New Ways of Working

Explore and keep track of key legal and compliance considerations for multinational employers as new ways of working become increasingly embedded as the pandemic begins to recede. Learn more about the response taken in specific countries or build your own report to compare approaches taken around the world.

Choose countries

 

Choose questions

Choose the questions you would like answering, or choose all for the full picture.

01. Has the government introduced any laws and/or issued guidelines around remote-working arrangements? If so, what categories of worker do the laws and/or guidelines apply to – do they extend to “gig” workers and other independent contractors?

01. Has the government introduced any laws and/or issued guidelines around remote-working arrangements? If so, what categories of worker do the laws and/or guidelines apply to – do they extend to “gig” workers and other independent contractors?

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

Yes, the government has introduced the home-office framework through Law No. 27,555 (the Law or home office framework regime), on 14 August 2020. The Law came into force on 1 April 2021.

The main objective of this Law is to determine the legal framework applicable to remote working. In this sense, specific regulations related to each activity will be determined by the particular Collective Bargaining Agreement (CBA) governing each industrial and commercial activity.

The home office framework will not be applicable when the labour relationship is performed:

  • as a result of national temporary regulations issued to prevent the spread of the covid-19 virus and specific measures taken by employers to avoid the spread of such virus and guarantee a safe work environment;
  • in the premises, dependencies or branches of clients to whom the employer provides regular services; and
  • in the employer's home, either at their request or due to some exceptional circumstance.

To make an effective home office framework, employers and employees must sign a written contract. In addition, the home office legal framework may apply to all categories of employees and “gig” employees, but not independent contractors.

Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

The government has not introduced any specific laws to regulate remote-working arrangements and these arrangements are subject to the same laws that govern ordinary employment relationships and other types of working relationships (including independent contractor/principal relationships). These obligations do not cease merely because work is performed remotely in an environment that is not directly controlled by the employer.

Safe Work Australia, which is responsible for developing national policy relating to work health and safety, has published detailed guidelines for remote-working arrangements. These set out in detail what an employer’s duty of care for the health and safety of their workers means in the context of remote-working arrangements, including providing practical advice and guidance as to how employers can identify risks to the mental health of workers at home through to how employers can ensure workers are taking rest and meal break entitlements.

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

First, it should be noted that in the Austrian legal system a distinction must be made between remote working and working in a home office. While remote working regularly includes any work without a fixed workplace (eg, also in cafés and public premises) the work in a home office is limited to an employee's place of residence or at least that of one's partner. Only working in a home office is substantially regulated by law, while remote working can still be agreed largely without formalities and is "only" subject to general labour law norms.

The most important government measure in this sector is the Home Office Act, which came into force on 1 April 2021 in response to the covid-19 crisis and the corresponding working conditions. The Home Office Act adapts various existing laws and tightens the legal framework for home office employment. The relevant provisions include a legal definition of a home office, its direct tax implications, and fundamental legal requirements for working in a home office, such as the requirement of a written agreement between employer and employee. Therefore, a home office can neither be imposed unilaterally nor is there a legal entitlement at a statutory level for any worker to work from home.

The relevant legal provisions on home offices cover all genuine employment relationships that are based on a private law contract. Those are essentially characterised by the personal and economic dependence of the worker. It can be deduced from this definition that independent contractors are not covered by those provisions. They are essentially free to determine working hours and places and only owe their contractual partner the production of a result. Therefore, they can regularly decide independently where they choose to work.

From an Austrian point of view, "gig workers" are also ordinary employment relationships under social security law, which is why the above also applies to them.

Last updated on 21/09/2021

Flag / Icon

Belgium

For several periods during the pandemic, the government strongly recommended remote work or even made it mandatory, except for where remote work was not possible. The requirement to perform remote work was lifted on 27 June 2021. However, until 30 September 2021, teleworking is strongly recommended in Brussels (in the rest of the country, the recommendation was lifted on 1 September 2021 due to a better vaccination rate).

Belgium already recognised three legal systems for remote work or “teleworking”. There is the system for homeworking (the oldest form of teleworking without the use of technology); since 2005, the system for structural teleworking (for more permanent forms of remote work) based on the European Framework Agreement on teleworking of 2002; and since 2017, the system for occasional teleworking (eg, for situations of force majeure). When the government made remote work mandatory during the pandemic, it was unclear which system would apply to this “corona-teleworking”.

Aiming to bring an end to the discussions and to provide a general framework, the national social partners concluded Collective Bargaining Agreement (CBA) No. 149 regarding recommended or compulsory teleworking caused by the coronavirus crisis on 26 January 2021, which applied to the private sector. However, this CBA did not bring any clarity on the discussion regarding the applicable teleworking system during the pandemic, given that it only applied to organisations that had not yet implemented one of the existing teleworking systems. The other systems for teleworking, therefore, still apply to this situation in some organisations. Besides, CBA No. 149 is limited in time, as it only applies until 31 December 2021. Independent contractors and gig workers (as far as they can be considered self-employed) do not fall under the scope of this CBA. However, self-employed workers were also forbidden from workplaces if they were able to work remotely.

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

Remote-working has been formally incorporated into the Brazilian Consolidated Labour Statutes (CLT) after the enactment of the Labour Overhaul (in November 2017) – until then, the law was silent on the rules on and impacts of such an arrangement, and it was up to employers to set their own policies. In a nutshell, the law sets forth that (i) the employment contract (or amendment thereof) should govern the acquisition, provision and maintenance of technological equipment and infrastructure, and payment of any allowance or reimbursement of expenses; and (ii) employers must give express guidelines on ergonomics for employees to observe at home – and employees must sign a term acknowledging that they are aware of such guidelines. Because Brazilian labour legislation is silent on so many points regarding remote working, the Labour Public Prosecutor has set certain additional guidelines to help companies during the pandemic, as many of them have shifted to a remote model (eg, reinforcing digital ethics and highlighting that employees should receive proper technical support). All such laws and guidelines apply to employees only, meaning that independent contractors or other non-employment models are excluded.

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

The first French law on teleworking was adopted on 22 March 2012. It was subsequently modified by an ordinance dated 22 September 2017. Today, three articles of the labour code cover the implementation and the functioning of teleworking (articles L. 1222-9 to L. 1222-11). In addition, two national collective agreements were concluded between employers' representatives and trade unions in 2005[1] and 2020.[2]

The definitions of teleworking given by article L. 1222-9 and by the agreement of 19 July 2005 provide that the rules on teleworking only apply to employees with an employment contract. These rules do not apply to self-employed workers.


[1] National collective agreement on Teleworking – July 19, 2005

[2] National collective agreement for a successful implementation of teleworking – November 26, 2020

Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

There has been no change to the legal basis for mobile working in Germany as far as the employer-employee relationship is concerned. However, at the end of 2020, the Federal Ministry of Labour and Social Affairs (BMAS) proposed the draft Mobile Work Act. The intention was to give employees a right to request mobile working and discuss the issue so they can reach an agreement with their employer. For any employer that disregards its obligation to discuss an employee's request and fails to issue a refusal in due form and time, the draft law states that the employee's request for mobile work would become part of their contract for six months. However, the draft contains several ambiguities. After employers' associations and individual interest groups (eg, the German Lawyers' Association) expressed reservations, the draft law was not passed. It was not introduced into the legislative process and the German parliamentary elections in September 2021 have rendered it moot.

In light of the covid-19 pandemic, Germany imposed an obligation on employers to offer remote working, unless compelling operational reasons precluded this. Employees were under no obligation to accept this offer. They could also decide to work wholly or partly at their workplace if there was a legitimate reason for doing so. However, this regulation was part of measures to protect the German population from the virus and therefore limited until 30 June 2021.

An amendment to the Works Constitution Act brought another change in June 2021, confirming the works council's comprehensive right of co-determination in the organisation of remote working. This very significant development means that a works council can stop measures through which mobile work will be introduced or changed through an interim injunction if it has not given its consent beforehand, or if the refusal has been replaced by an internal arbitration procedure within the company. Against this background, companies need to involve employee representatives in good time if new regulations for mobile work are to be introduced as part of the "new normal".

In principle, the provisions of German labour law only apply to employees. Employees are characterised by the fact that they are deployed within an operational organisation, performing work that is subject to instructions. However, there are two important points to note: platform workers may also be covered, as the German Federal Labour Court ruled in its judgment of 1 December 2020 (9 AZR 102/20); and wherever national law serves to implement EU law, an extension is necessary. Accordingly, managing directors and employees who are in an economically dependent working relationship with a principal (ie, they have a similar status to employees) can also be covered. This might also be relevant to mobile work if provisions to transpose Directive (EU) 2019/1158 on work-life balance for parents and carers into national law and repeal Council Directive 2010/18/EU are planned.

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

Remote working in Greece may be agreed only with the employee’s written consent (ie, provided in the initial employment agreement or by the signing of an amendment to the employee’s employment agreement regarding the employee’s place of work). During the covid-19 pandemic, the law provided for the unilateral implementation of remote working by employers as an exceptional temporary measure to contain the spread of the virus. According to the relevant ministerial decisions issued at different times of the crisis, companies had to apply a remote working system for at least 50% or 60% (for companies engaged in the provisions of services) of employees whose work could be provided remotely (today the limit is 20%).

Please note that a new employment law was introduced in June 2021 in Greece (Law No 4808/2021), which also includes provisions regarding remote-working arrangements. Such law applies only to employees under a dependant employment relationship (ie, the law does not refer to gig workers or independent contractors).

Under the current legal framework, employers’ obligations continue even while their employees continue to work remotely. Such obligations include, among others, ensuring equal treatment of employees, providing equipment and covering the costs of damages that may occur, protecting employees’ health and safety, and monitoring of employees’ working hours and work behaviour daily.

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

The Hong Kong government has not implemented any specific laws or guidelines related to remote-working arrangements. However, the privacy commissioner for personal data has issued various guidelines concerning protecting personal data under work-from-home arrangements. It should be noted that these guidelines are not legally binding but rather recommendations from the privacy commissioner. They apply to organisations and employees, but there is no specific mention of the guidelines extending to gig workers or independent contractors.

The guidelines state that the same standard of security should be applied when employees are working from home as when they are working from the office. They list out various considerations for organisations, including:

  1. setting out clear policies on the handling of data during work-from-home arrangements;
  2. taking all reasonable steps to ensure the security of data, particularly when information and communications technology is used to facilitate this; and
  3. providing sufficient training and support to employees under work-from-home arrangements to ensure data security.
Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

The Indian government has not introduced any labour laws or guidelines around remote working.

However, India is in the process of codifying several of its national-level labour laws into four codes, and one of the labour codes in this regard is the Industrial Relations Code, 2020 (the provisions of which are yet to be made effective). The Industrial Relations Code, 2020 contains provisions relating to Standing Orders that mandate employers in certain establishments to adopt certain work rules for their employees. The draft model Standing Orders proposed by the federal government, as was published by the Ministry of Labour and Employment in December 2020[1] (but yet to be finalised and notified) contains a reference to “work-from-home” arrangements for employers in the services sector.

Additionally, the law on maternity benefits allows a female employee (who has returned from maternity, and whose nature of work is such that it may be performed remotely) to request permission from her employer to work remotely on mutually accepted terms and conditions.

Companies that are registered with the Department of Telecommunications (as Other Service Providers), Special Economic Zones and Software Technology Parks of India, are required to comply with certain conditions for their employees to work from home.


[1] https://labour.gov.in/sites/default/files/224080_compressed.pdf

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

The Irish government announced in March 2021, as part of its National Remote Work Strategy, that it plans to provide employees with the right to request remote working. This right is intended to be introduced at the end of 2021. In line with most Irish employment protections, it is anticipated that this right will be limited to employees only, and so will not extend to independent contractors or “gig” workers who are not employees.

This new right will likely limit when an employer can refuse a request to work remotely and may also give employees a right of action against their employer where such a request is unreasonably refused. Details of the grounds on which an employer may refuse a request for remote work have not yet been announced, nor have the potential consequences for refusing the request. However, it is expected that a similar approach will be taken to that in the UK, where the right to request flexible working – and the grounds on which such a request can be refused has been in place since 2003.

In the meantime, the government has introduced guidance for working remotely (see here) and a remote working checklist for employers (see here).

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

Italian employment law provides – within the framework of employment relationships – for two different ways of working outside the company premises: Teleworking (that is, “Telelavoro”) and Smart Working (that is, “Lavoro Agile”). Neither of them entails a new type of employment contract, but simply a different way of performing the work.

In particular, Teleworking is a way of regularly carrying out work outside the company premises but in a fixed workplace, which is normally at the employee’s home. In the private sector, it is regulated by: a) the European Framework Agreement on Telework dated 16 July 2002; b) the National Collective Bargaining Agreement dated 9 June 2004 for the transposition of the Framework Agreement (hereinafter “CBA 9 June 2004”) and c) the National collective bargaining agreements.

Instead, Smart Working is a way of carrying out work partly inside the company premises and partly outside, without any fixed location. It is regulated by articles 18 - 24 of the Law no. 81/2017.  Italian employment law defines Smart Working as an agreement between the parties without any constraint in terms of working hours or workplace, along with the possible use of technology to enable the work activity to be performed. Therefore, Smart Working, differently from Teleworking, is not constrained to any specific place and work can be performed both inside or outside company premises - with no fixed location.

During the Covid-19 pandemic the Italian Government chose Smart Working as the “main way of working” to fight the spread of the virus and, in some cases, recommended working remotely whenever possible. Considering, the ample diffusion of this way of working, any reference to remote working below shall be understood as Smart Working.

In particular, since March 2020 employers have been allowed to implement Smart Working unilaterally (i.e., without signing any agreement with the employee). Moreover, multiple provisions have been issued during this emergency period specifying the categories of workers that are entitled to work remotely (Smart Working) or have priority to access that way of working, should it be possible for the duties assigned to be performed remotely and depending on the company’s need. Indeed, those categories mainly refer to “vulnerable workers”, such as severely disabled workers and those in possession of specific certificates attesting a risk condition deriving from immunodepression, oncological pathologies or life-saving therapies and parents of disabled children.

Independent contractors or gig economy workers are not included in these specific provisions.

Finally, recently the Italian Government introduced a piece of legislation expressly providing for the right of remote workers to disconnect from IT tools and platforms, without prejudice to the agreements signed and “availability slots” agreed with the employer.

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

Mexico passed a reform to the Federal Labor Law (FLL) concerning teleworking (remote working) in January 2021. According to the FLL, remote working applies under the following conditions: (i) employees’ services are not required in the employer's facilities; (ii) employees constantly provide their services outside of the employer's facilities; (iii) employees carry out more than 40% of their work outside of the office; and (iv) technology is used for the administration of the labour relationship and supervision of the performed services.

The Mexican legislation on remote working, however, does not exclude or limit the possibility of remote working for employees based on their position; this scheme may be negotiated by an employer with its employees through an agreement.

“Gig” workers and independent contractors are treated equally and not considered employees, so telework guidelines do not apply to their services. However, if the service provider files a lawsuit before the Labour Board claiming the existence of an employment relationship, the beneficiary of the services must prove that the service provider was not under his control, supervision, or exclusive dependence.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

The Portuguese Labour Code established the legal regime for remote working, in particular teleworking, in 2003. This provides employers with a general framework for this kind of arrangement. During the covid-19 pandemic and its successive lockdowns, a vast array of legislation on telework was issued, given the specificity of the situation.

Back in March 2020, the teleworking regime could be unilaterally imposed by an employer or requested by employees, without the need for an agreement of the parties, provided that it was compatible with the employees’ functions. Independent contractors were excluded from the scope of this regime.

Due to the evolution of the pandemic, it was then determined that teleworking should be mandatory, regardless of the employment relationship (including contractors), whenever employees’ functions allowed it. In this context, measures were also adopted to promote the compulsory implementation of teleworking within the scope of civil servants, whenever this was compatible with the functions being performed.

With the reduction in the number of covid-19 cases, in the summer of 2020 teleworking was no longer mandatory and the legal regime foreseen in the Portuguese Labor Code was solely applicable.

However, the increase of covid-19 infections led to the adoption of new measures in October 2020, which determined the promotion of teleworking whenever the nature of the activity allowed it. Considering the number of outbreaks, it quickly evolved to a point when teleworking became mandatory in the regions with a higher risk of infection.

It was only in November 2020 that teleworking was established as mandatory for companies that were the final users or beneficiaries of services provided by independent contractors, service providers and temporary employees.

After Christmas 2020 and with the new lockdown, teleworking once again became mandatory across the country. Despite a government announcement in March 2021 that teleworking would be mandatory until the end of the year, due to the success of the national vaccination programme teleworking ceased to be mandatory from 1 August 2021.

