Employee data protection: Is the employer’s access to the content of the worker’s computer permitted under data protection law?

According to the established case law of the BAG, the employer may use knowledge or evidence from the exploitation of the file content of a work computer if he has obtained this in accordance with data protection regulations. The judges made a well-founded suspicion of a breach of duty sufficient for the termination.

If the employee is only allowed to use the computer for business purposes, the requirements are based on § 26 BDSG (in the case of the same content § 32 BDSG old version). According to Section 26 Paragraph 1 Clause 1 BDSG, personal data of employees may be processed for the purpose of the employment relationship if this is necessary for the decision on the establishment of an employment relationship or after termination of the employment relationship for its implementation or termination. The term termination includes the processing, i.e. also the preparation for the termination of an employment relationship.

In addition, a proportionality test must be carried out, i.e. The data collection and processing must be suitable, necessary and appropriate, taking into account the rights of freedom, in order to achieve the intended purpose. As part of the appropriateness test, an overall balance must be made between the severity of the interference and the weight of the reasons justifying it. The severity of the intervention must not be disproportionate to the weight of the reasons justifying it. This must be assessed independently for each data collection.

The employer’s access to the contents of the employee’s work computer is fundamentally problematic in terms of data protection law. First of all, an express legal basis under data protection law is always required. In addition, the employer must carry out a proportionality test before evaluating the work computer, which appropriately assesses the rights of his employee.

However, it should also be noted that it is up to the employee to clearly mark files on the work computer with the label “private” if he wants to protect himself from being checked. Of course, this protection is also limited, e.g. if a serious misconduct is suspected.

Do you have questions on topics relating to employee data protection and are you looking for competent advice? Call us on 08505 919 27-0 or fill out our contact form. We are happy to help!