerous issues for employers, employees and their representatives, especially in terms of the relationship between workers’ privacy and employers’ need to control and monitor the use of ICT. This article explores the growing extent of ICT use at the workplace in Romania and examines the national legal framework in the area of confidentiality. Overall, the social partners have given little attention to the issue so far.
Extent of computer and internet use
In 2005, the internet was used by 20.8% of the total population in Romania, compared with 13.8% in 2004. According to data from the National Institute of Statistics (Institutul Naţional de Statistică, INS), in the private sector, the proportion of companies connected to the internet increased to 26% in 2005, compared with 21.4% in 2004 (Table 1).
| 2004 | 2005 | |
|---|---|---|
| Number of computers connected to internet | 305,726 | 468,886 |
| Number of internet users (individuals) | 470,343 | 549,117 |
| Proportion of companies with access to internet (%) | 21.4 | 26.0 |
Source: INS, Information society, 2007
The annual growth rate has accelerated over the past few years, which may heighten the impact of new information and communication technologies (ICT) on privacy at the workplace. The likelihood of such an occurrence is increased by the growing proportion of internet users out of the total number of employees (Table 2).
| Number of computers connected to internet | Proportion of internet users out of total number of employees (%) | |||
|---|---|---|---|---|
| 2004 | 2005 | 2004 | 2005 | |
| Manufacturing and construction | 105,595 | 113,237 | 6 | 6 |
| Commerce | 78,063 | 125,181 | 13 | 19 |
| Services | 94,417 | 191,063 | 22 | 24 |
| Financial services | 27,652 | 39,405 | 47 | 57 |
Source: INS, 2007
In the public administration sector, approximately 50% of employees were internet users in 2005 and 95% of institutions were connected to the internet (Table 3).
| 2004 | 2005 | |
|---|---|---|
| Number of computers connected to internet | 88,641 | 90,642 |
| Number of internet users (individuals) | 78,200 | 81,745 |
| Proportion of companies with access to internet (%) | 93 | 95 |
Source: INS, 2007
Access to the internet and the frequency of using computers differs considerably from one region to another in Romania (Table 4).
| Region | Proportion of companies with access to internet (%) | Number of computers per 100 employees | Proportion of computers connected to internet (%) | Number of computers connected to internet per 100 employees |
|---|---|---|---|---|
| Northeast | 22.9 | 15.5 | 50.4 | 8.6 |
| Southeast | 27.5 | 15.0 | 73.3 | 10.9 |
| South Muntenia | 22.3 | 16.3 | 44.3 | 7.2 |
| Southwest Oltenia | 14.8 | 9.3 | 59.9 | 5.6 |
| West | 29.8 | 18.3 | 59.4 | 10.9 |
| Northwest | 26.6 | 17.5 | 71.6 | 12.5 |
| Central | 28.9 | 15.5 | 54.4 | 8.4 |
| Bucharest-Ilfov | 28.3 | 25.6 | 72.2 | 23.4 |
| Total | 25.9 | 18.1 | 64.9 | 12.8 |
Source: INS, 2007
Regulation of privacy at the workplace
With regard to respect for workers’ privacy or private life at the workplace in general, in the Constitution of Romania, as amended in 2003, article 26, paragraph 1 stipulates that: ‘Public authorities respect and protect privacy and private life’. An observation referring to this particular article of the Constitution maintains that ‘this responsibility is also incumbent on citizens, institutions and mass media’ (Duculescu, Călinoiu and Duculescu, Constitution of Romania, Commented and annotated, Lumina Lex).
Another reference to this aspect may be found in article 28: ‘The confidentiality of letters, telegrams and other mail, telephone conversations and other legal means of communication is inviolable.’ These two articles are fundamental for the protection of employees’ private life.
Turning to the issue of privacy at the workplace in relation to the use of ICT, in 2001 Law No. 677 was passed on the protection of personal data and the free circulation of such data. The law applies to the processing of personal data conducted by natural or legal entities, Romanian or foreign, under public or private law, whether in the public or private sector.
This legislation was followed by Law No. 506/2004, establishing the specific conditions guaranteeing the right to protection of private life in terms of processing of personal data in the electronic communications sector, which transposes the relevant European Parliament and Council Directive 2002/58/EC. Pursuant to the Romanian law, ‘providers of electronic communications services are obliged to take all the technical and organisational measures required to guarantee the security of the respective services’. The National Regulatory Authority for Communication and Information Technology (Autoritatea Naţională pentru Reglementare în Comunicaţii şi Tehnologia Informaţiei, ANRCTI) sets out the conditions that must be met in order to fulfil this obligation.