It is expected that by the end of summer 2021 amendments to the Portuguese Labor Code regime on teleworking are finally approved, which will address several issues regarding remote working and teleworking in particular.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

Yes. The Spanish government has passed new laws on remote working. First, on 22 September 2020, it approved Royal Law-Decree 28/2020 on remote working, followed by the Spanish parliament passing Law 10/2021 on remote working, superseding it but keeping most of its provisions.

This law applies to any kind of labour relationship in which at least 30% of a worker’s working hours are at their home or wherever they decide. Therefore, there is no specific regulation on “gig” workers or independent contractors.

Additionally, the Spanish government passed a specific regulation in article 5 of Royal Law-Decree 8/2020, through which companies should encourage and prioritise remote work among their staff because of the covid-19 pandemic, as long as this is feasible for their business.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

The Swedish government has not introduced any statutory laws regarding remote working. However, the Swedish Public Health Agency has issued recommendations related to homeworking, whereby the authority recommends that employers should allow employees to work from home or remotely until 30 September 2021. Ultimately, it is the employer who decides if and when remote work can be allowed.

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

Swiss labour law, in particular the Swiss Code of Obligations, does not contain any specific rules regarding remote working. Remote working is governed by the general rules of labour law and, in particular, by the will of the parties to the employment contract (ie, employers and employees).

However, the Federal Act on the Statutory Principles for Federal Council Ordinances on combating the Covid-19 Epidemic (covid-19 Act) provided the Federal Council with a legal basis to implement remote working, should the need arise. The Federal Council made use of this provision and made remote working mandatory from 18 January 2021 to 26 June 2021. The covid-19 Act remains in force through 31 December 2021, so the Federal Council could re-enact mandatory remote working, should the situation worsen again.

The remote-working obligation concerned all workers, provided that remote working was possible and did not lead to exorbitant costs. Employers were responsible for making sure that appropriate organisational and technical measures were in place. With an improvement in the health situation, on 27 May 2021 remote working was made voluntary for employers who agreed to carry out repeated screening tests and met the criteria outlined in the federal testing strategy and who participated in a cantonal testing plan. Since 26 June 2021, remote working is no longer obligatory but remains recommended; an exception exists for employees at risk, including pregnant individuals and persons who cannot be vaccinated for medical reasons.

It also should be noted that on 10 January 2021, a motion was introduced in Parliament that would enact provisions covering remote working (eg, definitions, scope and issues related to health and safety and work and rest periods); this motion has not been debated yet.

In conclusion, except for the Federal Council's decree requiring remote working between January and June 2021, no specific legal provisions govern remote working in Switzerland. 

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

Article 14 of the Turkish Labour Act (TLA) defines remote working as a contractual employment relationship in which employees carry out their duties from home or other locations outside the workplace, sometimes through digital platforms. Based on the TLA, the Ministry of Labour and Social Security recently prepared a Regulation on Remote Working (Regulation), which came into force on 10 March 2021.

The Regulation covers all employees who work remotely under article 14 of the TLA. In this regard, the said rules shall apply to all categories of employees defined under the TLA, including but not limited to fixed-term workers, temporary workers, part-time workers and full-time workers. On the other hand, independent contractors would not qualify as workers under the TLA, as they would not be working in a way that is dependent on a specific employer.

In addition, the Ministry of Labour and Social Security has published the ”Guideline on Remote Working During covid-19” (the Guideline), to increase awareness and share with all employers and employees any information and advice about potential scenarios, problems and economic risks, especially under occupational health and safety. Since all information included in the Guideline qualifies as a recommendation, it may apply to anyone working remotely, even after covid-19.

Last updated on 21/09/2021

Flag / Icon

United Kingdom

  • at Littler

The UK has, for some years now, had in place a formal system by which certain employees can request their employers to implement flexible-working arrangements: see UK government guidance here.

A request can only be made by an employee with 26 weeks’ continuous service (which, in general, means an unbroken period of service with the employer or a related entity), and can only be made once a year. The right does not extend to non-employee workers.

There is a statutory format for making a formal request. This mechanism has not changed or been updated in response to the pandemic but continues to apply as it did previously. The rules differ slightly in Northern Ireland from the rest of the UK.

In addition to the formal, statutory flexible-work request process, many employers have been implementing more informal flexible work policies and arrangements. There is no bar on employers doing so outside the formal statutory mechanism, but any informal arrangements do not remove an employee’s separate right under the legislation to make a formal request. 

Employers must not unlawfully discriminate against their employees and workers when handling remote-working requests (whether they are formal or informal requests) or when making remote-working arrangements: see UK government guidance here and here (for the grounds upon which discrimination is unlawful). There is also a duty to make reasonable adjustments for disabled workers: see here.  Where remote-working requests or arrangements are not handled reasonably and consistently, this could also ultimately trigger an “ordinary” unfair dismissal claim.

In response to the increased interest in homeworking during the pandemic, some UK government agencies and quasi-government agencies have issued guidance relevant to their particular fields of interest.

The Advisory, Conciliation and Arbitration Service (ACAS), a quasi-governmental service that issues guidance relating to workplace matters, has published some recommendations for successfully implementing homeworking: see here. This guidance is not legally binding but is often relied upon by employers, unions, employees and other stakeholders.

In the UK, businesses have a common law obligation to take reasonable steps to protect the health and safety of employees and other types of workers, including those based at home. Under the UK’s health & safety legislation, the Health and Safety at Work etc. Act 1974, employers also have specific legislative duties concerning employees (including home-based employees).

Under the UK’s health and safety legislation, the relevant watchdog – the Health & Safety Executive (HSE) – has also issued some guidance on how to safely implement homeworking arrangements: see here. Specific HSE guidance on keeping workplaces safe as restrictions are lifted, can be found here.

There are separate regulations that deal specifically with employees who are computer users (and which regulate the usage of computers, screens, and relevant furniture such as desks/chairs), and these again also apply to home-based workers. More guidance can be found from the HSE here.

Last updated on 21/09/2021

Flag / Icon

United States

  • at Littler
  • at Littler
  • at Littler

Yes, many states have passed laws that recognise remote-working arrangements. This includes laws concerning employee reimbursement of costs relating to remote work, workers’ compensation, tax, timekeeping and meal breaks, data privacy, and providing accommodation.  Because companies may be legally considered to be employers or “co-employers” of consultants and contractors, these rules may also apply to non-employees.

Up-to-date information on the USA’s response to the pandemic, including State-level news and developments, can be found at Littler’s covid hub here.

Last updated on 21/09/2021

02. Outline the key data protection risks associated with remote working in your jurisdiction.

02. Outline the key data protection risks associated with remote working in your jurisdiction.

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

There is no specific statutory regulation on this matter related to employees under the home office framework. However, it is advisable to create a clear general policy on data protection or include in employment agreements provisions regarding data protection in order to clarify to employees the extent of their obligation. We recommend executing those documents in Spanish, due to the protective nature of local labour law; if there is a conflict with employees, a labour court is likely to dismiss all documents in a foreign language.

As a result, the Personal Data Protection Law (PDPL), Law No. 25,326, establishes the full protection of personal information recorded in personal files, registers, banks or other technical means of data storage and processing. Therefore, employers must comply with the PDPL and take steps to ensure that this law applies throughout their organisation.

The main aspects of the PDPL are:

  1. The purpose of collecting employee data must be communicated to employees and written consent needs to be obtained.
  2. However, consent is not required if the data has been obtained from a public source; collected for the performance of the state’s duties; consists of lists limited to name, ID number, tax or social security identification, occupation, date of birth, domicile and telephone number; or arises from a contractual relationship, either scientific or professional, of the data owner, and are necessary for its development or fulfilment.
  3. In addition, this Law establishes the employee’s right to access and modify any incorrect or false information. Furthermore, the collection of information related to an employee’s private life is permissible as long as the information collected complies with the following requirements: it is not used for discriminatory purposes; it does not violate the individual’s right to privacy; and it is reasonably used.
  4. When an employer requests personal data from an employee, they must be notified in advance and in an express and clear manner about: the purpose for which the data needs to be processed, and who can use such data; the existence of the relevant data file or register, whether electronic or otherwise, and the identity and domicile of the responsible person; the compulsory or discretionary character of the information requested; the consequences of providing the data, of refusing to provide such data or if it is inaccurate; and the data owner’s rights to data access, rectification and suppression.
  5. Indeed, the processing of personal data requires express consent from the data owner, which must be accompanied by appropriate information, prominently and expressly explaining the nature of consent sought. This can be achieved by the employee signing a general consent form on entering employment. However, consent may be withdrawn by an employee.
  6. Various restrictions apply to the disclosure of personal data to third parties. This is generally only allowed if it is in the legitimate interests of the database owner (eg, the employer) and the data owner (eg, the employee) has consented. This consent can be revoked at any time by the data owner.
  7. The transfer of personal data to another country – which does not guarantee a proper level of data protection – is forbidden. Nevertheless, such prohibition is not applied when the individuals, whose personal information is intended to be transferred, give their express written consent.

All data regarding employees’ health is sensitive information, so the employer must get the express authorisation of the employee for any transfer of such date, and employers should stop or restrict the transfer to other companies or its employees that lack sufficient clearance to deal with health information, including covid-19 information.

Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

In the context of an employer-controlled workplace, it is generally much easier to control and mitigate risks to an organisation’s confidential and sensitive information. There are physical protections intrinsic to the workplace (including by generally being off-limits to non-staff) and cyber-networks often have institutional protections in place, such as virtual private networks, firewalls, anti-virus software and secure IP addresses.

Other data protections that normally exist in an employer-controlled workplace include:

  • the use of private meeting rooms to conduct meetings and discussions involving sensitive and confidential information;
  • the secure storage of private, confidential and sensitive information (both hardcopy and in electronic form) on employer-controlled premises;
  • restrictions on the use of personal electronic devices in the workplace; and
  • the content of phone calls or video calls, and even information simply displayed in the workplace (including on computer screens), being kept private under the confines of the physical workplace.

However, the risks to data protection can be much harder to mitigate in the remote-working environment. These risks are heightened for several reasons, including that an employer has much less “visibility” over how employees deal with the employer’s (and any client’s) information in the home environment and much less when it comes to others who may be sharing that space. In this context, one obvious risk is the inadvertent and even deliberate sharing of sensitive information with one’s housemates, family members or guests.

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

The potential data protection risks associated with remote working are largely equivalent to those associated with working in a regular workplace, but are arguably even more prevalent.

A significant potential risk factor is the transfer of personal data if it is no longer securely stored on a company's servers. In addition, employers thereby transfer responsibility for the safekeeping and use of sensitive data to the worker. In doing so, employers have a significantly reduced ability to exert any influence. Nevertheless, companies are still generally regarded as being responsible for data protection within the meaning of the General Data Protection Regulation (GDPR), which creates a certain amount of friction.

It is also questionable whether a so-called privacy impact assessment must be carried out when working in a home office.

In principle, such an assessment must be conducted if data processing – especially when using new technologies – is likely to result in a high risk to the rights and freedoms of natural persons due to the nature, scope, circumstances, and purposes of the processing.

At present, it cannot be assumed that the threshold for the use of new technologies has already been exceeded in the context of remote working. In individual cases, however, it could amount to an "organisational solution" within the meaning of the GDPR, which also triggers the obligation of a privacy impact assessment by the data controller.

Insecure data connections that might not be constantly checked and maintained should also be considered. Another potential risk arises from it being easier for third parties to obtain access to sensitive data, whether it be persons in the same household or others at public places of work.

From a legal perspective, compliance with data security can also be adequately ensured for remote work, considering the GDPR and the corresponding national legal basis (Austrian Data Protection Act).

In home-office agreements, however, it is advisable to make further reference to data protection aspects. Here, companies should refer to the secure and data protection-compliant transport of sensitive hardware. Additionally, companies should take technical and organisational measures to ensure data security (eg, use of VPN, two-factor authentication with mobile phones, encryption of USB sticks, provision of a LAN network, requirements for secure storage of access data).

Last updated on 21/09/2021

Flag / Icon

Belgium

Employees who process data at home could create a data leak when they lose the data or improperly dispose of it after it is no longer useful for the company. It is also more difficult to protect digital data in a non-professional setting and a private network might be more vulnerable to breaches.

Article 9.3 of CBA No. 149 states that company data used and processed by teleworkers for professional purposes must be protected. Employers should inform teleworkers of the company's rules on data protection and, in particular, the restrictions and penalties for the misuse of IT equipment and tools. Considering this, it is strongly recommended for companies to draft and implement an IT policy.

Also, employees’ personal data could be at risk since teleworking often means a direct insight into the personal life of the employee, using remote-monitoring devices. Such devices or software could register data that is not purely linked to their work and might possibly breach several GDPR principles, such as data minimisation.

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

In a remote-working environment, employees are more likely to use their personal devices and Wi-Fi and might share their workspace with family members or roommates. In addition, employees are more prone to mix personal and work-related data. These may lead not only to potential issues involving one’s privacy but also cyber threats and data leakage. Therefore, employers are strongly advised to implement strict policies on remote working, use of personal devices and data storage, as well as to provide the appropriate training.  

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Employers must ensure the protection of their company’s data but also of employees’ data.

According to article L. 1222-10 of the French labour code, the employer must inform the teleworking employee of the company's rules regarding data protection and any restrictions on the use of computer equipment or tools. Once informed, the employee must respect these rules.

The collective national agreement of 26 November 2020, provides more details in article 3.1.4. It is the employer's responsibility to take necessary measures to protect the personal data of a teleworking employee and the data of anyone else the employee processes during their activity, in compliance with the GDPR of 27 April 2016 and the rulings of the National Commission for Technology and Civil Liberties (the CNIL).

The CNIL said in its 12 November 2020 Q&A on teleworking that employers are responsible for the security of their company's personal data, including when they are stored on terminals over which they do not have physical or legal control (eg, employee's personal computer) but whose use they have authorised to access the company's IT resources.

The National Agreement of 26 November 2020 recommends three practices:

  • the establishment of minimum instructions to be respected in teleworking, and the communication of this document to all employees;
  • providing employees with a list of communication and collaborative work tools appropriate for teleworking, which guarantee the confidentiality of discussions and shared data; and
  • the possibility of setting up protocols that guarantee confidentiality and authentication of the recipient server for all communications.
Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

As in other countries in Europe, the provisions of the EU General Data Protection Regulation (GDPR) and its German implementation in the shape of the German Federal Data Protection Act (BDSG) must be observed. Against this background, special measures must be taken to protect personal data in connection with remote work. This especially concerns third-party access to systems when computers and other portable devices are used in the home or on the go. To this end, employers often issue guidelines of standards with which employees must comply.

Also, remote working poses many data protection risks in terms of IT security and confidentiality. For example, cybercrime exploits the vulnerabilities inherent to remote working to infiltrate IT systems and steal confidential data, for instance through phishing attacks. At the same time, the confidentiality of a phone call, for example, is harder to protect while working in a co-working space, on a train or at home than in a typical workspace. Therefore, remote working may require different security measures and employers should inform their employees accordingly. In this regard, the European Union Agency for Cybersecurity last year published cybersecurity tips for remote working, both for employees (connecting to the internet via secure wi-fi networks, fully updating antivirus software and using a secure connection) and for employers (providing initial and regular feedback to employees on how to react if problems arise and restricting access to sensitive systems, etc.).

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

Although necessitated by the circumstances, the transition of employees from corporate networks to largely unmonitored and vulnerable private networks outside the reach of perimeter-based security tools finds most employers unprepared and, thus, exposed to greater cyber threats and personal data breaches compared to on-site work. Employers are urged to take into consideration the increased risks a remote-working environment poses to their data, systems and networks and to invest heavily in IT security, while employees are encouraged to carefully follow all IT security guidelines, stay alert to security incidents and be vigilant with phishing attacks. Within this framework, the Hellenic Data Protection Authority (HDPA) issued “Guidelines for implementing safety measures in the context of teleworking” on 15 April 2020, including appropriate safety measures concerning network access, the use of e-mail or messaging applications, the use of terminal or storage media and how teleconferencing takes place to mitigate data protection risks associated with remote working.

On the other hand, many of these measures may result in more extensive collection and processing (recording, use, disclosure, etc) of employees’ personal data, including monitoring procedures. The key issue for most employers amid these circumstances is to find the right balance between protecting their IT systems and data, on the one hand, and safeguarding the data protection and privacy rights of their employees while working from home on the other.

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

As a result of the covid-19 pandemic, many companies in Hong Kong encouraged their staff to work remotely. This meant taking documents home from the office and using video conferencing, cloud computing and intranet platforms, where those software solutions were available, and also using personal devices to work more. As a result, confidentiality and security of data became more at risk.

