Every day it is more common to see workers use corporate devices, such as mobile phones or laptops, to carry out their daily tasks either from the office or home. This scenario allows companies to keep an exhaustive track of their staff and monitor the use of these devices, thus checking the workload, connection times, stored files or even the history of the web browser. This type of practice represents a high risk for the company's management since, as mentioned in article 88 of the LOPDGDD; “Workers and public employees have the right to the protection of their privacy in the use of digital devices made available to them by their employer.”
Thus, the company may access the content derived from the use of digital media provided to its personnel for the sole purpose of controlling compliance with labor or statutory obligations and guaranteeing the integrity of said devices. Now, it is necessary that the company has previously informed the worker about which device is going to be monitored, with what frequency and what specific communication channels; for example, if it is the 'WhatsApp' account or even the email itself.
If the worker is authorized to use corporate devices for private purposes, the company must adopt sufficient measures to guarantee their privacy and establish limits, for example, indicating the time at which they are authorized.
Let's remember that if a company accesses the inbox of a worker who is on vacation or sick leave, two situations can occur. On the one hand, if the message has already been read, the worker's right to data protection could be violated, as already mentioned. And, on the other hand, if the message is still unread, it can be considered a crime of revealing secrets. That is why the worker must be informed clearly. In this sense, there is repeated jurisprudence condemning companies that, in the search for evidence that proves disloyalty with which to base a dismissal claim, repeatedly access the worker's private email address.
