The UK Information Commissioner’s Office (ICO) published its final guidance on monitoring workers on 3 October 2023 (the Guidance).  The Guidance is aimed at employers across both the private and public sector.  Responding to the rise of remote working and new technologies available to monitor employees, the ICO has looked to provide clear direction on

The “Act to Promote Works Council Elections and Works Council Activities in a Digital Working World” (Betriebsrätemodernisierungsgesetz – Works Council Modernization Act) came into force on June 18, 2021. The Act is intended to facilitate the activities of works councils and to strengthen the co-determination rights of works councils with regard to the use of artificial intelligence (AI) and the plans for more mobile working in companies.

Promoting works council elections

On 7 October 2019, the EU Council formally adopted the new Whistleblowing Directive that will guarantee whistleblowers EU-wide standards of protection. The Directive obliges both public and private organisations and authorities to set up secure reporting channels, so that whistleblowers can report violations of EU law as safely as possible. Member States have two years

On the scope of subject access requests under the EU General Data Protection Regulation (GRPR) in the context of compliance and whistle-blowing regimes, the Regional Labour Court (Landesarbeitsgericht) of Stuttgart decided that an employer was required not only to provide an employee with the records containing performance and behavioural data, but

The Court of Appeal has upheld a decision of the High Court holding that an employer can be vicariously liable for data breaches caused by the actions of an employee, even where the employee’s actions were specifically intended to harm the employer. This decision is significant as it means a company can be held liable

Le règlement général sur la protection des données (« RGPD ») est entré en vigueur le 25 mai 2018. Il modifie la législation antérieure sur le traitement des données personnelles en supprimant notamment le principe de déclaration préalable à la CNIL. Cette déclaration est remplacée par une obligation pour l’entreprise de démontrer la conformité de