Due to space constraints in Hong Kong, it is not practicable to expect employees to work or conduct confidential discussions in an isolated area away from others. Often employees are sharing workspace with family members and may also share a laptop or PC with them. If working from home is not an option for an employee, he or she may be working from cafes or public spaces. As a result, non-employees may overhear confidential discussions or see confidential documents. If these conversations and documents contain personal data (of employees, customers, clients, suppliers or other third parties), then the potential leakage of this data may constitute a breach of the Personal Data (Privacy) Ordinance (PDPO). There may also be contractual confidentiality breaches.

A typical home network is unlikely to have the same stringent security protections in place that an office network does. Attackers have seen an opportunity to steal user credentials from personal devices, which are now being used for work and likely do not have the same security protections as corporate devices. Using unsecured networks and devices may lead to data leakage or theft, which would be in breach of the PDPO.

If personal data is being processed by new third parties as a result of having to implement remote-working arrangements, an employer will need to notify its employees of this. This can be done by issuing employees with a revised or new Personal Information Collection Statement (PICS) setting out the change. The PDPO specifies that a data user, when collecting personal data directly from a data subject, must take all reasonably practicable steps to ensure that the data subject is informed of the intended use of their data and who will be handling such data. A PICS is therefore used to comply with these notification requirements and is a statement regarding a data user’s privacy policies and practices in relation to the personal data it handles. 

Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

An individual’s sensitive personal data or information (SPDI), which includes information on passwords; financial information such as a bank account, credit card or debit card or other payment instrument details; physical, physiological and mental health conditions; sexual orientation; medical records and history; or biometric information or other details related to such information provided to a body corporate for the provision of services or such information received for processing under a lawful contract or otherwise and its storage are protected under Indian data privacy rules. There are certain mandatory obligations for collectors of such SPDI in electronic forms, including obtaining the consent of the data provider, formulating, publishing and complying with a privacy policy for treatment of such data and adopting certain standards of security practices. However, these obligations are not specific to remote-working arrangements; they govern the terms of the data being collected by the employer.

With employees working remotely, employers are facing a challenge with protecting the security of client data and other confidential information, which may be duplicated or disclosed to third parties by employees working remotely on unsecured personal devices.

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

The Data Protection Commissioner has issued guidance on the protection of personal data when working remotely (see here).

The key risks identified relate to protecting and preventing access to laptops, USBs, phones, tablets and other devices; emails; using unsecured networks to transmit data or to access company networks; and ensuring the security and confidentiality of hard-copy documents.

Employers should update data protection policies to take account of remote working and should also consider any data protection issues that may arise from an employee moving to work outside of Ireland.

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

Data security requirements applicable to all employees working at the company premises continue to apply to employees working remotely. The main risks are linked to the transmission of company data outside the company premises, in places not necessarily identified. Therefore, additional data protection precautions should be taken to protect the confidentiality of transmitted data by drafting specific policies.

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

Security controls

The common risks associated with remote working derive from the absence of security controls over equipment, software, and data, and not having any policies for remote-working schemes, leading to:

  • employees storing sensitive information in their local machines, without the control of employers over such tools;
  • compromised security controls; and
  • Wi-Fi networks and routers in homes are more easily compromised, increasing the risk of exposure.

Companies have the right to install security controls for the equipment and tools to be used by teleworkers to avoid any leaks of information and limit their use, because this hardware is the property of the employer. The common practice in Mexico is to implement a security data policy and a work tools policy.

Additionally, even though there are no specific legal provisions concerning the plausible risks associated with data protection in remote-working schemes, the Federal Law for the Protection of Personal Data in Possession of Private Individuals or Entities, the Federal Law for the Protection of Industrial Property, and their regulations and guidelines, establish provisions for the protection of rights concerning personal data, confidential information, and trade secrets, which also apply to remote-working schemes; therefore, all employees working remotely must comply with these laws and regulations. To prevent and avoid the disclosure of this information, the prevailing practice is to enter into agreements with employees establishing specific obligations in connection to confidentiality and data privacy. Such obligations usually refer to the policies and processes established by employers to ensure information security, and the corresponding penalties in the event of any breach.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

Until the pandemic, teleworking was used rather infrequently and most Portuguese employers were not prepared – namely in terms of technology and data storage – to suddenly have their workforce almost entirely and permanently working from home or remotely.

For those reasons, teleworking mainly raised – and continues to raise – concerns regarding the employer’s capacity to ensure that information is protected and that it stays confidential despite being remotely accessed and processed. Remote working enhances security vulnerabilities, which can lead to data breaches.

We would also like to highlight the use of technological solutions that, on one hand, allow employers to exercise their powers of management and control over work performance, but that, on the other, do not violate the general rule prohibiting the use of remote surveillance to control employees' professional performances, or that do not cause excessive restrictions on employees’ private lives.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

Apart from the general personal data protection issues to be considered, there are two significant risks.

First, under article 17 of Law 10/2021, any digital program or software to monitor remote workers must grant employees privacy and protection of personal data according to the Organic Law on Personal Data Protection and Digital Rights Guarantees. In particular:

  • an employer’s access to the digital technology provided to the remote worker must be limited to checking compliance with labour obligations and to guaranteeing the integrity of the devices;
  • employers must establish the terms of use of the digital devices, and the workers’ representatives must participate in drafting them;
  • employers must inform remote workers about the terms of use of the digital devices; and
  • regardless of the terms of use, an employer’s access to the digital means must be necessary for the employer to achieve a legal purpose, appropriate for such legal purpose and proportional to achieve such legal purpose. Based on this, the employer should implement the least invasive way of monitoring remote workers’ activity to achieve the legal purpose the employer is pursuing.

Any measure to monitor employees’ activity should meet these requirements; otherwise, an employer’s decision arising from such monitoring could be deemed unfair, and there could be a breach of the employee’s privacy, which could lead to a damages claim and an administrative fine.

Second, employers must comply with the principles of personal data processing under article 5 of the GDPR, especially purpose limitation and data minimisation, which means that the personal data the employer can process should be only what is the minimum necessary data for the performance of the labour contract or compliance with their legal obligations. Therefore, employers are not entitled to, for instance, force remote workers to turn on their cameras during working hours.

Third, despite remote working, employers must comply with health and safety obligations, which could lead to the employer or its health and safety services provider visiting an employee’s home to evaluate its risks. In that case, employers should issue a report justifying the visit and provide it to the remote worker and the health and safety workers’ representatives in advance. Additionally, to access any remote worker’s home, the employer must first obtain their consent.

If they do not give their consent, measures on health and safety should be based only on the information provided by the remote workers.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

Pursuant to the GDPR, personal data should, inter alia, be processed in a manner that ensures appropriate security and confidentiality for the processing of that data, including by preventing unauthorised access to or use of personal data. For natural reasons, there may be additional challenges associated with this obligation when employees are working remotely, including an increased risk of personal data breaches when employees are working from home. The Swedish Authority for Privacy Protection mentions in its Privacy Protection Report of 2020 the increase in employees working from home as a result of the covid-19 pandemic, and the increased use of cloud service providers. The Authority highlights that data in cloud services is often transferred to countries outside the EU/EEA, and especially to the US. As a result of the Schrems II ruling in 2020, the use of, eg, cloud service providers that transfer data to  such jurisdictions (eg, in connection with IT maintenance) is problematic and may need to be addressed in relation to remote working.   

In light of the above, it is important as an employer to consider what measures are necessary in terms of IT security when working from home (eg, instructions to employees).

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

Employers are required to respect the general Swiss data protection principles and rules. In particular, the Swiss Code of Obligations (SCO) states that the Federal Act on Data Protection (FADP) applies to the handling of employer personal data. The term "personal data" is defined as any information relating to an identified or identifiable person (individuals and companies).

Employers must ensure the security of the data they process. They must take appropriate organisational and technical measures to protect personal data against unauthorised processing or access, such as accidental or unauthorised destruction, loss, technical errors, falsification, theft, unlawful use, alteration, copying or any other undue processing. Moreover, employers also must control access and operations undertaken by employees.

One particularity of remote working is that employees' workstation and business data are located off sites. Meaning that third parties potentially could access this data.

To prevent data protection breaches, employers must institute appropriate technical and organisational measures and raise employee's awareness of data protection risks. These measures may include securing information systems, setting up authorisations and limiting access to concerned employees, and using a VPN. In addition, employees also should be made aware of the risks and procedures through in-house training and user manuals for the IT and security systems.

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

The key data protection risks associated with remote working are data security and the processing of additional personal data while working remotely.

Under article 12 of the Personal Data Protection Law numbered 6698 (the DPL), data controllers must take all administrative and technical measures necessary to prevent unlawful processing of personal data, to prevent unlawful access to personal data and to ensure the security of personal data.

The Regulation also stipulates that the employer must inform remote workers about workplace rules and applicable legislation concerning the protection and transfer of data related to the workplace and their assignments (which may include personal data). The Regulation also emphasises that employers must take all necessary measures for the security of data. Per the Regulation, in the remote-working agreement, the employer must determine the definition and scope of data that needs to be protected.

There is no guidance from the Turkish Data Protection Authority (DPA) concerning measures to be taken specifically for remote working. Its general Guideline for Personal Data Security (Data Security Guideline) and the principal decision of the Turkish Data Protection Board concerning measures required to be taken by data controllers for processing sensitive personal data (Board Resolution for Sensitive Personal Data Security) should be considered by  employers. The measures listed in the Data Security Guideline and the Board Resolution for Sensitive Personal Data Security are not exhaustive. Employers must consider all necessary measures for cyber security. International guidelines and IT sector developments should also be considered.

Employers who have failed to take appropriate measures to protect the unlawful processing of or access to personal data may be required to pay an administrative fine amounting to between 29,500 Turkish lira and 1,966,857[1] Turkish lira. Furthermore, additional technical measures taken for remote-working opportunities must also be communicated to the Data Controllers’ Registry if the employer is required to register data-processing activities (eg, employers located in Turkey that have more than 50 employees or have a balance sheet of more than 25 million lira fall under this obligation). Otherwise, although it may not be an imminent risk, an administrative sanction amounting to between 39,334 lira and 1,966,857 lira may be applied against the employer.

Lastly, if having remote-working employees requires an employer to process additional employee data, then the employer must inform their employees accordingly by providing an appropriate privacy notice under the DPL. Otherwise, they may be fined between 9,832 lira and 196,686 lira. The employer should determine what legal ground should be applied to the data processing due to remote working. If the applicable legal ground is consent but consent is not obtained lawfully from employees, then the employer may face an administrative fine of between 29,500 lira and 1,966,857 lira for unlawful processing. 


[1] All administrative fine amounts mentioned in this questionnaire will be updated for each year based on a re-evaluation determined annually.

Last updated on 21/09/2021

Flag / Icon

United Kingdom

  • at Littler

The key data protection risk associated with home working is data security.

In response to this, the UK’s data protection regulator – the Information Commissioner’s Office (ICO) – has issued guidance on the protection of personal data when working from home, using bring-your-own-device (BYOD) and working remotely (see: here).

The specific issues addressed include implementing appropriate workplace policies, IT security (including cloud-based storage security), the risk of theft and confidentiality.

Employers should update data protection policies to take account of remote working, in light of the ICO’s recommendations, and should also consider any data protection issues that may arise from an employee moving to work outside of the UK.

Last updated on 21/09/2021

Flag / Icon

United States

  • at Littler
  • at Littler
  • at Littler

Data privacy rules vary from state to state. Remote work, in particular, raises issues where employers have less control over the working environment and employees are potentially accessing sensitive information in their home that they share with others.  Employers should ensure that employees working remotely can demonstrate that their location provides sufficient privacy, security, and safety to secure the confidentiality of the employee’s work, company information and materials.  Additionally, health-related data must be protected and employers should be required to protect trade secrets and other confidential data. Employers must also maintain reasonable security measures to protect sensitive personally identifying information. 

Up-to-date information on the USA’s response to the pandemic, including State-level news and developments, can be found at Littler’s covid hub here.

Last updated on 21/09/2021

03. What are the limits on employer monitoring of worker activity in the context of a remote-working arrangement and what other factors should employers bear in mind when monitoring worker activity remotely?

03. What are the limits on employer monitoring of worker activity in the context of a remote-working arrangement and what other factors should employers bear in mind when monitoring worker activity remotely?

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

Regarding any monitoring system designed to protect an employer’s goods and data, the home office framework states that union participation is required to protect employees’ right to privacy.

Such union participation will be guaranteed through joint audits that include professionals selected by the union and the company. The confidentiality of the data processing of the employees involved must be guaranteed. Union participation will be limited to preserving employees’ rights under the home office framework.

Employer must take corresponding measures, especially regarding the software used, to protect any data used and processed by employees who are under the home office framework. In addition, it is forbidden to use surveillance software that violates employee privacy.

Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

As a starting point, it is lawful for Australian employers to monitor staff who are working from home and there are no strict limits prescribed by law on the monitoring of worker activity in the context of remote-working arrangements.

However, this does not mean that employers can monitor employee activity as they please. The mutual duty of trust and confidence that underpins the employment relationship could be breached by inappropriate or overly intrusive monitoring activities.

Employers contemplating carrying out monitoring activities should first review the employee’s individual employment contracts and identify any monitoring or surveillance clause and consider what contractual obligations the employer may have concerning monitoring in the remote-working context, and consult any relevant company policies which might also apply.

Generally speaking, employers should be up-front about how and why they will be monitoring employee activity and any employee information that may be collected by that process. For example, employers should make it clear to employees that monitoring of their work devices, emails and message applications will continue when they are working from home and that the information obtained by the monitoring process could be used in a disciplinary context.

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

Relevant here are first the restrictions on the employer's control of working time. Both the Working Time Act and the Rest Periods Act also apply to remote work and to work in a home office. However, section 26 paragraph 3 of the Working Time Act provides that in the case of work that is predominantly carried out in the home, only records of the duration (not the specific beginning and end) of the working time are to be kept. If the working hours are fixed, only deviations must be recorded.

The practical possibilities of monitoring work performance are manifold due to the IT tools that are now available (eg, log files, webcam). In contrast, in Austrian labour law, the employer's ability to control is subject to important restrictions. Control measures that affect human dignity require either the consent of the works council or – if such a council does not exist – the consent of the respective worker. Both attendance and performance or productivity controls can be relevant here. According to case law, the question of whether human dignity is affected must be assessed on a case-by-case basis. In addition to the employer's interest in monitoring, the way the monitoring is carried out is also decisive, so that the possibility of constant electronic monitoring (for example, by controlling keystrokes or screen duplication) certainly affects human dignity[1].

However, it is of course lawful to check the availability of employees during working hours.


[1] Huger in Huger (Hrsg), Home Office und mobiles Arbeiten [2021] Rechtliche Rahmenbedingungen.

Last updated on 21/09/2021

Flag / Icon

Belgium

Articles 9.1 and 9.2 of CBA No. 149 state that employers may monitor the results or performance of employees appropriately and proportionately. Teleworkers must be informed of how such monitoring is carried out. If employers want to monitor the e-mail or internet activity of employees, they will have to follow the specific procedure laid down in CBA No. 81 for the protection of the privacy of employees, concerning the monitoring of electronic online communication data.

In addition, CBA No. 68 regulates the use of cameras in the workplace. Under this CBA, it is only permissible to use cameras to pursue a limited amount of objectives, including the control of the employee’s work. Yet, for this objective, only temporary monitoring activities are permitted. In any case, a proportionality test is necessary. It will never be proportionate to request that remote workers be permanently recorded by a camera in their homes. However, simply asking them to turn their webcam on during a meeting is not covered by CBA No. 68 and should be possible.

It is also possible to make arrangements with employees regarding the periods during which they need, and do not need, to be contactable by the employer (article 11.3 CBA No. 149).

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

Rules on employers’ ability to monitor employees’ activity tend not to vary from a regular to a remote-working arrangement – but rather depend on “who owns the device”. As a general rule, whenever companies grant electronic devices to employees for work purposes, the content and all data stored in such equipment belong to the company, as they are considered “work tools”. This means that there is no expectation of privacy – provided that employees are informed on such monitoring in advance. In the case of personal devices, it may ultimately lead to certain ambiguity as to employers’ right to have access or monitor activity because of the existence of both professional and personal information. If that is the case, monitoring should be limited to work-related information, apps and files, ensuring, as much as possible, that personal data is preserved and there is no violation of privacy.

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

The rules for monitoring employees do not differ between teleworkers and office workers. Thus, like any employee, teleworkers must be informed in advance of the methods and techniques used to monitor his or her activity (article L. 1222-3 of the labour code).

The implementation of a device allowing the control of the employee's working time must be justified by the nature of the task to be performed and proportionate to the purpose (National Agreement of 26 November 2020).

The CNIL said in a Q/A on 12 November 2020 that the devices used to monitor employees’ activity must not be aimed at trapping employees and cannot lead to permanent surveillance of employees. Thus, audio or video devices, permanent screen-sharing or keyloggers must not be implemented.

If the employer exercises excessive surveillance on his employee, it may receive a financial penalty.

