In a highly discussed (and criticized) move, Italian Privacy Authority (the Garante) has mandated a dramatic shift in email metadata retention policies relating to employees emails’ metadata.
The so-called Transparency Decree has been adopted in Italy, introducing, among others, new information obligations, including new privacy obligations, of the employer towards employees on the use of automated decision-making and monitoring systems.
Privacy risks can arise from the monitoring of usage of new technologies by employees at work and require a deep assessment especially in the light of the GDPR.
The European Court of Human Rights held that the remote monitoring of employees' Internet usage is legal and cannot be considered in breach of their rights to private life.