How can data be used effectively and ethically in the digital workplace?

Policy pointers

• At European level, the European Centre for the Development of Vocational Training (Cedefop) provides various tools to anticipate future skills needs and trends in the labour market, accessible through its Skills Panorama. Similarly, across Member States, several observatories, surveys and administrative data repositories have been established to map supply and demand in the labour market, often with a forward-looking perspective intended to help in anticipating future skills needs. Such efforts should be maintained and, if necessary, further developed to focus on skills needs related to data generation, management and analysis in the digital age. One potential means of doing so is greater involvement of social partners (as already implemented in some existing measures).
• New or changed skills needs related to data generation, management and analysis might require adaptations to education systems. The current systems for both initial and continuing education could be reviewed to ensure that they are fit for purpose and, if necessary, modified. This could be done in the framework of the European Commission’s Recovery and Resilience Facility; its priorities include re- and upskilling and the adaptation of education systems to support digital skills and educational and vocational training for all.
• Social dialogue and collective agreements at national, sectoral and company levels could pay greater attention to the topic of training and skills development related to data generation, management and analysis, and relevant achievements and good practices could be disseminated and exchanged across sectors and EU countries.
• The opportunities inherent in data generated through digitalisation to improve working conditions should be exploited. Further information is required on how data can be used to anticipate workplace risks, both physical and psychosocial. Employers should be informed about available data-driven solutions and trained in how to deploy them in the workplace in a human and ethical way.

Policy pointers

• Digital technologies, notably those involving digitisation, create a large amount of data on workers that can be used for various labour-related purposes, such as recruitment, task assignment, management of workflows, performance appraisal, and monitoring and surveillance. Such data can also be used in combination with artificial intelligence (AI) and algorithms. However, not all that is technically possible is ethically acceptable. Policy needs to ensure transparency about what data are generated for what purposes and that they are used in a human and ethical way. The Digital Services Act may become an important instrument in the context of some types of digitally enabled work organisation, such as platform work.
• There is a need to build upon the EU General Data Protection Regulation (GDPR) and legal framework on AI and relevant national legislation, and to modernise national regulatory frameworks with a view to addressing the challenges posed by digitally enabled work organisation. Workers and their representatives should be consulted on the design and implementation of data-based and data-driven work organisation. Furthermore, it needs to be ensured that data generated in the workplace are used only for the intended and communicated purpose, and not to gain further insights or be sold.
• Algorithmic matching of supply of and demand for paid labour, as in platform work, provides opportunities for effective and efficient task assignment. However, policymakers could engage in ensuring greater transparency of algorithms and in reducing dependency on algorithms when they are not fully developed. Safety nets should be established in relation to algorithmic management, including in the context of traditional employment relationships.
• Owing to the pervasiveness of internet of things (IoT) technologies, policymakers might consider building on Article 35 of the EU GDPR to develop a European data protection impact assessment framework for IoT. Privacy-invasive devices such as those equipped with IoT sensors should be designed with privacy and data protection principles in mind and their use governed by stringent adherence to privacy law.
• Data-driven workplace practices, including AI algorithms, should be closely monitored to avoid bias and non-transparent decisions. The proposed regulation of the European Parliament and of the Council on machinery products (the proposal was put forward in April 2021) could address risks posed by the use of AI-empowered machinery. Continuous exchange among stakeholders, along with appropriate regulation and its enforcement, could help to mitigate the impact of biased algorithms, to limit intrusive employee surveillance and to make sure that ultimate decisions include a ‘human in the loop’.
• Objective redress bodies that workers can approach if they feel that their data have been misused or algorithm-based systems have been designed to their disadvantage need to be established and sufficiently resourced (in terms of both financial resources and skills/capabilities to make sound assessments).
• All these aspects should apply not only to employees but also to self-employed workers (for example, those involved in digitised supply chains/networks or engaged in platform work). Furthermore, in addition to reviewing existing regulations and establishing new ones, there should be a focus on their enforceability. This might, for example, require dedicating increased human and financial resources to enforcement, and capacity building in relevant national institutions such as labour inspectorates.
• Businesses could be supported to establish and maintain high levels of data security, to ensure that business data and personal data on employees are separated and protected from cyberattacks and misuse by third parties. This seems to be particularly relevant in connection with digitisation technologies. Awareness raising, information provision on precautionary measures and operational support in setting up and updating such systems – for example, through advice and consultancy as well as financial contributions – are important, particularly for smaller companies that may have more limited expertise and resources to familiarise themselves with the relevant requirements and to implement them.

Policy pointers

• Governments and social partners (in line with the EU social partners’ 2020 framework agreement on digitalisation) could increase their efforts to inform companies about the potential benefits of exploring data generated through digitalisation, by disseminating use cases and sharing good practices on ethical data use. For this purpose, existing instruments such as business information portals and exchange events for managers could be used and upgraded through additional funding and reorientation. For example, such activities could be supported by the funds available from the European Commission’s Recovery and Resilience Facility, as a minimum of 20% of the expenditure under national recovery and resilience plans must be devoted to fostering digital transition.
• Managers should be trained in how best to exploit data derived from digitalisation technologies for the benefit of the company, while at the same time fully respecting the interests of the data owners (workers, clients, etc.). Such training should have several components, such as data analytics (including competence to assess the quality of the data and the underlying digital tool, AI), business strategy and data protection. This could be addressed by combining elements of the EU’s Digital Education Action Plan and the White paper on artificial intelligence.