Finally, the CNIL advises employers to prioritise monitoring the completion of missions by setting objectives rather than monitoring the working time or the daily activity of employees.

Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

Employers may have various legitimate reasons to scrutinise and monitor employees' performance or conduct during remote work (eg, productivity, to enforce company policies, protect business secrets, health and safety obligations). However, monitoring worker activity is only permitted in any given case if the employee's privacy interest does not outweigh the employer's legitimate interests. Therefore, employers must justify employee monitoring on a case-by-case basis.

As a result, while monitoring employees via webcam is generally not allowed, monitoring employees' browser history or emails might be possible if the employer prohibits private use of the laptop; there is cause for the monitoring; and the measure does not lead to permanent monitoring of the employee's digital behaviour. Irrespective of this, if a works council has been established, the employer also needs the consent of the employee representatives to use a technical device that monitors employees' performance or behaviour. This is the case with any software.

In any event, the use of a keylogger that continuously records an employee's activities is unlawful. The data cannot be used in a procedural dispute, as the German Federal Labour Court ruled in its judgment of 27 July 2017 (2 AZR 681/16). Employers must always bear in mind the need to comply with the principles of the GDPR and the BDSG, as the personal data that employers collect when monitoring remote work is sensitive data. Employers must therefore take all necessary measures to ensure data confidentiality and secure access to company servers. Monitoring of private emails or private browser history is only permitted if there are clear signs that the employee has committed a criminal offence, but even then, the investigation must be proportionate.

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

Limits on employer monitoring of worker activity do not significantly change in the context of remote working, taking into account that corporate equipment and networks are mainly used, and corporate data is being processed by employees. However, even if personal equipment is being used by employees, the following considerations should be taken into account.

According to applicable privacy and data protection legislation, HDPA decisions and the approach adopted by the European Court of Human Rights in Barbulescu v Romania in 2017, an employer may lawfully access and process personal data (e-mails and other documents) stored in employees' computers in cases where this processing is necessary for the overriding legitimate interests pursued by the employer or by a third party (legal basis of article 6 (1)(f) GDPR). Such legitimate interest of the employer may comprise the need to ensure the smooth running of the business by establishing mechanisms for checking that its employees are performing their professional duties adequately and with the necessary diligence, as well as the need to protect its business and property from significant threats, such as hindering the leaking of confidential information to a competitor or providing evidence of employee's criminal activities. In the latter case, the employer should, however, ensure that it does not enter into the exercise of investigative actions which, by law, are executed exclusively by the competent judicial-prosecutorial authorities.

Particular emphasis should be paid to ensuring the necessity and proportionality of the planned measure and the employer should be able to demonstrate that no less onerous and invasive measures exist to achieve the goal. In this context,  excessive and constant monitoring of employees’ computers and communications cannot be justified. In addition, access should not extend to all communications and their content, but only to those necessary under the proportionality principle.

Employees have a legitimate expectation of privacy in the workplace, which is not altered by the fact that they use equipment, communication devices or any other professional facilities and infrastructure of the employer, even more so if they use their personal equipment. Even if employees have been explicitly informed beforehand of a relevant internal regulation that prohibits the personal use of company computers, this alone does not legally justify monitoring or control of the personal data processed by the employee;  a more specified notice is required. In particular, employers should inform employees beforehand in clear and plain language of the implementation of monitoring methods, and their purpose, extent, nature, circumstances, etc, as required under articles 13 and 14 of the GDPR. In addition, employees should be provided with internal regulations on the proper use of company resources.  which shall include Lastly, employees’ representatives should also be informed of and express their opinion before the establishment of any monitoring systems in the workplace.

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

There are no specific statutory limits on employers monitoring employees’ activity in remote-working arrangements, as long as the employer complies with the PDPO. However, employers mustn't collect employees’ personal data (ie, browser history) without having notified them in advance of the personal data that they intend to collect and the purpose for which it is being collected, under the PDPO. This can be done in a PICS, where monitoring of an employee’s use of telephone, email, internet and video for performance-related and other reasons is likely to be included.

The privacy commissioner has released guidance about monitoring and personal data privacy at work. This includes guidelines on the monitoring of telephone, email, internet and video. These monitoring practices should serve a legitimate purpose that relates to the function and activity of the employer and should be necessary for that purpose. If an employer does not believe it can adhere to these guidelines, it may prefer to find less invasive ways of ensuring that employees are adhering to their job duties when working from home (eg, regular check-ins or asking them to complete timesheets).

Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

Employers in India largely rely on their policies regarding the monitoring of worker activity, in absence of codified laws. As a result of the covid-19 pandemic and resultant lockdown, employers were not fully prepared to shift to remote working and hence faced challenges vis-à-vis ethics and the legalities of monitoring employee activity. Incidentally, there was an employee protest in one case when the employer’s client required the employees providing services remotely to keep their cameras on.

While there is no legal requirement of time tracking specifically in the context of remote working in India, employers are generally required to track the working hours of employees (largely from an overtime perspective) and to comply with certain recordkeeping requirements under applicable labour laws. In this context, employers should bear in mind that their records do not falsely show an employee working beyond the stipulated daily and weekly working hours prescribed under applicable labour laws, which may trigger overtime requirements thereunder.

The law on the protection of women from sexual harassment applies to employees while they are working from home, given the expanded definition of “workplace” that includes “a dwelling place or a house”. Employers need to be careful to ensure that there is no abuse of the online means of communication, such as video calls, in the process of monitoring their employees that may lead to workplace sexual harassment-related claims. 

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

Employers must have regard to an employee’s right to privacy and data protection rights. They must have a legal basis under GDPR for processing employee personal data in that manner and must also be able to demonstrate that the monitoring in question is a necessary and proportionate action to achieve a legitimate aim; and that there is no less intrusive alternative way of achieving that purpose.

Guidance from the Data Protection Commissioner has focused on employers being transparent regarding the measures they adopt, including the purpose of collecting any personal data; minimising the amount of data that is processed; and preserving the confidentiality of any such data.

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

Employee monitoring is governed by article 4 of the Law no. 300/1970.

According to this article if tools that potentially enable employee remote monitoring are needed for the performance of work, employers may be able to collect information from them without a trade union agreement or administrative authorisation. However, information collected through those tools can be lawfully used for all purposes connected with employment, including disciplinary reasons, only if: (i) a company policy is in place adequately detailing the expected use of the tools and the nature of possible checks carried out by the employer; and (ii) the above is done in compliance with data protection legislation. 

No specific guidance or legal provisions have been issued for remote working, so employers should firstly ensure that they are able to monitor their employees in compliance with the above rules. Moreover, the individual agreement signed with the employee working remotely needs to include a reference to how the employer will exercise its monitoring power.

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

According to article 330-I of the amended FLL; the mechanisms employed to monitor teleworkers must be proportional to their purpose; employers must always guarantee the employees’ right to privacy; and the legal framework for protecting personal data must be complied with.

Additionally, activity monitoring must be limited to employees’ working hours and digital connectivity, be transparent, and the employer must respect the employees’ right to disconnect, meaning that they need to respect employees’ time off and must never expect their availability outside of working hours. Further, webcams are not mandatory, and employees have the right to refuse to turn them on.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

In terms of privacy, the teleworking regime establishes that employers must respect employees’ privacy and time with their families, as well as provide them with good working conditions, both physically and psychologically.

Whenever remote working is carried out at an employee's home, visiting the workplace should only be necessary to check work performance or equipment and can only take place between 9am and 7 pm, in the presence of the employee or a person designated by the employee.

Regarding limits on employers monitoring employee activity, the Portuguese Labour Code prohibits the use of remote surveillance in the workplace to monitor the professional performance of employees.

Especially during the pandemic, when remote working and teleworking, in particular, were normalised, concerns arose regarding the limits of monitoring and how to adequately safeguard employees’ privacy.

On 17 April 2020, the National Data Protection Commission (CNPD) issued guidelines on remote control during teleworking, especially the need for monitoring working time and the fact that, in several companies, employees were using their own devices to work.

In these guidelines, the National Data Protection Commission clarified that, regardless of who owns the work equipment, under the teleworking regime employers retain powers to direct and control the execution of work by employees. However, since there are no special provisions on remote control during teleworking, the National Data Protection Commission believes that the general rule prohibiting the use of remote surveillance fully applies.

Therefore, technological solutions for remote monitoring of employee performance are not allowed. For example, software that, in addition to tracking working times, records websites visited; tracks equipment locations in real-time; monitors the use of peripheral devices; captures screenshots; records when access to applications is initiated; controls the document being worked on; or records the time spent on each task are all prohibited.

Please note that, during the pandemic, when remote working was most widespread, the National Data Protection Commission and Trade Unions reported a significant increase in employees’ complaints about illegal monitoring taking place.

Also, since Portuguese labour law imposes an obligation to register working time (eg, start, pauses, end of work time), in teleworking this can be done through technological solutions. Applications specially designed for this purpose are allowed provided data protection principles are respected.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

In general terms, there are no substantial differences between remote and on-site workers.

Any digital program or software to monitor workers must guarantee their privacy and the protection of their personal data under the Organic Law on Personal Data Protection and Digital Rights Guarantees.

Article 17.2 of the Law on Remote Working provides that the employer cannot force employees to install programs or apps on their private devices, or to use their private devices for work.

Regarding workers who travel regularly to carry out their duties, under article 90 of the Organic Law on Personal Data Protection and Digital Rights Guarantees, any geolocation system must comply with the requirements mentioned above (ie, be necessary, appropriate and proportional), and employers must inform the workers and their legal representatives specifically, clearly and unambiguously of the existence and characteristics of such systems in advance. Besides, the employer must inform them that they may exercise their rights to access, rectification, erasure and restriction of the processing of data.

Collective bargaining agreements may provide additional information on this topic.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

From a privacy perspective, employers must consider the GDPR and other privacy-related legislation. The GDPR states, inter alia, that the processing of personal data must be adequate, relevant and limited to what is necessary concerning the purposes for which they are processed (ie, the data minimisation principle). This means that the employer's monitoring of employees cannot be too intrusive – it must be proportionate for the purpose. Furthermore, employers must be able to demonstrate that the purpose of the processing cannot be fulfilled by other, less-intrusive, means. Employers must also adhere to other GDPR requirements, eg, providing employees with information about the data processing in advance. Further, employers must always act in accordance with good practices in the Swedish labour market.

When it comes to employees’ use of email and the internet, the Swedish Authority for Privacy Protection recommends that employers have guidelines for internet use and e-mail. The guidelines should clearly state what type of private use is permitted, and also when the employer may consider controlling employees' internet or e-mail use. Depending on the situation, it may be lawful to carry out inspections of an employee's online usage. If there is a concrete suspicion that an employee is acting in breach of his or her employment contract, it may be lawful to monitor that employee, subject to complying with the GDPR and other privacy legislation. Employees must be informed about inspections or monitoring that may take place.

In terms of time tracking, the Swedish Working Hours Act also applies to remote working, meaning that the same limits on overtime and provisions on minimum daily rest periods must be observed. In some circumstances, however, such as when the work is performed without employer supervision or control, the Working Hours Act may not apply. There are no general guidelines on when the exemption is applicable, but it should be applied restrictively and is rarely applicable in the case of remote working. Employers should therefore engage in dialogue with employees on their working time to ensure compliance with the Working Hours Act.

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

According to Swiss legislation, control or surveillance systems that are primarily intended to monitor the behaviour of employees are prohibited if they are detrimental to the health or well-being of employees. Health is understood in its broad sense and also includes mental health. There are no strict limits as to what surveillance is, but measures must always be proportional.

The European Court of Human Rights, whose Convention has been ratified by Switzerland, has laid down seven guiding principles for contracting states concerning legal surveillance of employees. These principles relate to information, the scope of surveillance, legitimacy of the reasons for surveillance, use of the least intrusive means, the consequences of surveillance, guarantees offered to employees and the principle of trust.

As an example, the Swiss Federal Supreme Court, which is the highest judicial authority in Switzerland, has ruled that it is unlawful for employers to install spyware without employees' knowledge to check whether they are using the internet for private purposes. In that case, the court held that the system was capable of exerting control over employees' behaviour, which is prohibited. It also held that the surveillance was disproportionate since the employer simply could have blocked access to certain websites.

The above-mentioned principles must also be complied with when it comes to remote working, which does not differ fundamentally from onsite working.

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

One way to monitor employee activity in the context of remote working could be to control employees’ use of servers, e-mail accounts and internet while using the employer’s equipment. In Turkey, it is generally accepted that employers are authorised to control employees’ use of servers, e-mail accounts and internet from their equipment within the scope of their right to manage, and there are no particular rules or exceptions as to remote working.

However, even though employers are entitled to such control, monitoring should be proportional to the legitimate purposes of the employer, such as controlling productivity and quality, or providing security. Employers should inform their employees about monitoring on the equipment and servers as well as the reasons for it. Furthermore, employers must provide necessary information about the scope of their monitoring activities to employees under the DPL. Otherwise, there is a risk of an administrative fine.

Employers should also bear in mind that, during such monitoring, they must avoid violating privacy rights. The Constitutional Court recently held that if employees are informed that their e-mails are monitored, the secrecy of private life and freedom of communication must not be violated. The Constitutional Court also stated that the conflicting interests of the employer and employees should be balanced fairly and any intervention by monitoring e-mail accounts should be evaluated on the grounds of proportionality and the legitimate purposes of the employer.

From a data privacy perspective, employers firstly should determine what personal data needs to be processed to if employers have a legitimate interest to monitor employees’ activities, whether the processing of such data may potentially harm employees considering their rights, and whether employers have any options other than processing such personal data when trying to achieve this legitimate interest. Employers must apply a balance test to determine whether its legitimate interest overrides the personal rights and interests of their employees. Otherwise, employers cannot depend on legitimate interest as a legal ground for processing and will need the explicit consent of their employees to apply the relevant monitoring tool. In any case, if any monitoring requires the processing of sensitive personal data, consent will be required as per the DPL. Even if consent is given to employers, this does not mean that they can use monitoring tools to process any personal data that is not required to achieve the legitimate purposes of the monitoring. Any processing in contravention of the DPL (including the general principles applicable to data processing) may impose a risk of an administrative fine.

In light of the above, each monitoring tool considered by employers must be evaluated on a case-by-case basis for determining which legal ground is applicable and to what extent.

Last updated on 21/09/2021

Flag / Icon

United Kingdom

  • at Littler

Monitoring worker activity generally (whether remote-working or non-remote working) is possible but must be handled with caution and appropriate safeguards. As a general rule, employers are entitled to monitor worker activity to some extent, but they must undertake an impact assessment before doing so (which is an internal assessment of the impact of the proposed monitoring on data privacy), tell workers in advance about the monitoring and only monitor workers to the minimum extent reasonably feasible to achieve the employer’s goals.

The monitoring must be necessary, justified and proportionate. In other words, any monitoring must have a legal basis under GDPR for processing employee personal data in that manner (the legal basis may vary depending on the specific purpose of the monitoring), and the employer must also be able to demonstrate that: (a) the monitoring in question is a necessary and proportionate action to achieve a legitimate aim; and (b) that there is no less intrusive alternative way of achieving that purpose. There are also separate obligations in relation to data security and retention.

The more intrusive and extensive the monitoring, the greater the risk that employer monitoring may breach the UK’s data protection legislation, the Data Protection Act 2018 (and the UK’s implementation of the EU’s GDPR).

The ICO has previously published extensive guidance on how employers should implement a monitoring system. See here from page 58. This guidance was published before the pandemic, but is equally applicable. Recently, the ICO has also published specific guidance on monitoring employees using surveillance cameras, to check for compliance with pandemic health & safety obligations: see here.

Last updated on 21/09/2021

Flag / Icon

United States

  • at Littler
  • at Littler
  • at Littler

Monitoring and surveillance laws vary from state to state, and there are also, potentially, tort and criminal laws regarding invasion of privacy that must be considered where the employee has an expectation of privacy.  While audio or key-stroke monitoring may be minimally intrusive, video surveillance is almost always problematic. Some states require only one-party consent for audio monitoring, but others require that all the parties to a conversation consent to such monitoring.

Up-to-date information on the USA’s response to the pandemic, including State-level news and developments, can be found at Littler’s covid hub here.

Last updated on 21/09/2021

04. Are employers required to provide work equipment (for example, computers and other digital devices) or to pay for or reimburse employees for costs associated with remote working (for example, internet and electricity costs)?

04. Are employers required to provide work equipment (for example, computers and other digital devices) or to pay for or reimburse employees for costs associated with remote working (for example, internet and electricity costs)?

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

Employers must provide employees with equipment, working tools and the necessary support for performing their duties, as well as meet all the installation, maintenance and repair costs related to the use of an employee’s own equipment.

If employees incur higher expenses related to the connectivity required to perform their duties, those expenses must be reimbursed by employers.