The law guarantees the confidentiality of messages transmitted by public networks of electronic communications, as well as the confidentiality of related traffic data: ‘Listening to, recording, stocking and any other form of interception or surveillance of communications and related traffic data are prohibited.’ An exception is made in the case of users who have given prior written consent for such operations to be carried out. Personnel empowered by the Ombudsman (Avocatul Poporului, AP) determine the contraventions and apply the sanctions for violation of this law.
Furthermore, Law No. 102/2005 regulates the organisation and functioning of the National Authority for the Supervision of Personal Data Processing (Autoritatea Naţionala de Supraveghere a Prelucrării Datelor cu Caracter Personal, ANSPDCP).
According to the 2004 study Current aspects of monitoring employees in the workplace regarding the use of the internet, some Romanian companies have introduced a Regulation on the use of the internet (Regulament de Utilizare a Internetului, RUI). Such is the case for companies which offer unlimited internet access to their employees. However, certain major companies do not have such by-laws and risk being taken to court by either their employees or third parties.
At present, no legislation is in preparation or being debated in this field, and no important court cases have been reported on this issue.
Concept of privacy at the workplace
So far, no clear definition of privacy or private life in the workplace has been developed. In the Criminal Code, the main references related to private life are the following:
Article 208, paragraph 1: Unauthorised entry, by any means, in a dwelling, room, auxiliary spaces, or in a fenced precinct pertaining to the abovementioned, without consent from the person making use of them, or the refusal to leave these rooms on request, is punishable with strict imprisonment from one to five years.
Paragraph 2: The punishment provided for in paragraph (1) is applicable for unauthorised entry into the offices of central and local public authorities, of public institutions, of political parties, or in places where a natural or legal person develops activities.
Article 209, paragraph 1: Infringement of the right to private life of a person by making use of any means of interceptions from a distance of data, information, images or sounds from within the inside of the places mentioned in article 208, paragraph 1 without the consent of the person making use of them or without the legal approval, is punishable with strict imprisonment from one to three years or a fine.
Collective bargaining
The issue of workers’ privacy or private life in relation to the use of ICT does not currently feature in collective bargaining. The recent single national collective work agreement for 2007–2010 includes no provisions related to these aspects for any sector. However, such issues are included in the by-laws of certain companies.
Disputes
No collective work disputes on this subject have been highlighted in the media. The Romanian Law List (Lista Română de Drept) presents a case of an employee who was dismissed for making defamatory remarks about his superiors in a conversation on the online messaging service Yahoo Messenger. The issue referred to the confidentiality of the respective message and whether the dismissal was admissible on legal grounds. The opinion of legal experts referred on the one hand to the procedure of prior disciplinary investigation and on the other hand to the de facto and de jure motivation for the dismissal decision, including the timeframe for contestation and the competent court of law. The absence of these elements led to the conclusion that the dismissal was an abuse.
If the company by-laws or the collective agreement had prohibited internet browsing during working hours to the detriment of carrying out work assignments, it would have been considered a breach of discipline. Article 195 of the Penal Code stipulates that a hierarchical superior has no right to intercept or disclose the content of a message that was not addressed to him or her. The manager only has the right of control over the employee’s job responsibilities. This is a distinctive application of the principle ‘one is not entitled to base a claim on its wrongdoing’ (nemo auditur propriam turpitudinem allegans).
Opinion of social partners
So far, neither employer organisations nor trade unions have addressed the issue of privacy or private life in the workplace with regard to the use of ICT.
Commentary
Monitoring employees in the workplace with regard to their use of the internet should strive to reach a balance between the legitimate interests of the employer and the employees’ belief that their private messages transmitted by email are kept confidential. Any monitoring should be introduced by special provisions in the company by-laws or by collective agreements, since any kind of violation of privacy or private life must be considered a breach of the legislation in force.
It seems certain that the significant growth of internet use in Romania will bring the issues of confidentiality and protection of privacy in the workplace onto the agenda of both employers and trade unions before long.
Comparative overview
A comparative overview of the situation in 16 European countries (15 Member States and Norway) was published in 2003 and is available online: New technology and respect for privacy at the workplace. This article, compiled from the same questionnaire, serves to highlight the situation in one of the new Member States.
Constantin Ciutacu, Institute of National Economy
Eurofound recommends citing this publication in the following way.
Eurofound (2007), New technology and respect for privacy at the workplace, article.
This website is an official website of the European Union.
All official European Union website addresses are in the europa.eu domain.
See all EU institutions and bodies