fbpx

Download free GDPR compliance checklist!

Tag Archives for " employees "

Insider data breaches set to increase due to remote work shift

A third (33%) of all data breach incidents in 2021 are expected to be caused by insiders, according to the latest Forrester Cyber Security Predictions report.

This will be an 8% increase compared to 2020. The increase in insider incidents is likely to be caused by the unprecedented change in working environments from the office to remote working during nationwide lockdowns. Other contributing issues outlined by Forrester include the ease with which data can be moved as well as the general fear of being made redundant.

Source: Insider data breaches set to increase due to remote work shift | IT PRO

Surveillance Startup Used Own Cameras to Harass Coworkers

Verkada, a fast-growing Silicon Valley surveillance startup, equips its offices in downtown San Mateo, California, with its own state-of-the-art security cameras.

Last year, a sales director on the company’s sales team abused their access to these cameras to take and post photos of colleagues in a Slack channel where they made sexually explicit jokes about women who worked at the company.

Source: Surveillance Startup Used Own Cameras to Harass Coworkers

French Court Says an Employer Can Use a Facebook Post to Dismiss an Employee

On September 30, 2020, the French Court of Cassation ruled in favor of an employer that dismissed an employee because of the contents of a Facebook post.

The employee in this case posted a photograph of a new clothing collection of the employer on a personal Facebook account. Posting the photograph was in breach of the employee’s confidentiality obligations under the employment contract. The employer subsequently dismissed the employee for gross misconduct.

Source: French Court of Cassation Decides That an Employer Can Use a Facebook Post to Dismiss an Employee

Coronavirus opens door to company surveillance of workers

Privacy advocates warn of a slippery slope toward “normalizing” new levels of employer surveillance.

Employers are rushing to use digital tracking technology to reduce virus transmission in the workplace. But privacy experts worry that businesses will start using their newfound surveillance capabilities for purposes far beyond public health. The data could be used to evaluate workers’ productivity, see which colleagues are holding meetings or even flag an employee who unexpectedly ducks out of the office during work hours.

Full article: Coronavirus opens door to company surveillance of workers – POLITICO

Franch DPA Issues Standard Regulation For Biometric Systems In The Workplace

CNIL has adopted on 10 January 2019, further to a sectorial consultation with public bodies and private organisations, its first standard regulation that lays down legally binding rules applicable to data controllers subject to French Law, who use biometric systems to control access to premises, devices and applications at work.

The Regulation prescribes specific requirements for the processing, by a public or private employer, of biometric data to control accesses to work premises, to information systems or applications used in the context of business tasks entrusted to data subjects (i.e., employees, agents, interns and contractors).

Given the particular sensitivity of biometric data, the Regulation sets out stringent obligations to data controllers regarding the conditions of processing of such biometric data in the workplace.

Full article: France: The First Cnil Standard Regulation For Biometric Systems In The Workplace

UK businesses using artificial intelligence to monitor staff activity

Unions warn systems such as Isaak may increase pressure on workers and cause distrust Dozens of UK business owners are using artificial intelligence to scrutinise staff behaviour minute-to-minute by harvesting data on who emails whom and when, who accesses and edits files and who meets whom and when.

The actions of 130,000 people in the UK and abroad are being monitored in real-time by the Isaak system, which ranks staff members’ attributes.

Source: UK businesses using artificial intelligence to monitor staff activity

CNIL Publishes Binding Rules on Processing Biometric Data as Workplace Access Control

On March 28, 2019, the French data protection authority (“CNIL”) published a “Model Regulation” addressing the use of biometric systems to control access to premises, devices and apps at work.

The Model Regulation lays down binding rules for data controllers who are subject to French data protection law and process employee biometric data for such purposes.

Source: CNIL Publishes Binding Rules on Processing Biometric Data as Workplace Access Control

Online Threats for Businesses with Remote Employees

Remote working is finally becoming mainstream, with around 70% of people working remotely at least once per week.

This represents a huge change in the culture of global businesses, and that’s great. But it also means that companies are grappling with totally new security risks.

So, what kind of threats should you be worried about if you rely on remote working? This is literally a million dollar question for businesses across the world – and there are some hazards to take into account. Let’s deal with them one by one.

Full article: Online Threats for Businesses with Remote Employees | Prague Post

Sensitive personal data in HR functions: climbing the ladder of legal bases

The GDPR’s entry into force has forced HR teams across the US and EU to re-evaluate the ways in which they justify the use of personal data relating to their employees, applicants and contractors.

Whilst compliance priorities will vary between businesses, all US headquartered organizations with a presence or personnel in the UK should be particularly mindful of their enhanced obligations to satisfy multiple conditions under both the GDPR and the UK’s new Data Protection Act 2018 (“DPA 2018“) before collecting certain special categories of personal data.

Full article: Sensitive personal data in HR functions: climbing the ladder of legal bases

Vicarious liability in the data breach context – bad news for UK employers?

The Court of Appeal has upheld a decision of the High Court holding that an employer can be vicariously liable for data breaches caused by the actions of an employee, even where the employee’s actions were specifically intended to harm the employer.

Full article: Vicarious liability in the data breach context – bad news for UK employers?

1 2 3 4
>