The provision of equipment is not considered a part of compensation and, therefore, they must not be included in calculations for any severance payments, or union or social security contributions. The guidelines for determining these costs may be agreed upon by the parties if the labour relationship is not under a CBA.

In addition, according to Resolution No. 1522/2012 issued by the Labor Risks Superintendent (SRT), employers must provide the following to home workers: one ergonomic chair; one portable fire extinguisher; one first aid kit; one mouse pad and one Manual of Good Health Practices in the home office (however, this Resolution does not apply if the home-working arrangement is implemented due to the covid-19 health emergency).

Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

There are no laws requiring employers to pay or reimburse employees for costs associated with remote working such as increased electricity costs and internet costs, although some employers may have a contractual obligation to reimburse employees for these costs.

An “expenses” clause is common in Australian employment contracts and provides that an employer will reimburse an employee for any genuine expense they incur in the proper performance of their duties (and for which they can produce receipts). Depending on how such clauses are drafted, employees may have a contractual right to reimbursement of internet and electricity costs as legitimate work-related expenses in the context of remote-working arrangements.

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

The basic obligation of employers to reimburse employees for expenses incurred on behalf of employers already results from general private law for all forms of remote working (more precisely: section 1014 of the General Civil Code).

However, the reimbursement of costs is more precisely defined for work in a home office. Employers are, in principle, obliged by law to provide home workers with the necessary digital work equipment. If an arrangement has been made by works agreement or individual agreement whereby the employee provides digital work equipment, which includes the necessary data connection, the employer shall pay the reasonable and necessary reimbursement of costs. To this extent, the employer is obliged by law to pay compensation.

This expense is to be borne by the employer, who may, however, pay a so-called home office allowance tax-free to the employee up to a limit of €300 and thereby, or by paying an appropriate lower amount, compensate the employee for expenses, including those resulting from increased internet or electricity consumption.

Last updated on 21/09/2021

Flag / Icon

Belgium

Article 7 CBA No. 149 states that employers need to arrange with employees on the provision of work equipment and reimbursement of costs related to remote work (use of a private computer, internet, electricity and gas etc). However, this provision does not include an obligation for employers to provide equipment or to reimburse these costs; it is also possible that there is no such compensation. Nonetheless, reimbursement of these costs is an attractive compensation tool for employers, as they are excluded from income tax or social security contributions (up to a certain limit).

Only a limited group of employees who fall under the homeworking system are entitled by law (article 119.6 Employment Contract Act) to remuneration of 10% of their salary to reimburse costs related to homework.

If an employee cannot work remotely because their employer refuses to provide a laptop (which an employee might not have), it could become impossible for that employee to work, which could be considered a breach of contractual and legal obligations by their employer.

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

Employers are not required to provide work equipment in a remote-working arrangement. The CLT simply establishes that the contract governing that arrangement should be specific as to the provision of any equipment or reimbursement of expenses – if any. Notwithstanding the scant case law addressing this, precedents are inclined to understanding that companies should provide the minimum work tools needed for the rendering of services, eg, a computer and reimburse costs for the internet and power. If the company demands excessive accommodations or adaptations at employees’ homes, notably when those imply costs, employees may challenge the company’s policies and demand reimbursement – and labour courts would likely hold the employer liable for supporting the costs with excessive requests.

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

French law has no provision for this.

It is, therefore, necessary to refer to the two national agreements of 2005 and 2020. These agreements stipulate that the costs incurred by the employee in the performance of his or her employment contract are borne by the employer. This obligation also applies to teleworkers. However, the national agreement of 2020 sets a few conditions for this coverage: the prior validation of the employer, the expense must be incurred for the needs of the professional activity of the employee and in the interests of the company.

The organisation responsible for collecting social security contributions (URSSAF) has issued a list of expenses that must be covered by the employer. These costs include ink cartridges, paper, telephone and internet subscriptions, electricity, heating, a proportion of rent in certain cases (see below) and home insurance.

The terms and conditions for covering business expenses (maximum amount, the procedure to follow, etc.) may be defined unilaterally by the employer, by mutual agreement between the employee and the employer, or by a collective agreement between the employer and the company's unions. Article 3.1.5 of the national agreement of 2020 and the Ministry of Labour recommend doing everything possible to reach an agreement between the employer and the unions.

If teleworking becomes permanent and the employee no longer has an office on the company's premises, the employer must pay a home occupation allowance.[3]

As for the use of the employee's personal equipment, the principle is that the employer must provide the employee with a computer for teleworking. However, if the employee agrees, they can use their personal equipment (article 7 of the national agreement of 19 July 2005).

 

[3] Cass. Soc, 14 septembre 2016, n°14-21.893

Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

Employers are usually required to provide the necessary work equipment when remote working is agreed upon. The obligation to provide work equipment includes office furniture (such as office chairs and desks), IT equipment (hardware and software), office materials (such as stationery and toner) and the necessary telecommunications (like a telephone or internet connection). However, employers are exempt from this obligation if an employee voluntarily chooses to work on a mobile basis despite the business providing company premises.

If the employer and the employee agree that the employee will work at home, the employer usually pays for electricity, heating and internet. However, one-off agreements are usually made in these instances. In addition, the worker is generally provided with a laptop and additional equipment to ensure data security. Office equipment is usually only provided if the employee works exclusively from home (ie, no workstation is provided on company premises). Employers do this not only to save costs, but also to avoid having to check – which is controversial – whether the work station where the employee is working remotely complies with the general principles of health and safety.

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

Employers are obliged to compensate the cost of remote working and provide technical support (ie, IT supports services, etc) to remote workers. In particular, employers must cover all costs associated with remote working, including:

•       the cost of equipment required for remote working (laptop, mouse, keyboard, printer if needed etc). Alternatively, it may be stipulated in the remote-working agreement that the employee will use their own equipment;

•       the cost of telecommunications (ie, use of internet connection, phone, etc);

•       the cost of maintaining such equipment;

•       the cost of restoring any damage caused to it (ie, either compensate the cost of fixing equipment used or replace the same. The employer’s obligation to cover such cost also remains in case the parties have agreed that employees will use their own equipment;  

•       The monthly cost of the employee using their home as a workplace.

 Please note here that the minimum amounts of the abovementioned costs to be compensated by the employer are expected to be regulated by a relevant Ministerial Decision, which has not been issued yet.

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

Employers in Hong Kong are not statutorily required to provide work equipment for employees working remotely or reimburse them for costs incurred in buying such equipment themselves or for the cost of working from home (eg, mobile phone, internet, utility costs and computer usage expenses).

Generally speaking, an employment contract will contain a term stating that all legitimate business expenses reasonably incurred in the proper performance of the employee’s job duties will be reimbursed by the employer to the employee. As such, an employee could potentially make a contractual claim against his or her employer for expenses incurred in buying work equipment for remote working and for the other costs of working from home, unless there is a policy or written instruction from the employer stating otherwise.

If the employer does not reimburse the employee for these costs, the employee may argue that the employer is in breach of contract, or that the costs incurred if not reimbursed would be an offset against earned wages, and therefore result in an unlawful deduction from wages. This, in turn, could lead to the employee bringing a potential claim for constructive dismissal or unreasonable variation of employment terms.

Therefore, it would be helpful for employers to have a clear policy on reimbursement of expenses related to remote working either as a standalone policy or as part of a wider remote-working policy, including what employees can and cannot claim, whether there are any caps on expenditure, how to make such claims and what types of documentary proof of expenditure are required.  

Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

There is no legal obligation for employers to provide work equipment or reimburse the costs of remote working. However, if an employer would like an employee to work remotely, it is generally expected that the employee will be provided with the necessary tools and equipment required for remote working, including a computer and a phone, which an employee is expected to use exclusively while dealing with work-related data. There is, however, no clarity surrounding reimbursement of costs for internet or electricity, and employers adopt different arrangements, based on their remote-working policies and practices.

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

Unless provided for in an employment contract, there is no mandatory obligation on an employer to provide particular work equipment (save as part of its ongoing health and safety obligations), to pay a working-from-home allowance or to reimburse employees for costs associated with remote working.

The Irish tax authorities permit an employer to pay an allowance of up to €3.20 per working day tax-free to employees who are working from home to cover expenses such as heat, electricity and broadband. Any amount paid over and above this permitted limit of €3.20 is fully taxable as income. Where no allowance is paid, an employee may recover up to 30% of the cost of their broadband, and up to 10% of their electricity and heating costs, directly from Revenue, the Irish taxation agency. However, only costs that are attributable to working days are recoverable.

Equipment that is provided by an employer to enable an employee to carry out his or her work (eg, laptop or monitor), and which is used by the employee primarily for work purposes, is not taxable as a benefit-in-kind. Vouched expenses that are incurred wholly and exclusively in the course of an employee’s duties are not generally subject to tax, but this exemption is applied on an extremely limited basis.

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

Under Smart Working rules employers are not required to provide any tools for employees, nor pay or reimburse any relevant costs for the same.

However, they must ensure health & safety and that any work tools assigned to the employees are functioning well.  It is recommended that employers have an internal policy regulating the use and custody of electronic equipment and how it can be safeguarded from damage and theft. However, in case of Teleworking (see point 1) the employer is required to pay all the expenses related to the installation and the use of remote working station and tools (desk, chair, wireless connection, telephone, etc.).

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

Yes, employers must provide, install, and maintain the necessary supplies and equipment (for example, computers, ergonomic chairs, and printers); pay any expenses arising from teleworking, such as internet, communication and electricity services; keep a registry of the supplies delivered to the teleworkers in compliance with workplace health and safety provisions; and establish the necessary training and advisory mechanisms to guarantee the adoption and adequate use of information technology.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

Yes, under the general teleworking regime in the Portuguese Labour Code, unless there is a written agreement to the contrary, employers are responsible for the installation and maintenance of work equipment and the payment of any inherent costs.

Hence, as a rule, employers should make the necessary equipment available. Employees may consent to the use of their own devices for teleworking should the employer not be able to provide them – namely during the covid-19 pandemic – however, the employer is still responsible for ensuring that the equipment is adapted to and programmed for teleworking.

As mentioned above, under the general provisions on teleworking, employers should pay any extra costs related to teleworking. However, according to the Portuguese government, under the special compulsory teleworking regime (whenever the nature of the work was compatible with it) approved during the pandemic, employers must pay any additional phone and internet costs caused by mandatory teleworking, but not those of water or electricity.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

Under article 11 of the Law on Remote Working, employers must provide remote workers with the necessary means, tools and maintenance to provide their services remotely. Employers must also offer remote workers with support services, if technical problems arise. The means and tools employers provide workers with should be listed in the remote-work agreement.

If parties agree on an employee using his or her private means for labour purposes, the employer should compensate that worker.

Employers should also compensate or reimburse remote workers for expenses associated with remote working, such as internet, electricity, water or gas bills. These expenses and how to reimburse them should be listed on the contract. Collective bargaining agreements may determine the expenses and the amounts to compensate.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

There is no legal obligation per se to provide work equipment; however, employers are responsible for the overall work environment, irrespective of whether the work is performed at the office or remotely from the employee's home. This means that the employer must assess the employee's homeworking environment to identify any health and safety risks. This also includes a responsibility for the psychosocial environment. If such an assessment was to show that, for example, the lighting or the seating arrangements for an employee would pose a risk for ill-health, the employer would be required to take measures to prevent this risk. Such measures could include offering employees work equipment such as a lamp or office chair. However, the need should be assessed on a case-by-case basis.

When it comes to computers and other tools necessary to perform the work, it is common for employers to provide this to employees.

In terms of reimbursing costs such as internet when working from home, there are no legal requirements and it is therefore subject to agreement with the employee. However, it is not uncommon that the employer pays part of the internet fee for employees that are permanently home-based, but it is not required.

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

The SCO distinguishes between work equipment or materials and work expenses.

Work equipment and materials, such as phones or laptops, must be provided by employers when they are necessary to carry out the work. However, contracting parties can decide among themselves that employees will provide the work equipment or materials. In such a case, employees are entitled to an appropriate allowance, unless otherwise agreed upon. Work expenses, such as electricity, rent, a telephone or internet plan, generally must be borne by the employer, provided they are necessary to carry out the work. It is not possible to derogate from this rule to the detriment of employees, and employers cannot pass some or all of the costs to employees.

There are several possibilities when it comes to passing costs along to remote workers; employers can provide work equipment and materials or employees can use their own private devices. Instruments and materials that are used for both private and professional purposes are not deemed necessary, since it is considered that employees would have acquired these instruments or materials in any case, even if they are used professionally. This reasoning also applies to private furniture, at least when the exercise of the professional activity does not require the purchase of additional furniture.

Regarding expenses, (eg, rent for private office space or extra rooms), a distinction should be made between three cases: (i) forced remote working for the employee and the employer due to external circumstances (eg, covid-19); (ii) remote working imposed by the employer on the employee (eg, because there are no offices available for the employee); and (iii) remote working agreed upon between the employer and the employee for reasons of personal convenience.

In the first case, which usually occurs when there are extraordinary and unforeseeable circumstances, such as the covid-19 pandemic, the employer must reimburse the employee for expenses incurred to carry out work from home (eg, extra costs for business telephone calls). However, the employer does not have to pay employees’ fixed costs such as rent, internet or a private telephone package.

In the second case, expenses incurred to carry out work from home and which the employee usually does not incur must be borne by the employer. This opinion was followed by the Swiss Federal Supreme Court, which ruled in 2019 that an employer had to pay a portion of an employee's rent because it did not provide the employee with a workspace. This solution also should apply to remote working carried out at the request of the employer.

In the third case (when working from home is the employee's choice), the employer has the right to waive, in writing, compensation for expenses related to remote working, as the remote working costs result from the employee's choice and are not imposed by circumstances or by the employer.

In conclusion, the question of equipment and materials, as well as the question of expenses, depends on the will of the contracting parties and on the situation in which remote working is carried out. Therefore, a case-by-case examination is necessary to determine who bears remote-working expenses.

During the mandatory remote-working period decreed by the Swiss Federal Council from 18 January to 26 June 2021, employees were not entitled to any reimbursement of expenses, since mandatory remote working was a temporary injunction from the authorities. However, as the decree did not contain any provisions covering work equipment and materials, the general provisions of the SCO applied.

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

As per article 7 of the Regulation on Remote Working, it is essential that the materials and working tools required for the remote employee’s work are provided by the employer, unless otherwise agreed in writing.

In practice, many global companies adopt policies to make further payments to employees to reimburse office supplies, internet, etc. Therefore, it may be favourable to reimburse employees for costs associated with remote working.

Last updated on 21/09/2021

Flag / Icon

United Kingdom

  • at Littler

Unless provided for in an employment contract, in general there is no mandatory obligation on an employer to provide particular work equipment (save as part of its ongoing health and safety obligations, or in the context of making an adjustment for an employee with a disability), to pay a working-from-home allowance or to reimburse employees for costs associated with remote working.

Employees who have no choice but to work from home (including because of the pandemic) can claim tax relief on some utility expenses: see here for more guidance from HMRC (the UK’s tax authority). Similarly, an employee may be able to claim some tax relief for smaller items of equipment acquired by the employee for home working: see here.

Employees using work-supplied office equipment solely for work purposes (ie, not equipment owned by the employee, such as a work laptop) do not normally incur any tax liability in respect of the equipment: see here. There may be a charge if the employee is given or acquires the property from the employer: see here.

Last updated on 21/09/2021

Flag / Icon

United States

  • at Littler
  • at Littler
  • at Littler

There is a patchwork of various state laws, either by judicial decision or statute, affecting expense reimbursement, particularly in instances involving mandatory remote work as opposed to remote work requested by the employee. Ascertaining expense reimbursement obligations is one of the most challenging aspects of implementing a compliant teleworking arrangement. Some states do not require reimbursement of work equipment, internet, etc, while others, such as California, do require reimbursement of “all necessary expenditures.”

Up-to-date information on the USA’s response to the pandemic, including State-level news and developments, can be found at Littler’s covid hub here.

Last updated on 21/09/2021

05. What potential issues and risks arise for employers in the context of cross-border remote-working arrangements?

05. What potential issues and risks arise for employers in the context of cross-border remote-working arrangements?

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

The potential issue that employers may have regarding cross-border remote-working arrangements is that Argentine labour law is mandatory and it establishes minimum rights that may not be waived, even by agreement of the parties. Therefore, if a multinational company wants to impose its home office framework in all jurisdictions where it has offices, it will face considerable legal exposure if it does not follow Argentine remote work regulations.

In this regard, for cross-border provision of services, the regulation that applies will be the one in force in the jurisdiction where the services are being rendered or the applicable law where the employer is based, depending on which is more favourable to employees.

Also, when hiring foreign nationals who do not reside in Argentina, the home office framework establishes that prior authorisation must be requested from the Ministry of Labour (ML). Moreover, considering the particular situation of each activity, applicable CBAs must establish a maximum limit for these types of hires (this last aspect is pending regulation).

Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

For many international employers and their workforces, the experience of remote working during the covid-19 pandemic has been positive and will likely become part of the “new normal” in the employment landscape. However, employers are now presented with the challenge of reconciling this with their obligations under laws that regulate employment and the practicalities of managing a remote workforce, and tax issues.

Working hours is a key regulatory issue for employers as remote working can make it difficult for employers to monitor and control when an employee is working, when and if they are taking breaks, and if they are working overtime. In respect of monitoring employee performance and conduct, many employers have legitimate concerns about employees working remotely being less productive and not taking their employment obligations and responsibilities seriously.

We are aware of employers introducing software for employees to record their working time and adopting measures to ensure they have some level of “visibility” over employees who work remotely. For international employers, it is difficult to do this in real-time, although there is now technology available to bridge time differences including software that automatically monitors employee activity, including by periodically taking screenshots of employees’ work computers, tracking keystrokes, mouse movements and logging websites that employees have visited. We have seen several “hours of work clauses” and “availability” provisions in employment agreements that introduce a requirement for an employee to be available and responsive to the employer at times that are outside of the employee’s normal daylight working hours in their country of residence.

However, most Australian-based organisations with international employers are not rolling out monitoring systems with universal effect as regulatory frameworks can differ significantly between jurisdictions and a “one size fits all” approach could be problematic as a monitoring system that is permissible in one country may infringe privacy protections in another (for example, whereas Australia and New Zealand have a more relaxed “principles-based” framework to promote and protect the privacy of individuals, other countries’ constitutions explicitly protect workers’ privacy as an inviolable right).

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

Labour Law:

The essential issue regarding labour law is the question of which labour law should apply. Often, employers will want to apply a uniform labour law to all employees. However, this becomes impossible if in cross-border remote-working arrangements the labour law of the state of residence provides certain overriding mandatory rules and minimum standards (eg, in wage dumping and working time). Additionally, it may prove difficult for employers to keep track of the ever-changing legal landscape in various jurisdictions. Allowing for cross-border remote-working arrangements will oftentimes lead either to higher staffing requirements in the in-house legal department or increased recourse to local external partners. Both are associated with costs. There is also the question of work permits, depending on the applicable local law.

Social Security Law:

While temporary covid-related home office work in other EU or EEA countries (and Switzerland) should not lead to any change in social security responsibilities, the corresponding provision is limited until 31 December 2021 and is restricted to pandemic-related work in a home office. Apart from an exceptional situation such as this, for workers who are working in more than one member state, working or earning more than 25% of the working time or remuneration in the country of residence leads to a change of the applicable social security regulations there. This is naturally associated with (sometimes) considerable administrative effort. The corresponding declarations must be made, and the payment of contributions must be ensured.

From the employer’s point of view, especially regarding accident insurance protection, it is important to note that the exact location of the remote workplace must be specified individually.

While insurance coverage in the home office is expressly clarified, the details concerning remote work in general are still controversial. These uncertainties are exacerbated in cross-border situations.

Tax Law:

If remote work is carried out across borders, this can have (potentially negative) effects on taxation. First, it must be considered that a domestic employer may employ workers who carry out their work both domestically and, for example, in a home office abroad. This may result in the establishment of a foreign permanent establishment through that home office. This would lead to a limited tax liability for the domestic employer abroad. A limited tax liability may also be accompanied by the obligation to deduct income tax via PAYE (pay as you earn). Since national legislation must be considered, this can lead to a considerable administrative effort.

In general, employees should not stay abroad for more than 183 days per year as otherwise they will be taxed in the country in which they are active. Finally, it must be considered whether there are taxation agreements between the countries and how these are structured.

Last updated on 21/09/2021

Flag / Icon

Belgium

There are many issues at stake, as the foreign states could apply their public order labour law provisions, require a work visa, apply their social security scheme (and contributions) and their income tax obligations. This usually depends on whether these states are part of the EU or EEA (or if they have bilateral treaties with Belgium) and the duration of the cross-border work; if it lasts long enough to lose its temporary nature, the full scope of the foreign legal system may become applicable.

For foreign nationals coming to Belgium, Belgium will apply almost all of its labour law provisions immediately to the remote worker, except for rules concerning the conclusion and termination of employment contracts, including non-compete clauses laid down in the Employment Contracts Act. After 12 months, rules concerning the general obligations of employers and employees, the liability of employers for the actions of their employees and the suspension of employment contracts will also apply.

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

Although cross-border remote-working arrangements have become increasingly popular – especially during the pandemic –, up to now there is no specific rule in the Brazilian migratory or labour legislation governing that scenario. From a labour perspective, there is no clarity as to whether employees transferred to work abroad on a remote-working model would still be covered by Brazilian legislation and thus entitled to Brazilian rights and benefits, or by that of the country where they have been transferred to. From a tax and social security perspectives, it is necessary to identify if the workers are deemed as tax residents in Brazil in order to determine the correct taxation on compensation amounts paid in Brazil / by a Brazilian source or paid abroad. There are also potential mechanisms to avoid double taxation on income in International Treaties. Furthermore, there are international agreements specifically for social security purposes, which, under certain situations, prevent Brazilian companies from having to collect social security charges.

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Cross-border remote working can accentuate some of the problems caused by teleworking or create new ones.

Among the existing problems, the loss of social ties is accentuated if the teleworker decides to work from another country. Indeed, the employee abroad will never physically see his colleagues, which will create a distance between the employee working from abroad and other employees.

Similarly, employers must ensure the protection of the health and safety of workers (article L. 4121-1 labour code). This is a difficult obligation to meet in teleworking, especially because employers do not have access to remote employees’ workplaces. It is even more difficult if the employee works from another country because the sanitary, electrical and other standards are different and potentially less protective than French rules.

As for social security law, in principle, the employee depends on the social security system of the country where they work. The employee can only continue to benefit from the French social security system if they are in a secondment situation. Moreover, this is only a temporary solution because the secondment implies a temporary mission. The employer will therefore have to register the employee with the social security system of the country where they are working, which will cause problems in terms of social contributions.

Another question that may arise is whether an employer should accept a work stoppage prescribed by a foreign doctor.

Finally, another problem that may arise is the employee's right to disconnect. Indeed, the employer and the employee must agree on a time slot during which the employee can not be contacted to respect his private life as much as possible.[4] It can be difficult to establish a time slot that suits both the employee and the employer in case of major time zone discrepancies.


[4] National agreement of November 26, 2020

Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

There can be potential issues and risks concerning the taxation of salaries, social security coverage (eg, Regulation (EC) No 883/2004) and the applicable labour law for employers in the context of cross-border remote-working agreements (eg, article 8 Rome I Regulation).

For employees who live in a different country than where the employer is based, special regulations in double-tax treaties for cross-border commuters might normally be applicable. However, due to the pandemic many cross-border commuters, who would otherwise commute across the border to their workplace, now stay at home and work remotely. As such, they no longer meet the conditions to be considered cross-border commuters and the double-tax trea­ties cease to apply. To avoid a change in the previous tax treatment because of temporary remote working, bilateral agreements have been made, for example, with both Austria and Swit­zerland. Germany has also agreed with the Benelux countries so that days worked from home because of the pandemic are considered as worked in the country of employment.

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

From a Greek employment law perspective, if employees are permanently working remotely in Greece, the application of certain provisions of Greek labour legislation that constitute mandatory law (ie, the payment of severance in case of termination, overtime payment, annual leave entitlements etc) may apply, if more favourable for the employee.

From a Greek social security law perspective, in general, employees will be insured and therefore pay social security contributions to the Social Security Fund of the country where they provide their work. However, there is no specific legal provision regarding payment of social security contributions for remote working (ie, in cases where an employee is working physically from a country where the company has no legal entity). According to the guidelines of the Ministry of Labour, in case of such remote-working arrangements, an employee would be insured and therefore pay social security contributions to the Social Security Fund of the country where the company has its legal entity and from which the employee is paid through its payroll system.

From a Greek tax law perspective, as well as under the double-tax treaties signed by Greece, if an individual is in a dependent employment relationship with a non-Greek employer and provides his or her services remotely from Greece permanently (ie, for more than six months) while using as a fixed place his or her home, there might be a permanent establishment (PE) risk in Greece for the non-Greek employer, to the extent the services rendered from Greece constitute the core business of the foreign company and are not limited to auxiliary or preparatory activities.

Also, if a non-Greek company signs an independent services agreement with an individual (contractor) and the contractor is authorised to conclude binding contracts on behalf of the non-Greek employer in Greece with Greek clients, a dependent agent PE risk for the non-Greek company may also arise.

Furthermore, irrespective of the  PE risk, based on domestic law if an individual provides employment services from Greece (to a Greek or non-Greek employer), his or her employment income is considered Greek sourced. Thus, it should trigger local tax reporting and tax compliance liabilities for the non-Greek employer, who should be registered with the Greek tax authorities to withhold  Greek personal income tax and special solidarity contribution (if any) corresponding to the employment income of the employee every month. It is noted that such a tax registration, reporting, or compliance liability does not apply for the non-Greek company in case of an independent services agreement with a contractor.

Lastly, from the individual’s point of view, if he or she works from Greece for more than 183 days per year, it might create a tax residence issue under the domestic tax rules, in which case he or she should be subject to regular Greek taxation and should be taxed in Greece for his or her worldwide income according to the relevant domestic income tax rules.

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

Salaries tax

In Hong Kong, employees are responsible for paying tax on their employment income; this is called salaries tax. Whether and how much salaries tax is payable by employees temporarily working abroad will depend on whether their employment is considered “Hong Kong employment” or “non-Hong Kong employment”. The Inland Revenue Department will consider various factors when determining if employment is Hong Kong or non-Hong Kong, such as where the employment contract is negotiated, concluded and enforceable; where the central management and control of the employer is; and where the employee’s remuneration is paid.

Employees with Hong Kong employment will generally remain subject to salaries tax in Hong Kong if they temporarily work outside of Hong Kong for part of the tax year (beginning of April to end of March the following year). If the employee works outside of Hong Kong for the full tax year, then they will not be subject to salaries tax in Hong Kong. Employees with non-Hong Kong employment who work outside of Hong Kong temporarily will generally not be subject to salaries tax in Hong Kong.

Social security

Hong Kong does not have a comprehensive social security system similar to other countries, but most employers and employees in the city are required to make contributions to a mandatory provident fund (MPF), which is a regulated privately managed retirement fund.

Where mandatory contributions are being made to the MPF, the fact that an employee is working temporarily abroad will not affect the contributing obligations of the employer or the employee.

Employment law

Employers would need to be cautious as to whether local employment laws (in the overseas country) would apply to the employee when working remotely from that country. These may include minimum wage restrictions, paid annual holidays, maternity or paternity entitlements and rights on termination.

Employers in Hong Kong also have a statutory and common law duty in respect of the health and safety of their employees. This includes ensuring that the employee has a safe workplace. If an employee suffers a personal injury by accident that “arises out of and in the course of employment”, the employer may be liable to compensate the employee even if the injury was sustained while the employee was working from abroad.

Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

Some high-level considerations to be kept in mind by employers in a cross-border remote-working arrangement can be summarised as follows:

Labour law considerations

While a permanent remote-working model from India is not legally tenable for a foreign employer, it must be borne in mind that India has labour laws at national and state levels. Accordingly, and depending on the employee's primary place of work in a remote working arrangement, the employer must consider the state labour laws and compliance.

Please also note that in cases where an employee is working remotely from India, the employee may be able to claim protection under Indian health and safety laws. We are yet to come across such cases in India involving cross-border employees.

Where an employee employed in India is moving to a foreign country to work remotely, the Indian employer will need to comply with applicable Indian labour laws concerning benefits, consultation, flexible work issues, worker health and safety obligations and taxes.

The Employees’ Compensation Act, 1923, which applies to commercial establishments in some jurisdictions and certain categories of employees otherwise, and provides for compensation payable by employers to employees related to any “injury caused to an employee by accident arising out of and in the course of his employment”, has extraterritorial application outside India for employees of Indian companies travelling or working overseas for their employer.

Social Security

Where an employee in India moves out of India to work remotely, subject to the terms of any social security agreement between the concerned foreign country and India, such employee may be treated as an “international worker” under the Employees’ Provident Fund and Miscellaneous Provisions Act, 1952 (EPF Act). Similarly, where foreign nationals are employed with an Indian entity of a foreign employer, subject to any social security agreement between the concerned foreign country and India, such foreign national may be treated as an “international worker” under the EPF Act and be subject to compliance requirements thereto.

Tax considerations

The presence of an employee in India employed with a foreign entity may lead to tax or permanent establishment issues for the concerned foreign entity in India, depending upon the nature of activities carried on by such employee in India. The provisions of any double taxation avoidance agreement between India and the concerned foreign country will also need to be considered in this respect. Similarly, for employees in India moving outside India to work remotely, the employee’s tax residency status will depend on the applicable tax laws in India, the concerned foreign country and other applicable considerations such as foreign exchange control regulations based on which taxes will need to be withheld or paid. Individuals may also be subject to taxation depending on their length of stay in any country.

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

Employees working remotely outside the UK may create expensive tax liabilities for themselves and their employers. It’s important to be aware of these before any long-term decisions are made.

The foreign country in which the employee is working may seek to tax some or all of that employee’s income from the employment. This is based either on the fact that a substantial number of days have been worked in that other country or in some cases on the basis that the employee has become a tax resident there under local law. Further, social security liability may accrue (which is generally assessed separately from income tax).

The main concerns for the employer will be whether there is an obligation to operate local payroll withholding and whether local social security rules add significantly to the wage bill. The rules vary widely between countries and, unfortunately, there is no “one size fits all” approach to managing this issue across multiple jurisdictions.

Employers will also need to consider the possibility that a UK employee working abroad may inadvertently create a “permanent establishment” of the UK employer in the other country, which in turn can expose part of the profits of the UK employer to corporate taxes in that other country. What constitutes a “permanent establishment” for corporate tax purposes in another country depends on the specific tax laws of that other country.

In practice, at a high level, most countries adopt a standard definition of a “permanent establishment”, which is derived from the OECD’s Model Tax Convention (being: (1) a fixed place of business in a country; or (2) a dependent agent, such as an employee, who acts on behalf of an employer and has, and habitually exercises, authority to conclude contracts in the name of the employer entity). This always needs to be checked on a case-by-case basis for the relevant countries involved.

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

As a rule, it is not prohibited to work remotely abroad.

However, this could give rise to the following issues:

1) Applicable law: although the employment contract is governed by Italian law (or the law chosen by the parties), the mandatory rules of the place in which the work is carried out could apply, including those on working hours, safety at work, etc.

2) Social security contributions: the general rule is that contributions are paid in the country where the work is carried out. At times, bilateral agreements between countries or within the European Union make exceptions to this general rule if specific requirements are met, providing that in the case of short periods of work abroad, the contributions continue to be paid in the country of origin and not in the country where the work is carried out.

3) Accident at work insurance: Insurance problems could arise in connection with this specific method of working and the employer should verify concretely what kind of coverage exists.

4) Taxation: depending on the period spent working abroad, there is a possible risk of being subject to multiple taxes from different jurisdictions.

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

If employees are hired under Mexican law, they will be entitled to the same mandatory benefits and social security as any other employee in Mexico; therefore, they must be registered with the Mexican Social Security Institute (IMSS) and must comply with employment tax obligations, which include payroll taxes and income tax on their salaries.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

The analysis of potential issues associated with cross-border remote working depend on whether employees are working in Portugal or abroad and if there are one or multiple employers involved and where they are located.

However, cross-border remote-working arrangements mainly raise issues regarding the definition of applicable law. The correct definition of the applicable law allows for compliance with labour and social security obligations that otherwise, if breached, pose significant risks to employers.

Even if there is an agreement through which the parties choose the applicable law, a set of mandatory provisions of Portuguese labour law would still apply if the work is mainly performed in Portugal, namely in key areas such as termination, health and safety obligations, and insurance for workplace accidents. Failure to correctly identify the applicable law may have serious consequences, for instance, employers may be entirely and solely responsible for all liabilities deriving from a work accident.

Furthermore, if in a given case the Portuguese labour law applies to the cross-border remote-working agreement, employers have to bear in mind that there are some difficulties regarding the definition of workplace and work time in connection with remote working, which can raise challenges when implementing these schemes.

Besides the above, cross-border remote working may also raise questions regarding work permits.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

Labour law

Under article 8 of Regulation (EC) 593/2008 on the law applicable to contractual obligations, employment contracts should be governed by the law chosen by the parties, but this choice cannot deprive employees of any inalienable protections under the law of the country from which they habitually carry out their work. This, in practice, means that remote-working contracts, regardless of their content, are governed by the law of the country from which the remote workers mostly work.

