In today’s working world, which is increasingly permeated by digital technologies, the protection of employee data is becoming increasingly important. Despite existing regulations on the handling of employee data, current employee data protection remains fragmented and must be adapted to the dynamic requirements of a digitalised world of work. In this policy brief, Dr Mena Teebken and Professor Thomas Hess highlight the central challenges of data protection in the workplace and offer concrete recommendations to both strengthen employees’ trust in data protection and effectively address the needs of companies. They argue that a comprehensive and balanced approach to employee data protection not only protects employee privacy, but is also a key element for success in our increasingly data-driven world of work.
The key points in a nutshell
Employee data provides insights into working habits and performance and thus forms the basis for increasing operational efficiency and productivity and ultimately ensuring competitiveness. At the same time, the legitimate interests of employees with regard to the data collected in the workplace must be safeguarded. Striking the right balance between the interests of companies and employees is therefore crucial.
The author is of the opinion that the actual perception of employees has been insufficiently taken into account in previous evaluations of the Employee Data Protection Act. In this bidt policy brief, they therefore pursue a holistic approach that focuses on the actual perception of employees in order to ensure a more effective and balanced protection of the rights and interests of all parties involved. Based on empirical findings, Teebken and Hess identify the five major challenges for data protection and make five specific recommendations for improving employee data protection.
Building trust: An alternative to lowering regulation
In the discussion about how data protection is handled in companies, two contradictory positions tend to emerge time and again with regard to the balance between data use and regulation (Martin et al. 2019): The data minimisation approach, which advocates the minimisation of data to preserve privacy, and the position of relaxed regulation, according to which less regulation creates more leeway for companies.
Teebken and Hess argue that appropriate and targeted regulation not only guarantees privacy, but can also lay the foundation for increased data disclosure in line with the data strategy. They identify five specific areas in the handling of employee data that are perceived as particularly problematic by employees.
The top five data protection challenges
The study by Teebken, Constantiou and Hess (2023) analysed employees’ perceptions of privacy in the digital workplace through interviews. Despite existing data protection regulations, the results of these interviews revealed considerable privacy concerns among employees when working digitally. Particularly in the following areas:
- Generation of employee data
- Analysing and processing employee data
- Storage of employee data
- Internal and external recipients of employee data
- Implementation of the regulation in the company
Five recommendations for adapting employment data protection
Building trust is outlined by Teebken and Hess as a new objective. Comprehensive data protection regulation should therefore ensure that all phases of the data lifecycle and, in particular, employee perceptions are taken into account in order to adequately protect the privacy and rights of employees.
Teebken and Hess derive five recommendations for better employee data protection from the challenges identified:
- Manage data collection responsibly
- Ensure liability and transparency when using artificial intelligence
- Clearly limit data storage
- Ensure data protection for internal and external recipients
- Sensitise employees, promote transparency
Conclusion: fewer concerns, more data, greater room for manoeuvre for companies
The authors explain in the publication that increased trust creates a positive dynamic in which employees and employers alike can benefit from the availability of data. The targeted use of this data is made possible by the existence of clear and reliable data protection regulations that guarantee the protection of privacy. In this context, data protection is not perceived as an obstacle, but rather as a decisive factor for trust and success in the data-driven world of work.