Snooping on private emails

The Grand Chamber of the European Court of Human Rights (ECHR) has reversed a previous decision regarding an employer’s right to access and read an employee’s private correspondence, finding that Article 8 of the European Convention on Human Rights does apply and the employee’s right to privacy was breached.

Barbulescu v Romania

We previously covered the original decision which you can read in full here.

In summary, Mr Barbulescu had created a Yahoo Messenger account for the purpose of responding to client enquiries. Mr Barbulescu was told that his messages had been monitored and that there was evidence to suggest that he had been sending personal messages using the internet contrary to the company’s rules that to use its equipment for personal purposes was strictly forbidden. The employer subsequently terminated Mr Barbulescu’s employment leading Mr Barbulescu to challenge the decision all the way to the ECHR.

In a submission to the Grand Chamber, Mr Barbulescu emphasised the specific features of Yahoo messenger and that even though the account had been opened at his employer’s request, Yahoo was designed for personal use thus making him the sole owner of the account. He stated that his employer had not introduced any policy on monitoring internet usage and that he had received no warnings that his communications might be monitored or read; if such a policy had been in place he would have refrained from private communications at work. Mr Barbulescu also argued that a distinction should be made between personal internet usage having a profit-making purpose and “a small harmless private conversation” which had no intentions of causing damage to his employer. Furthermore, he highlighted the developments in technology and communications through cyberspace and that contemporary working conditions made it impossible to divide private and professional life and the prohibition of personal use on modern devices.

The European Court of Human Rights

Initially, the ECHR (by a majority of six votes to one), held that there had been no violation of Mr Barbulescu’s human rights. The ECHR was satisfied that when Mr Barbulescu’s personal/private messages were used as evidence, the domestic courts did not attach any weight to the contents of the messages; rather they relied instead upon the extent that they proved Mr Barbulescu’s disciplinary breach. It was concluded that a fair balance had been struck between Mr Barbulescu’s rights under Article 8 and the interests of his employer.

However, following an appeal, the Grand Chamber of the ECHR has now reversed this decision concluding that a fair balance was not struck. It set out that whilst it was clear that Mr Barbulescu had been informed of the ban on internet usage for personal purposes, it did not appear that he had been informed in advance of the extent and nature of his employers monitoring operations or the possibility that the employer might have access to the actual content of his communications. It accepted that Mr Barbulescu had created the Yahoo account himself and was the only person who knew the password; he therefore had a reasonable expectation that his privacy would be respected. It also noted that his employer had accessed the personal Yahoo account which Mr Barbulescu already had. It concluded that there are numerous forms of communication in modern times that enable individuals to lead a private social life and that the sending and receiving of communications is still covered by the notion of “correspondence” under Article 8 even if they are sent from an employer’s computer.

Furthermore, an employer cannot reduce an employee’s private social life in the workplace to zero as this is arguably where the majority of us develop a significant amount of our relationships with others. The respect of a private life and privacy of correspondence continues to exist even if they are restricted so far as necessary. It found that Mr Barbulescu’s communications were covered by the concepts of Article 8 and his human right to privacy had been breached.


This case highlights the importance of a well drafted social media/communications policy and in particular the monitoring processes included. Employers must check that they have a right to monitor personal emails/messages in the workplace and update policies if necessary.

If employers are going to monitor an employee’s messages they must ensure their processes are transparent and inform employees so as not to breach their right to privacy in the workplace. It is also worthy to note that snooping on employees could also be a breach of the Data Protection Act 1998, particularly if it is without cause, without warning and disproportionate.

If you have any questions about  monitoring communications in the workplace or have any other employment law queries, please contact Joanne Holborn, Tom Scaife or Caroline Rayner on 01228 552600.

Email Alerts

Baines Wilson LLP send our clients and contacts legal updates by way of short email alerts. If you would like to receive our regular alerts, please follow the link below.

Sign up for Alerts

Awards & Accreditations

  • Lexcel
  • Chambers UK
  • Chambers UK
  • Supply Chain
  • Cyber Essentials