Protecting employees from data misuse

The DGB, verdi and other member unions have drafted a bill on employee data protection. In an interview, Christoph Schmitz, a Verdi national board member, revealed how the draft could protect employees’ personal rights.

ver.di has always advocated for an independent law regulating the processing of employee data. However, nowhere has been defined how employee data is protected yet, with the exception of Section 26 of the Federal Data Protection Act. But there are special provisions about what can happen to employee dataAnd nothing. We spoke about it with Christoph Schmitz, Verdi’s national board member.

Among other things, employees working in call centers are regulated in verdi. They reported that facial scans record not only the presence of employees, but also their facial expressions. Does the union bill change anything?

But! In our Guild Draft, Section 28, Biometric Control Procedures, this case is explicitly regulated. Processing of employee biometric data is not permitted. The collection and processing of biometric employee data by employers can only be considered if this measure is absolutely necessary and there is no alternative. This would only be the case in practical life in exceptional cases – as in the case of access control in a highly secure area, which, in addition to the person of human control, requires a personal property that cannot be falsified as a second factor. The processing of the employee’s biometric data for other purposes is then excluded.

Many employees own a business smartphone. Location is possible with smartphones. Can an employer know where their employees are at the moment?

If there is a work council in the company or an employee council in the department, they must be involved before smartphones are distributed for the service and must either be excluding a location or orchestrating it for the benefit of the employees. But can all colleagues in the company’s interest groups see what can be controlled with a smartphone? So it’s good that, in addition to group control options, there is also a law regulating what works and what doesn’t. After all, this is about protecting employees from data misuse.

This means?

In our proposed law, we say in Section 27 that location data may only be collected if it is absolutely necessary – and possibly also for the safety of employees. But until then, this data should not be used to monitor performance or behaviour. Workers should be able to pause or easily stop processing their location data at any time when the location is no longer needed to complete current work tasks.

What if employers don’t follow the rules?

Employees own their data – and if it is used for other purposes, they have the right – and the employer is obligated – to be informed. What is special, however, are the other provisions proposed in the draft: employees have a claim for compensation for material and immaterial damages if their data is used illegally (Article 36 of the bill). Unions represented in the company or in the office can assert the rights of employees against officials in court (the so-called right to collective action § 34 Bill).

Finally: ver.di has always campaigned for a strong and up-to-date employee data protection law aimed at reducing risks from new analytics technologies, outsourcing data processing and growing databases. The past has shown that unregulated areas, the so-called gray areas, are exploited by those who are more powerful. In practical life, it is clear that employers are. And that’s why we’re bringing our design to the public.

© (ct)

about this subject:

Interview with Dr Hans-Jürgen Orban (IGM) on the DGB bill: “Our proposal is on the table”

Interview with Anja Piel (DGB) on the DGB Bill: “Do we need a Personnel Data Act?”

Leave a Comment