New rules proposed on workplace privacy

In June 2003, a working group set up by the Finnish Ministry of Labour issued a proposal for new legislation defining and limiting employers’ rights to use drug tests and video surveillance and to read employees' e-mails. The proposed new rules are intended to complete a law on workplace privacy which was adopted in 2001.

The Act on Data Protection in Working Life (477/2001) came into force on 1 October 2001 (FI0106191F), governing the protection of personal data in the employment context. However, it lacked clear rules in a number of areas, such as employers’ rights to conduct drug tests on job applicants and employees, use video surveillance at the workplace and open employees’ e-mails while they are absent. On the initiative of parliament, the Ministry of Labour soon afterwards set up a working group to prepare proposals for legislation in these areas. The group included members from the Ministry of Social Affairs and Health, the Ministry of Transport and the Data Protection Ombudsman (Tietosuojaviranomaiset), as well as representatives of trade unions and employers’ organisations. It published its unanimous report on 26 June 2003.

Drug tests

The rules on tests for (illegal) drugs proposed by the working group would differ for job applicants and for persons already in employment. The group proposes that the employer should have the right to ask a job applicant to provide a certificate giving the results of a drug test, if the job to be filled requires special care and fast reactions and it might be dangerous to do such work while under the influence of drugs. The employer would have no duty to ask for such a certificate and the applicant would have no obligation to provide the certificate if asked. However, the employer could disregard an applicant who was not willing to take a drug test. The employer would have the right to use the information arising from the test only in the event that it planned to appoint the person concerned to the job.

In the case of people already employed, the proposed rules are more strict. A drug test could be required, though only if the employee concerned were strongly suspected to be under the influence of drugs at work or to be addicted to drugs. It would not be permitted to drug-test employees generally as a group. An essential detail in the proposal is that the certificate setting out the results of the test would not be given directly to the employer, but given to the employee who would then give it to the employer. All the costs of the test and the certificate would be borne by the employer. The employer and the employees would be obliged to negotiate in advance on the need for tests and on the definition of those tasks in which it is essential to eliminate drug use. If using drug tests, the employer would have an obligation to organise, together with employees, a special programme on preventing drug use.

Video surveillance

The group's report also proposes rules and conditions for video surveillance at the workplace. Cameras could be used only to ensure people's security, eliminate the risk of violence against staff, safeguard property or control production. The surveillance should be made as open and transparent as possible. It could not be used to monitor only certain employees. It would also be forbidden in places that require special privacy, such as toilets, dressing rooms or other rooms for the private use of employees, including one-person work rooms.


The third part of the proposal deals with e-mails sent or received by employees on their employer’s computers. The aim of the proposed rules is to guarantee both the privacy of employee, and the flexibility and continuity of work when the employee is absent - eg on long-term sickness absence. The employer would have the right to identify and open important work-related e-mails while the employee is absent, or such e-mails the employee sent just before going absent. In principle, the employer would first have to ask for a permission from the employee, or seek any other ways to solve the problem, but if that were not possible it would be permitted to open non-private messages that are relevant to work. This right could be used only with assistance of the main controller of the workplace’s computer system and a written report should be drawn up. Private e-mails could not be opened.


The working group's proposal is clearly a compromise between the views of employers and trade unions. However, the group reached an unanimous result, which is important for the progress of the proposal. The proposed legislation should be submitted to parliament and come into force as soon as possible. Some problems might still arise in the future when these rules are applied in practice. For instance, it might be difficult to establish which e-mails are private and which are work-related. There are also still some open questions relating to employee privacy that are not included in the report of the working group. There are, for example, still no clear rules on the use of the internet at the workplace, while modern technical possibilities to establish the location of mobile phones raise questions about employers’ rights to use such methods. Indeed, new problems will arise continuously as technology develops. (Seija Parviainen, Labour Institute for Economic Research)

Useful? Interesting? Tell us what you think. Hide comments

Eurofound welcomes feedback and updates on this regulation

Add new comment