Rojgar Job News

The Greek Data Protection Authority has imposed a 150,000 EUR fine on PriceWaterhouseCoopers Business Solutions SA for – get this – asking their employees’ consent to process their personal data. It may strike you as counterintuitive (and going against everything your mother ever told you) that asking consent could get you into trouble, but where personal data are concerned, so it would appear to be. As you know, each data processing activity has to have a legal basis. The principles of lawful, fair and transparent processing of personal data under the GDPR require that consent only be used as a legal basis only where the other legal bases do not apply. The case at hand involved the processing of employees’ personal data. In most cases, this type of processing by an employer does not require consent, as there are other bases available: the performance of the (employment) contract: in order to employ an employee, you will inevitably be required to process some of ...

Joining the growing list of states enacting privacy and data security laws, on July 25, 2019, New York’s governor signed into law the “Stop Hacks and Improve Electronic Data Security” Act (the “SHIELD Act”), amending the state’s data breach notification and cybersecurity law. The SHIELD Act applies to “any person or business that owns … computerized data which includes private information,” regardless of corporate structure, revenues or location. As such, the SHIELD Act will apply to not only businesses and employers in New York, but may also apply to businesses and employers with no physical presence in New York. The SHIELD Act imposes more expansive data security and data breach notification requirements on companies by: Broadening the scope of “private information” covered under the notification law to include personal information (such as a social security number or driver’s license number), biometric informati...

In a bid to reawaken the Australian economy, the Federal Government is developing a return to work health and safety “toolkit” and is encouraging workplaces to become “COVID-safe”. At the same time, the Government is continuing to encourage the public to download its COVIDSafe digital contact-tracing App. As recently reported by our Data Privacy & Cybersecurity team, the App is designed to record Bluetooth “digital handshakes” between app users’ mobile phones. If an App user tests positive for COVID-19, they are asked to upload this data to the National COVIDSafe Data Store for the purpose of tracing community transmission of the virus. The Government is touting widespread use of the App as essential to the lifting of social distancing restrictions. In light of this message many employers will be urging their employees to download the App, in the hope of returning to normal business as soon as possible. However, any employer attempting to ...

In an attempt to keep Covid-19 out of the workplace, many employers have been inquiring about the possibility of performing temperature checks before employees enter their premises each day. The Belgian Ministry of Employment’s position until last week was fairly relaxed: its FAQ document referred to the stance taken by the Belgian Data Protection Authority, which currently takes the view that simple superficial temperature checks where the result is not recorded do not constitute a processing of personal data. The Ministry of Employment thereby at least implicitly accepted that carrying out temperature checks in the workplace could be legitimate. This all changed last week, when the Ministry quietly amended its FAQ without drawing any attention to the change. In summary, the Ministry is no longer a big fan of these checks, mainly because they create a significant number of false positive and negatives. False positives may be explained by other bodily processes which cause a tempe...