This article was written by senior associate Helen Perrin and trainee solicitor Freya Byrne.

Article 313.1.b of the UAE Civil Code (Civil Code) legislates that a person may be vicariously liable for the acts and omissions of their employees. The Civil Code provides that in order for vicarious liability to arise, three requirements must be met. Firstly, a relationship where the “supervisor” has power or control over the employee must exist. Secondly, a wrongful act must be committed by the employee and finally, the harmful act that causes damage to a third party must be committed “in the course of employment”.

If the above elements are satisfied, the Civil Code provides that the injured party has the right to claim compensation from the relevant employee’s supervisor. ”Supervisor” is defined under the Civil Code as someone who has “actual control by way of supervision and direction over a person who caused damage.” 

In order for a supervisor to be held vicariously liable, it must be shown that the employee would not have been able to commit the harmful act ‘but for’ the nature of their job. This test was applied in the Dubai Court of Cassation in 2006, where the Court held that a pizza restaurant was vicariously liable for the act of an employee who sexually assaulted a child while the employee was on his delivery shift. The court held that ‘but for’ the deliveryman being employed to deliver pizzas, he would not have been able to perform the harmful act. As the attack occurred during the course of the employee’s employment, both the employee and the pizza restaurant were held liable.

The issue of the extent to which an employer takes responsibility for the actions of its employees has been explored recently in the context of the Dubai International Financial Centre (DIFC) Employment Law No. 3 of 2012 (the DIFC Employment Law). The DIFC Employment Law which amends Employment Law No. 4 of 2005, provides that an employer may be vicariously liable for the discriminatory actions of its employees. In light of this amendment, interest has sparked as to the extent that the DIFC Employment Law imposes liability on employers for the actions of their employees on the internet.

If an employee tweets or posts a discriminatory comment about his/her colleague this could lead to an employer being held liable for the discriminatory acts of the offending employee. The employer would need to demonstrate that the comment was not made during the course of the employee’s employment and that it took reasonable steps to prevent the discriminatory act from occurring. For employers, the saturation of social networking sites and the vicarious liability implications is problematic and is challenging to regulate.

Issues can arise not only in relation to misuse by employees in relation to the content of their posts but also the increased scope for loss or inappropriate dissemination of confidential information belonging to the employer (or its customers), identity theft, hacking and a host of other cyber risks. All of these have potential legal, regulatory and reputational implications for an employer. Accordingly, employers need to be aware of how social media and other technology is used in their business, assess the risks and potential liabilities, and put in place appropriate measures to mitigate those risks. This is always a challenge with the rapid pace of change in technology and such assessments should be conducted on a regular basis to take account of any new and emerging threats.

A starting point for employers is to have a policy in place outlining appropriate media use. It is important that this policy is culturally integrated into the workplace to demonstrate that the employer is taking the necessary steps to discharge their potential liability. (We Filter: Crafting An Affirmative Defense to Sexual Harassment?)