Social security law

Under article 11 of Regulation (EC) 883/2004 on coordinating social security systems (Regulation 883/2004), remote workers will be subject to the social security regulations of the country where they provide their services.

However, under article 12 of Regulation 883/2004, if remote workers are posted by their current employer to another EU member state to perform work on that employer’s behalf, they should continue to be subject to the legislation of their member state of origin, provided that the anticipated duration of such work does not exceed 24 months, and that they are not sent to replace another posted person.

If the remote workers come from a country outside the EU, the bilateral agreement on social security between Spain and that third country, if any, should apply.

Breaching this obligation may result in the Spanish social security authorities claiming any unpaid contributions from the employer (around 30% of the monthly salary, capped at €4,070 per month) for the past four years, plus a 20% surcharge and interest. Additionally, the employer may face administrative fines ranging from €6,250 to €10,000 per employee (as of 1 October 2021, from €3,750 to €12,000 per employee) for failure to register, and ranging from 50% to 150% of unpaid social security contributions, plus a 20% surcharge and interest, for the past four years for defaulting on social security contributions.

Tax law

Remote workers could trigger a Spanish permanent establishment for the foreign employer, if one or more of them can (legally or de facto) enter into legally binding contracts on behalf of the employer (ie, if the employee becomes a dependent agent). A permanent establishment would trigger Spanish corporate income tax liability for the employer on the annual profits attributable to that permanent establishment.

Additionally, depending on the remote worker’s country of tax residence, the tax withholdings the company must make may significantly differ, so workers could receive a net amount higher or lower than they expected. But if the company makes lower tax withholdings than legally required, it may face administrative fines and could be obliged to pay any pending tax withholdings.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

Labour law

Pursuant to the Rome I regulation, the employment relationship will, as a main rule, be governed by the law of the country in which the employee habitually carries out his or her work. If the employee does not habitually carry out the work in one country, the contract is governed by the law of the country of the place of business of the employer. However, if it appears from the circumstances as a whole that the work is more closely connected with another country, the law of that other country shall apply. Notwithstanding the above, it is possible for the employer and employee to agree on which country's legislation should apply, provided another law does not deprive the employee of the protections that would have been guaranteed by statutory law under the applicable legislation, as per the Rome 1 regulation.

In light of this, cross-border remote-working arrangements may open up questions on applicable legislation. It is advisable to check if there are any such issues before allowing such arrangements. In addition, there may also be tax consequences for both the employer and employee. Furthermore,  a cross-border remote-working arrangement might also mean risk from an insurance perspective. Therefore, employers should ensure their insurance covers employees working remotely from another country.

Social security and tax law

Employers who have employees working remotely from another country should be cautious about the tax effects such an arrangement may trigger. An employee working remotely (eg, from home) in Sweden may trigger a taxable permanent establishment in Sweden, which has the effect that a part of the company's income would have to be taxed in Sweden. If a permanent establishment is triggered, the company would have to register with the Swedish Tax Agency for corporate income tax purposes. It should also be noted that the Tax Agency can look back up to six calendar years for a reassessment of a permanent establishment. It is thereby possible for a foreign company to carry out activities in Sweden for a long time without being taxed in Sweden and having a full reassessment decision from the Tax Agency for previous years.

Furthermore, the company may also have to register for payroll purposes in Sweden, if the employee's income would be subject to Swedish income tax and Swedish social security contributions. Income tax and social security contributions are to be reported and paid monthly. However, if the employer does not have a permanent establishment in Sweden, and provided that certain criteria are met, the employee may self-report and pay the social security contributions (but not the tax). Even if such an arrangement can be applied, the employer must still register with the Swedish Tax Agency for filing a statement of earnings and tax deductions and to report and pay income tax on the salary paid to the employee.

If a Swedish company has employees working remotely in another country, the employer may become liable to pay income social security fees and taxes abroad on any income that would be attributable to the work undertaken in that country, and may also have to comply with the registration and reporting requirements of that country.

In international cross-border working situations, taxation is not only regulated under domestic law but also double taxation treaties. As these rules reflect the special situation between two states and are the result of negotiations between them, it follows that these rules vary from one double taxation treaty to another. Regarding social security, domestic law, EU community regulations and international social security conventions must be taken into account when assessing which country the employee belongs to and what social security contributions are to be paid in that country. Normally, an A1 certificate would have to be obtained for social security purposes; such certificate states which country's social security insurance system that the employee belongs to.

It is recommended to seek guidance from an independent tax counsel regarding international cross-border work situations to assess the tax consequences in each case.

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

Remote working has labour, social security and tax law repercussions for employees whose contractual place of work is Switzerland, but are resident in and work remotely from an EU border country. Issues related to remote working from outside the EU are not discussed.

First, regarding labour law, remote working creates a second place where employees carry out their activity. In the event of a dispute, the Convention on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters provides that employees may initiate proceedings in the state where their employer has their residence or seat, or in the state where they habitually carry out that work. According to EU case law, an employee's residence can be considered their habitual place of work if they carry out 60% or more of their professional activity there. This criterion only can be excluded if it is shown that based on qualitative criteria, another place is the centre of employees' activities. Swiss case law is less specific than EU case law and only refers to the place where the centre of the activity is located.

Furthermore, remote working also can have repercussions on the law applicable to the contract. European Regulation 593/2008 on the law applicable to contractual obligations (Rome I) indicates that the contract is governed by the law chosen by the parties. However, if a case is brought before a court in the EU, this legislation provides that the choice of the parties cannot override the mandatory employee protection rules applicable in the state where the employee habitually work. Therefore, there is a risk that the law applicable to the contract (eg, Swiss law) could be replaced by the law of the state in which an employee lives.

Second, concerning social security law, employees are usually subject to the social security system of the place where the activity is carried out.  Thus, if employees carry out the entirety of their activity in Switzerland, they are subject to Swiss social security. Conversely, if they perform their entire activity in the EU, they are subject to the social security system of that state. According to European Regulation 883/2004 on the coordination of social security systems, if the activity is carried out in multiple states (eg, partly at the employer's Swiss offices and partly in their state of residence), employees are subject to the social security system of the state in which they reside if they carry out a substantial part (25% or more) of their activity there. Otherwise, employees are subject to the Swiss social security system.

Third, remote working also can have an impact on tax law. In general, taxation in Switzerland is based on residence. However, a person who has neither their residence nor a habitual abode in Switzerland nevertheless may be taxed based on an economic connection with Switzerland, such as the exercise of a gainful activity. Thus, employees who carry out their entire professional activity at home by working from home (outside Switzerland) would have to pay taxes in that state, as a condition for carrying out gainful activity in Switzerland is a physical presence in Switzerland. Employees who carry out part of their work abroad are taxed proportionally in Switzerland and the other states.

The covid-19 pandemic led to some derogations from the above principles. 

In terms of labour law, the widespread remote working connected to the covid-19 crisis is considered to be temporary and thus does not provide a basis for an employee’s state of residence to be considered their usual place of work. Consequently, employees who carry out a substantial part, or even all, of their professional activity by working from home due to covid-19 are not deemed to be habitually working from home within the meaning of the EU regulation, provided that this situation remains temporary.

In terms of social security law, the applicable system is not affected by covid-19-related restrictions. Switzerland has agreed with neighbouring countries that an increase in the time spent by employees of a Swiss company in their state of residence due to the increase in remote working shall have no impact on social security. A flexible application of social security rules has been agreed upon with Germany, Italy, Austria and Liechtenstein and is effective until 31 December 2021. For France, this is effective until 15 November 2021. For other states, in principle, this also will apply until 31 December 2021.

In terms of tax law, Switzerland also has agreed with certain neighbouring countries that an increase in the time spent by employees of a Swiss company in the territory of their state of residency due to the increase in remote working shall have no tax impact. The agreement with France was signed on 13 May 2020, and the agreement with Germany was signed on 11 June 2020; they both expire on 30 September 2021. The agreement with Italy, dated from June 2020, is still in force and is tacitly extended on a month-to-month basis provided that neither country terminates it. The agreement with Austria is also still in force.

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

Theoretically, cross-border remote-working arrangements are possible from an employment law perspective as the law does not provide a clear rule or restriction on this. However, in practice, the Social Security Institution does not consider days worked overseas as workdays subject to social security premiums. Therefore, such arrangements may not be possible.

Employers located in Turkey must consider their data privacy obligations where employees are working in the context of cross-border remote-working arrangements, because the relevant obligations are mostly applicable on a residency basis due to the principle of territoriality. On the other hand, under Turkish legislation, employers must ensure the security of data shared with the relevant employees.

In addition, employers should bear in mind that any data shared with such employees would be an overseas transfer of data. As a result, if the transferred data contains personal data, consent must be obtained for such transfer of data abroad from the data subject, covering the purpose of processing this data unless the employers have permission from the DPA for the relevant international transfer. International transfers of personal data are restricted in Turkey. Unlike GDPR, the DPL does not protect international transfers in the European Economic Area (EEA) as Turkey is not in the EEA and standard contractual clauses do not apply to the transfer of personal data from Turkey to overseas.

Depending on the sector in which employers are engaged, there may be further data-residency and data-localisation requirements. Therefore, before any cross-border remote-working arrangements, employers must evaluate whether they are subject to such requirements and how they should approach the data to be processed by the relevant employees for their duties and assignments on a case-by-case basis.

Last updated on 21/09/2021

Flag / Icon

United Kingdom

  • at Littler

Employees working remotely outside the UK may create expensive tax liabilities for themselves and their employers. It’s important to be aware of these before any long-term decisions are made.

The foreign country in which the employee is working may seek to tax some or all of that employee’s income from the employment. This is based either on the fact that a substantial number of days have been worked in that other country or in some cases on the basis that the employee has become a tax resident there under local law. Further, social security liability may accrue (which is generally assessed separately from income tax).

The main concerns for the employer will be whether there is an obligation to operate local payroll withholding and whether local social security rules add significantly to the wage bill. The rules vary widely between countries and, unfortunately, there is no “one size fits all” approach to managing this issue across multiple jurisdictions.

Employers will also need to consider the possibility that a UK employee working abroad may inadvertently create a “permanent establishment” of the UK employer in the other country, which in turn can expose part of the profits of the UK employer to corporate taxes in that other country. What constitutes a “permanent establishment” for corporate tax purposes in another country depends on the specific tax laws of that other country.

In practice, at a high level, most countries adopt a standard definition of a “permanent establishment”, which is derived from the OECD’s Model Tax Convention (being: (1) a fixed place of business in a country; or (2) a dependent agent, such as an employee, who acts on behalf of an employer and has, and habitually exercises, authority to conclude contracts in the name of the employer entity). This always needs to be checked on a case-by-case basis for the relevant countries involved.

Last updated on 21/09/2021

Flag / Icon

United States

  • at Littler
  • at Littler
  • at Littler

Employees who cross state borders trigger a host of risks for their employer. The obligations of the jurisdiction where the work is performed will generally prevail (depending upon duration).  For example, state law, and even municipal law, control employers’ leave obligations (such as time off to vote, paid family leave, or paid sick leave).  With paid sick leave, this can become very complicated, as each law has different tracking, recordkeeping and accrual requirements. In addition, state withholdings and income tax, as well as insurance (workers compensation), must be considered.  Local ordinances often also control wage-and-hour issues such as how and when an employee must be paid, pay-statement requirements, whether an exemption applies or overtime must be paid, and other nuanced areas such as required employer policies, or notices relating to wages or unemployment insurance.

Up-to-date information on the USA’s response to the pandemic, including State-level news and developments, can be found at Littler’s covid hub here.

Last updated on 21/09/2021

06. Do employers have any scope to reduce the salaries and/or benefits of employees who work remotely?

06. Do employers have any scope to reduce the salaries and/or benefits of employees who work remotely?

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

The home office framework establishes that teleworking employees have the same rights and duties as those working at an employer’s main offices (including union rights), and their salary must not be less than what they would receive if they worked at an employer’s offices. Therefore, once employees are assigned to remote working, their compensation cannot be reduced due to this change.

In general terms, employers have the right to redesign or reassign job responsibilities. Such a right is known as an employer’s right to modify labour conditions (Ius Variandi). In this sense, local laws allow unilateral amendments to terms and conditions of the employment contract provided they do not adversely affect essential labour conditions and do not cause any moral or material damage to the employee and the changes are reasonable.

As a result, if an employer unilaterally decides to reduce the salaries or benefits of remote workers, and the change is considered to be unreasonable, resulting in material or moral damage to the employee involved, he or she can file an injunction to restore the original conditions of employment. If the employer refuses to do so, the employee may claim constructive dismissal and file for severance compensation and any applicable fines. Please bear in mind that according to Decree No. 39/2021, the following severance compensation items must be duplicated until 31 December 2021: seniority; prior notice; and the remaining days of the month of termination, if the employee considers himself or herself constructively dismissed (except for those individuals hired from 13 December 2019). In addition, there is a maximum cap of 500,000 Argentinian pesos US$5,210).

Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

An employee’s salary and contractual benefits are entitlements that are contractual and employers cannot unilaterally vary such entitlements. Similarly, an employee’s remuneration may reflect the minimum rate of pay provided for in an industrial instrument such as a Modern Award and employers will not be able to reduce the remuneration or benefits without running the risk of undermining the minimum entitlements provided in the instrument.

Employers can consult with staff about a proposal to restructure their hours and pay, but generally, no such changes can be implemented without employees being given an opportunity to consider the proposed changes and agreeing to those changes.

The minimum wage order provides that an employee cannot be paid less than the national minimum wage.

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

Employers cannot unilaterally reduce employees' salaries because of remote work. A salary reduction is only possible either by mutual agreement or through a dismissal, with the option of re-employment on altered conditions.

Regarding benefits, we believe that a distinction must be made according to whether they were granted with working on office premises in mind and whether the employer has reserved a right to revoke them. In the latter case, employers may reduce or revoke benefits unilaterally. In addition, it can also be argued that, for example, meal vouchers for the company canteen are no longer issued and are not reimbursed. Such and other “social benefits by the company” can be limited to use at the company’s workplace.

Last updated on 21/09/2021

Flag / Icon

Belgium

In general, this would be considered a unilateral modification of the employment contract, which can be seen as an irregular termination of the employment contract by the employer, who will have to pay in lieu of notice if an employee claims this. However, the employer will no longer have to pay any agreed commuting expenses (but if the employer pays for a public transport subscription, this would just continue).

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

Employers cannot reduce the salaries or benefits of employees solely because they work remotely. Note that the federal government has introduced certain measures to help companies survive through the pandemic and avoid layoffs (eg, reducing employees’ working hours and salaries, suspending employment contracts temporarily, remote working (with fewer requirements than those set forth by the CLT), and delaying the collection of certain labour charges). These alternatives apply to all employees regardless of their work arrangement (ie, remote workers or not). Therefore, it may be the case that employees were shifted to a remote model and have had their working hours and salaries reduced. Other than that, salary reductions would depend on prior negotiation with the applicable union.

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Teleworkers have the same rights as employees who work from a company's premises (article L. 1222-9 III of the Labor Code).

Employers cannot modify employees’ remuneration without obtaining agreement.[5] This rule also applies to teleworkers.

In some countries such as the United States, employers can adjust the remuneration of teleworking employees to the cost of living in the employee's place of residence. This practice is not prohibited in France but the employer must be careful in doing so as it could constitute discrimination based on the place of residence, which is prohibited by the labour code[6]if it is not justified by objective elements. 

However, employers can withdraw a few benefits from teleworking employees. Indeed, even if the Ministry of Labor says in a Q&A that the telecommuting employee must receive lunch vouchers like other employees, some jurisdictions believe that the employer can stop paying these vouchers to teleworkers because they are not in a comparable situation to employees who work from a company's premises.[7]

As for transportation costs, the employer must cover half of the cost of the transportation pass used to travel to the office and to return home from the office (article L. 3261-2 of the labour code). If the employee does not have to travel to work during the month, the employer does not have to pay transportation costs.


[5] Cass. Soc, 18 oct. 2006, n°05-41.644

[6] Article L. 1132-1 Labour code

[7]TJ Nanterre, 10 mars 2021, n° 20/09616

 

Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

The employer is required to pay remuneration based on an employment contract or collective bargaining agreement. Normally, there are no clauses in that contract that provide for a reduction in salary if the employee works remotely. However, special allowances for the reimbursement of expenses that become obsolete due to working from home (such as meal allowances or reimbursement of travel expenses) may no longer apply in individual cases.

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

Equal treatment between employees working remotely and those working at the company’s premises are guaranteed. Any reduction of salaries may be implemented only following the employee consent (ie, by signing an amendment of the employment agreement).

