2021.09.30 WANG, Dongpeng、LI, meng、YUAN, Xinyi
When someone talks about employee personal information protection, it will inevitably involve the issue of employee privacy protection. What is privacy? What is the relationship between privacy and personal information? And what are the key privacy issues employers should pay attention to? These issues often bother employers. After the Personal Information Protection Law ("PIPL") comes into effect, employers will face the issue of employee privacy protection more frequently as more and more employees will become aware of their rights to personal information and privacy. This article will focus on the above three issues so as to help employers deal with the issues of employee privacy protection.
For the convenience of this discussion, we first introduce two cases that have attracted much attention in the field of China employment laws this year.
Case #1: Employee A was a sales employee of Company X, responsible for maintaining customers and developing potential customers, and had been working outside the office all the time. Company X requested all sales employees, including Employee A, to use the DingTalk (an App developed by Alibaba Group) for punching in and tracking their work attendance. Failure to punch in as requested will be considered as absence without leave. Employee A failed to punch in with DingTalk as requested and was dismissed by Company X for gross misconduct. A dispute arises between the parties hereto. Employee A claims that Company X infringes on his right of privacy by requesting him to use DingTalk to punch in after enabling the location services of his mobile phone. Thus, the company policy in question shall be held invalid.
Case #2: Employee B was a sales employee of Company Y. Company Y allocated a work mobile phone to Employee B. After working for a period of time, Employee B resigned and returned his mobile phone to Company Y. Through data recovery, Company Y exported the recordings of the calls made during Employee B's employment from the mobile phone. On the recordings, Employee B clearly expressed his intention to commit a gross conduct. Company Y therefore requested Employee B to indemnify the company for the losses caused by his misconduct. A dispute arises between the parties hereto. Employee B claims that Company Y infringes on his right of privacy by remotely monitoring his phone without prior notice. Thus, the recordings of calls shall not be admitted as evidence.
The focus disputes of the two cases include: (1) whether the information involved in the case belongs to privacy; and (2) whether the employer's management measures infringe on the employee's right of privacy. In order to discuss these two focus disputes, we need to understand the basic concepts and rules surrounding employee privacy protection.
According to Article 1032 of the Civil Code of the People's Republic of China (“Civil Code”), privacy is an individual's private life peace, as well as private space, private activities, private information that do not want to be known by others. Individuals enjoy the right of privacy. No organization or individual may infringe on the right of privacy of others.
Based on the above definition, privacy exists in the following forms: (1) private life peace and (2) private space, private activities, private information that do not want to be known by others. Among them, private life peace refers to the condition that one's life is not illegally disturbed by others.
With the knowledge of the definition of privacy, we may discuss whether the information involved in the two cases above belongs to privacy. In Case #1, Employee A argued that Company X could collect his location information from DingTalk, and that location information should belong to private information, so Company X violated his right of privacy. However, this argument ignores an important detail. The implicit requirement for using DingTalk to punch in is that Employee A should report his location through DingTalk during working hours so as to prove his attendance at work. Therefore, the location information collected by Company X in this way is only limited to the Employee A’s location during working hours. It is common sense that any employee should have no reasonable expectation of privacy with respect to his/her location information during working hours. As location information during working hours is not a secret unknown by others, it does not belong to privacy.
In Case #2, Employee B argued that his mobile phone calls were private information, and that Company Y infringed his privacy by recording such calls and obtaining the recordings through data recovery without his consent. Company Y argued that, as Employee B used a work mobile phone allocated by the company, the recordings of the calls stored on his work phone is not privacy, and Company Y has the right to collect and process such information. Although his work phone was indeed owned and allocated by Company Y, Company Y neither notified Employee B in advance of the recording of such calls nor obtained his consent to resume his call recordings. Under such circumstances, Employee B had reasonable expectation of privacy for his phone calls. The recordings of his phone calls are a secret that is unknown by others. Thus, such information belongs to privacy (i.e. privacy existing in the form of private information).
Employers should be able to distinguish privacy and personal information so as to identify their employees’ privacy and thus comply with the special requirements for privacy protection.
As many well-known scholars in China have pointed out, privacy and personal information are two different legal concepts under Chinese laws. The former focuses on keeping things not known by others, while the latter on identifying particular individuals. Privacy does not include personal information, and vice versa. Though there exists an overlap between them, there are significant differences in many aspects.
