Spain’s constitutional court, the Tribunal Constitucional, made a landmark ruling in the case of Pérez González v. Alcaliber S.A. in early October, finding that companies are permitted to access and monitor employee communications via company IT resources, including emails and texts, as part of investigations into employee misconduct.
Pérez González was dismissed by Alcaliber for disseminating trade secrets to competitors. Alcaliber accessed Pérez González’ company emails and laptop hard drive in the presence of the notary public following suspicions of wrongdoing to confirm grounds for dismissal. Emails in both 2007 and 2008 were found to confirm suspicions that Pérez González had disclosed information about the year’s poppy crops from his company account to a competitor of Alcaliber.
Pérez González challenged the dismissal with a claim for wrongful termination. He refuted the validity of the emails as evidence for his dismissal on the basis of his fundamental right to secrecy in communications under Article 18 of the Spanish Constitution. However, the constitutional court held that Pérez González did not have a reasonable well-founded expectation of confidentiality when using a company email account or other workplace communications where monitoring is foreseeable. Furthermore, the company collective bargaining agreement clearly prohibited the use of company-owned communications networks for non-work reasons. On this basis, the constitutional court upheld the decisions of the Madrid Labour Court and the High Court of Justice to affirm the dismissal.
The Tribunal Constitucional held that dismissal was not disproportionate in light of the severity of sharing confidential company information. Furthermore, the court ruled that a company must be permitted to monitor employee communications to verify well-founded suspicions of transgression where such monitoring is necessary to provide evidence to justify dismissal.
This ruling recognises that employee privacy rights must be balanced against employers’ rights to investigate employee wrongdoing, and further acknowledges that employees’ rights to privacy in the EU are not absolute.