Invasion of privacy | Employer justifies reading worker's personal emails because he'd used a work laptop

Employer justifies reading worker's personal emails because he'd used a work laptop

A mining industry worker has sued their former employer for reading through his personal emails and iCloud account, after being dismissed for allegedly working on personal projects and contacting competitor brands.

Shayano Madzikanda, a former IT employee at the mining sector company Mecrus, was suspended and told to return his work laptop. He then learnt that the reason for his dismissal was because of accusations that he was working on personal projects and contacting rival companies on the device.

Read more from us

However, Madzikanda claims that the only way his ex-employer would have known this was if they accessed his personal emails, which they would have only retrieved from snooping through his work laptop, which had his personal account passwords saved onto it.

Madzikanda filed a complaint to the information commissioner in Australia, where the company is based, in 2019. However, this month, a federal court rejected carrying out an investigation into whether his employer did look through his accounts.

Employee data policies

Mecrus told the information commissioner that because the data was stored on a company laptop it was in line with company policy.

However, Madzikanda claims the company did not have a policy on storing personal data on company laptops when he worked there, or if it did then it wasn’t used during his time there.

It’s up to employers to monitor their data compliance on a regular basis. The UK’s leading data protection act is the Data Protection Act 2018 (DPA). However, this is set to change in the new year. It’s important for employers to understand these changes and ensure their company is complying with it, to prevent the risk of costly legal cases. 

This news also comes at a time when employers are increasingly using technology to track the productivity of their staff, which has received some criticism for being invasive.

The CIPD website states “Organisations must demonstrate that employees were informed of the purpose and use of their personal data and given a clear explanation of how it will be treated.

“Employees must consent freely to specific use, purpose, or processing of data. Employees’ silence or lack of complaint about the processing, or consent incorporated as a standard employment contract term or in data protection policies does not meet the standard required.”



Have you enjoyed this piece?

Subscribe now to myGrapevine+ and get access to exclusive new content, and the full content archive.

Be the first to comment.

You are currently previewing this article.

This is the last preview available to you for the next 30 days.

To access more news, features, columns and opinions every day, create a free myGrapevine account.