The overlap of privacy and personal information is private personal information. Private personal information refers to undisclosed information that can be used to identify a specific natural person independently or in combination with other information, and the said natural person is unwilling to disclose the information to the others. Private personal information has both "confidentiality" and "identifiability" characteristics. In the HR management scenarios, the common types of private personal information include information about marriage and childbirth, health, bank account, locations outside working hours, sexual orientation, undisclosed criminal records, etc.
Privacy and personal information differ in a number of ways. A complete introduction of all the differences is very complex. It is not necessary to know all the differences from an HR management perspective. Please see the chart below for the key differences which employers need to be aware of.
According to Article 1033 of the Civil Code, when dealing with any privacy issues, any organization or individual shall obtain the express consent from the privacy right holder, unless otherwise provided by law. In HR management scenarios, employers may face various issues of privacy in different forms, such as processing an employee's private personal information, searching an employee’s locker or cabinet (i.e. private space) where he/she keeps his or her personal belongings in the workplace.
Based on the abovementioned provisions of the Civil Code, when dealing with the issues of privacy, organizations or individuals shall obtain the individual’s express consent, unless otherwise provided by law. The pressing question for employers is whether they can process private personal information without employees’ consent but only based on the provisions stipulated in Article 13 (2) to (7) of the PIPL (for example, based on necessity for conducting HR management). It is difficult to make a definitive conclusion on this issue at this point of time under current laws and regulations. The rule provided by Article 1034 Paragraph 3 of the Civil Code is worth noting. According to this rule, in respect of private personal information, the provisions on privacy protection will apply first, where in the absence of such provisions, the provisions on personal information protection will apply instead. This rule may prevent employers from processing private personal information based on the provisions under Article 13 (2) to (7) of the PIPL. As a result, employers should take a cautious approach to deal with the issue involving private personal information before the legislator gives a clear explanation of the issue.
After knowing the special requirements for privacy protection, we may discuss the other focus dispute in the two cases above, which is whether the employer's management practices violate the employee's privacy. In Case #1, Employee A’s whereabout during working hours does not belong to privacy, so there is no violation of his privacy. In Case #2, the cell phone call information contained in the work phone belongs to privacy. Company Y failed to obtain Employee B’s consent before it collected and processed the cell phone call information contained in the work phone. Therefore, Company Y infringed Employee B’s right of privacy. Company Y filed the cell phone call information with the court as its core evidence to prove the misconduct. However, as the evidence obtained through violation of Employee B’s right of privacy, this evidence was rejected in court.
Based on the above introduction and discussion, we suggest that employers pay attention to the following important issues when dealing with the issues of privacy so as to mitigate legal risks.
Recommendation #1: Carefully identify employees’ privacy of employees that might be encountered in HR management scenarios
Identifying the privacy of employees is a pre-condition for employers to comply with the legal requirements for privacy protection. Employers shall conduct a thorough review of all the management measures adopted in their entire process of HR management so as to identify the employees’ privacy that they might encounter.
In practice, privacy issues may arise from every step of HR management, e.g. requirement of employees to provide diagnosis or medical record to support sick leave applications, CCTV in the workplace, search of employees’ lockers, collection and analysis of information stored and transmitted by employees through the laptops and email systems in workplaces, announcement of disciplinary actions against any employees, etc.
Recommendation #2: Define the reasonable scope of employees' privacy by eliminating employees’ expectation of privacy
Reasonable expectation of privacy is one of the essential conditions of privacy. Therefore, employers can take effective measures to eliminate employees' expectation of privacy towards particular information so as to avoid such information falling into the scope of privacy. For example, employers can expressly inform employees in their company rules and policies that the company's IT equipment and infrastructure, such as their work computer, email system, and intranet, can only be used for work. No employee should have any expectation of privacy for the information stored or transmitted in such equipment. The company has the right to collect, monitor or analyze such information.
Recommendation 3: Provide necessary training to employees in order to make them better understand the scope of their privacy
Most employees lack a complete and accurate understanding of the privacy issues. Employees' misunderstand of the issue is prone to giving rise to dispute. Therefore, employers should provide training to employees so as to avoid potential dispute arising from their misunderstanding.
Recommendation 4: Set obtaining employee consent as the preferred option for processing private personal information
Currently, it is difficult to reach a definitive conclusion on whether private personal information can be processed based on the provisions under Article 13 (2) to (7) of the PIPL. In order to avoid potential legal risks, it is advisable for employers to deal with this matter with extra precaution by setting obtaining the employee consent as the preferred option for processing private personal information