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

Unless the employee has a clear policy or a contractual provision that permits it to reduce salaries or benefits in this situation, it is unlikely that the employer could lawfully make such reductions without the employee’s consent. Where an employee has elected to work remotely and there is such a policy or contractual provision in place, the reduction in salary or benefits is unlikely to be challenged by the employee. Where an employee has been forced to work remotely by their employer (due to Covid-19 or otherwise), such a reduction may be challenged as the remote working has not occurred at the employee’s request.

Generally, if an employer changes an employee’s salary or benefits unilaterally, an employee could bring potential claims against it for unlawful deduction from wages, unreasonable variation of employment terms or constructive dismissal.

Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

“Wages including the period and mode of payment”, “contribution paid, or payable, by the employer to any provident fund or pension fund or for the benefit of the workmen under any law for the time being in force”, “compensatory and other allowances”, “hours of work and rest intervals”, “leave with wages and holidays” and “withdrawal of any customary concession or privilege or change in usage” are some of the protected conditions of service under the Indian labour law. For changing any such service conditions to the detriment of the workers, the employer is required to provide 21 days’ prior notice and inform the labour authorities in a prescribed format.

Additionally, the payment of salary and benefits is largely a matter of contract between the parties, beyond the minimum requirements under the labour laws in terms of wages, bonus, social security, insurance, overtime, etc. Hence, the terms of the individual employment contract and policies also need to be considered while reducing wages or removing benefits. These are generally sensitive matters and could also lead to HR issues for the employer, especially if the employees are unionised.

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

Any unilateral reduction of salary or benefits by an employer without the consent of an employee can be challenged by way of a breach of contract claim, an unlawful deduction of wages claim, or a claim of constructive dismissal on the part of an employee. However, such a reduction could be agreed upon between the parties as part of an agreement, for example, to permit the employee to work remotely permanently.

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

Under Smart Working regulations, employees who work remotely are entitled to receive an overall economic treatment equal to that paid to employees working at the company’s premises. Therefore, generally speaking, employers cannot reduce salaries/benefits of employees working remotely. Nonetheless, recent Italian case law considered it possible for employers to revoke meal tickets from remote workers (except in the case of specific contractual obligations), as it is not part of the normal salary of the employee.

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

No, any reductions to employees’ salaries or benefits are considered a unilateral modification to employment conditions, and therefore are grounds for justified rescission of the employment contract with total responsibility attributed to the employer. If this were to happen, severance will have to be paid as if it were an unjustified dismissal.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

Teleworking employees have the same rights and obligations as any other employees, which implies that no reduction in salaries or benefits is admissible, in principle. Under Portuguese labour law, employers cannot reduce basic remuneration unless expressly and exceptionally authorised by both the employee and the Authority for Working Conditions (ACT).

Reducing or cancelling any other payments to remote workers would be deemed discriminatory, and therefore illegal, except for situations where valid grounds could justify it.

Moreover, concerning reducing or suppressing benefits, the fact that benefits have been granted regularly over the years may lead to their qualification as acquired rights of the employees and part of employees’ remuneration, which would mean restrictions on the termination, reduction or alteration of such payments.

During the beginning of the covid-19 pandemic, there was debate over whether employees were still entitled to a meal allowance if they were teleworking, since the cause for payment would cease to exist (ie, employees would no longer be forced to spend money on out-of-home meals). However, the government clarified that, under the special compulsory teleworking regime (whenever the nature of the functions being performed was compatible with it), employees retain the right to a meal allowance, based on the principle of equal rights for on-site employees and teleworkers.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

Article 4 of the Law on Remote Working provides equal rights for remote and on-site workers, so they receive equal pay and are entitled to the same schedule, breaks and work-life balance, and they are expressly included in equality plans and harassment prevention protocols.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

The employer is not entitled to unilaterally reduce the employee's salary or other employment benefits unless provided for in the individual employment agreement or a collective bargaining agreement. Hence, such a measure would require an agreement between the employer and the employee. If the employer implements unilateral salary deductions, the employer may be held liable to pay damages for a breach of contract. Moreover, there is a risk that the employee can claim that the deductions imply an unlawful termination of employment, which could make the employer liable to pay both compensation for losses sustained (capped at 32 months' salary) as well as general damages.

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

The payment of salary constitutes one of the employers' main obligations under an employment contract. This obligation exists even in the case of remote working and, therefore, it is not possible to reduce salary due to remote working.

Regarding benefits, a distinction must be made between different types. For example, it could be considered that employers who provide a car or a transport pass to employees could waive this benefit or reduce it proportionally if employees carry out all, or part, of their professional activity from home. However, if employees are paid meal allowances, it may be more difficult to justify removing this benefit, although the situation is less clear in situations in which employers provides employees with free meals.

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

As per article 14 of the TLA, remote workers cannot be treated differently from a comparable worker solely due to the nature of their employment contract. Employers cannot reduce the salaries or benefits of employees who work remotely merely on grounds of remote working. However, if there is other justification, such treatment may be acceptable.

Last updated on 21/09/2021

Flag / Icon

United Kingdom

  • at Littler

No, unless they implement the reductions formally with the agreement of the employee or (if relevant) the union.

Any unilateral reduction of salary or benefits by an employer without the consent of an employee can be challenged by way of a breach of contract claim, an unlawful deduction of wages claim, or a claim of constructive dismissal on the part of an employee.

However, it is possible that such a reduction could be agreed between the parties as part of an agreement, for example, to permit the employee to work remotely on a permanent basis.

Last updated on 21/09/2021

Flag / Icon

United States

  • at Littler
  • at Littler
  • at Littler

Most jurisdictions in the US have at-will employment, so that with appropriate advance notice, salaries and benefits of at-will employees can be reduced without issue (ie, assuming no contract and the pay does not fall below the threshold for minimum wage or to maintain any particular exemption).  However, as with any workplace policy, the law mandates that selection for wage reduction be without regard to protected status such as race, age or disability. Thus, there may be an exposure to risk of claims to the extent that those who work remotely are seeking an accommodation or there is a potential for disparate impact.  Thus, employers should ensure that there is no "disparate impact" on any protected status that is required to work remotely.

Up-to-date information on the USA’s response to the pandemic, including State-level news and developments, can be found at Littler’s covid hub here.

Last updated on 21/09/2021

08. Can employers require or mandate that their workers receive a covid-19 vaccination? If so, what options does an employer have in the event an employee refuses to receive a covid-19 vaccination?

08. Can employers require or mandate that their workers receive a covid-19 vaccination? If so, what options does an employer have in the event an employee refuses to receive a covid-19 vaccination?

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

The covid-19 vaccine has not yet been included in the National Vaccination Program (NVP); therefore, it is not mandatory for Argentine citizens in any industry. In addition, there are no proposals to make the vaccine compulsory in any industry, so employers may not compel their employees to receive a covid-19 Vaccination.

However, Resolution No. 4/2021 establishes that employees who choose not to be vaccinated must act in good faith and do everything they can to reduce any health risk their decision may cause to employers. In this sense, if an employee may not or does not want to be vaccinated (it is voluntary), employers should offer an alternative to office working, such as working from home. Moreover, if an employer does not allow unvaccinated or untested employees to enter their premises and does not offer any other alternative, those employees might consider themselves constructively dismissed and may follow the same process outlined in question 6 above.

In addition, the following provisions apply regarding vaccination:

  1. employees may act in good faith and provide reliable proof of vaccination, or state (in an affidavit) the reasons why they were not able to access the vaccination, as applicable;
  2. employers may request that all employees (regardless of their age and risk condition) return to their workplace if they have received their first dose (at least) of any approved covid-19 vaccine and 14 days have passed since that dose;
  3. the Resolution clarifies that the following employees (who were previously exempted from the duty to attend to their workplace) are included in the scenario mentioned in point b: people over the age of 60; pregnant employees; and People included in risk groups;
  4. health employees with a high risk of exposure may only be summoned 14 days after completing the vaccination schedule in its entirety (both doses); and
  5. in both scenarios (points b and d), the following individuals are still exempt from attending the workplace, even after vaccination: immunodeficient patients; oncological patients; and transplant recipients.
Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

It is our view that in most cases Australian employers will be able to lawfully direct staff to get vaccinated under the rubric of existing health and safety obligations, and we note that several major Australian employers have already implemented mandatory vaccination directives.

Many sectors are subject to public health orders that effectively require employers in those sectors to have mandatory vaccination programmes in place (including the aged-care sector), and these employers have the government’s support for vaccine mandates.

While the government has stopped short of endorsing mandatory vaccinations for employers across other industries, we consider that on balance a direction to staff to get vaccinated will amount to a “reasonable” direction and recommend employers adopt this approach, which is in line with the duty to eliminate (or if that is not possible, minimise) the risk of exposure to covid-19 in the workplace.

Of course, employers should adopt a case-by-case approach when considering whether to enforce a mandatory vaccination policy or directive in respect of an individual worker. We note there may be individuals in a workforce who have a legitimate basis on which to exempt themselves from any requirement to be vaccinated (for example, a worker who has an underlying medical reason for refusing the vaccine or a conscientious objection on religious or cultural grounds), and may be able to claim that they have been discriminated against if they are subjected to any adverse action as a result of refusing to get vaccinated.

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

Vaccination is not compulsory (but see question 10). Employers will not be able to force workers to have a covid-19 vaccination, as long as no corresponding legal basis has been established. However, the legal situation of workers who refuse vaccination has not yet been fully clarified.

Employers might struggle to comply with their duty of care if workers remain unvaccinated. Co-workers, but also customers, would be exposed to a greater risk of infection if workers are unwilling to get vaccinated. Moreover, the set-up of additional protective measures might lead to a considerable increase in costs the employer is unwilling to bear.

Therefore, the employer has two options:

A transfer of the worker to another workplace with a reduced risk of infection (no contact with customers or co-workers) should be considered first. If the employment contract does not provide for a transfer of workers and the worker refuses to change his or her workplace, the employer could give notice of dismissal with the option of reemployment on altered conditions. Here, for example, a change in working conditions or a change in the place of work would constitute an adequate rearrangement.

However, a dismissal or a dismissal with the option of reemployment on altered terms may not be conditional on vaccination. Yet, if there is no such opportunity for employment, the worker might be legally dismissed as he or she has nowhere to work. The question here too is if the worker can provide other evidence to meet the requirement of a reduced incidence of infection. Besides vaccination, a negative test result or a confirmation of a Covid-19 recovery will serve this purpose.

Last updated on 21/09/2021

Flag / Icon

Belgium

Although there is an ongoing discussion, the majority of the legal community believes that employers cannot force employees to get the covid-19 vaccine. This opinion is shared by the Federal Public Service of Work, the Belgian Data Protection Authority and the Federal Anti-discrimination Institute (Unia). If there is no legal basis for this obligation, employers seriously risk a violation of the privacy rules of the GDPR and the anti-discrimination Act of 2007 (discrimination based on health status).

Certain voices in the legal community state that an employer could make vaccination mandatory based on an obligation to create a safe and healthy working environment, but this legal basis does not seem specific enough to effectively remove the risks. For now, the Belgian government does not appear eager to create a legal basis for mandatory vaccination, but this could change in the future.

Upon the recommendations of the consultative committee, on 20 August 2021, the government announced that they are exploring the possibility of mandatory vaccinations for employees in healthcare institutions.

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

This is still a very controversial matter in Brazil. Recent decisions issued by the Supreme Federal Court have recognised the constitutionality of mandatory vaccination on a federal, state and municipal level in the public system (through the adoption of indirect measures). That being said, it may be possible to apply the same rationale to private work relations. This is mainly because, under Brazilian Law, employers must ensure a safe and healthy work environment that encompasses, for instance, the adoption of preventive measures to tackle covid-19 – including, in a broad interpretation, the vaccine. If on one hand employers must ensure a healthy and safe workplace, then on the other employees must comply with company rules in that regard and cooperate with the company in the implementation of such measures. Thus, considering the Supreme Court’s recent decisions regarding compulsory vaccination and laws on health and safety in the workplace, we understand that there may be some arguments to defend disciplinary measures, even termination of employment with cause, if employees refuse to get vaccinated without a medical justification. This possibility has also been considered enforceable by the Labour Public Prosecutor when publishing certain technical guidelines in January 2021. However, the president of the Superior Labour Court has informally indicated that termination with cause should not be applied in the event of refusal – whereas other justices of the Superior Labour Court have agreed with such a measure. Therefore, there is still no consensus as no decision on this matter has been issued so far by the labour courts. In any case, the following recommendations would apply: the adoption of preventive measures such as educational campaigns about the importance of vaccination and the legal implications of an unjustified refusal; and to evaluate the possibility of terminating an employee with cause on a case-by-case basis. In such an instance, the following will be considered: the reasons for the employee’s refusal; if the employee is under any type of job protection; if the applicable collective bargaining agreement provides for something specific in that regard; if the employee can be moved to a work-from-home arrangement; and if there is any court decision regarding the matter when such termination is planned to occur.

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Employers can require that their employees are vaccinated only if the vaccination is made mandatory by the French Public Health Code.

In France, vaccination against covid-19 has not been made mandatory (except for health professionals). Therefore, French employers cannot force their employees to be vaccinated. However, they can recommend it to their employees without forcing them (please note that due to the Law of 5 August 2021, employees are entitled to leave to attend covid-19 vaccination appointments).

Please note that a law was passed by Parliament on 5 August 2021 and states:

  1. To make access to certain places, establishments or events conditional upon the presentation of either a negative PCR test, or proof of vaccination status concerning covid-19, or a certificate of recovery following covid-19 infection.

This would only cover the following activities:

  • recreational activities;
  • bars and restaurants (except company restaurants), including terraces;
  • department stores and shopping centres by decision of the Prefect of the district in the event of risks of contamination under conditions guaranteeing access to essential shops and transport;
  • seminars and trade fairs;
  • public transport (trains, buses, planes) for long journeys; and
  • hospitals, homes for the elderly and retirement homes for companions, visitors and patients receiving care (except in medical emergencies).

In those specific cases, from 30 August 2021, an employer undertaking the above activities may ask their employees to present one of these documents, including proof of vaccination status. If an employee is unable to present such documents and chose, in agreement with their employer, to not use paid holidays, the employer can suspend the employee’s contract, on the same day. This suspension, which can lead to an interruption of salary, ends as soon as the employee produces the required proof.

If the suspension goes beyond three working days, the employer shall invite the employee to a meeting to attempt to rectify the situation, including the possibility of temporarily reassigning the employee to another position within the company not subject to this obligation.

  1. Mandatory vaccination for health professionals, including those working in an occupational health service according to article L.4622-1 of the labour code.

The health professionals listed in article 12 of the law of 5 August 2021 (doctors, nurses, doctors working in occupational health services, osteopaths etc) must be vaccinated as of 9 August 2021, unless there is a medical contraindication or a certificate of recovery can be presented.

Please note that the law provides for a transition period as follows:

  • up to and including 14 September, the staff concerned may present a negative test  that is less than 72 hours old (RT-PCR screening test, antigen test or self-test carried out under the supervision of a health professional) if they are not vaccinated;
  • between 15 September and 15 October inclusive, when an employee has received the first dose of vaccine, he or she may continue to work provided that he or she can present a negative test result; and
  • from 16 October 2021, they must present proof of the complete vaccination schedule.

This obligation does not apply to people who perform occasional tasks. The Ministry of Labour defines “occasional tasks” as a very brief and non-recurring intervention that is not linked to the normal and permanent activity of the company. Workers who carry out these tasks are not integrated into the workgroup and their activity is not public-facing.

This may include, for example, the intervention of a delivery company or an urgent repair.

On the other hand, the following are not occasional tasks: carrying out heavy work in a company (eg, renovation of a building) or cleaning services, because of their recurrent nature.

When carrying out an occasional task, the workers concerned must ensure that they comply with social distancing rules.

Employees who have not presented one of these documents can no longer work. Thus, when an employer finds that an employee can no longer carry out their work, the employee must be informed without delay of the consequences of this prohibition, as well as the means to rectify the situation. A dialogue between the employee and employer to discuss ways of rectifying this situation is encouraged.  An employee who is prohibited from working may, with the employer's agreement, use days of rest or paid leave. Otherwise, their employment contract will be suspended.

The suspension of the contract, which leads to the interruption of salary, ends as soon as the employee fulfils the conditions necessary to continue working.

When the employer or the regional health agency finds that a health professional has not been able to carry out their role for more than 30 days, it informs the national council of the order to which they belong.

Please note that, according to the law of 5 August 2021, the employer must inform the new works council (CSE) of measures taken to implement any obligations to verify the vaccination of health professionals or the health passes of employees who come under the aforementioned sectors.

Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

In Germany, there is no legal obligation to be vaccinated against covid-19, not even in particularly sensitive areas such as hospitals or care facilities. Rather, vaccination against covid-19 is voluntary and can only be administered after prior consent. This fundamental legislative decision must be observed in the employment relationship. An obligation to be vaccinated cannot be agreed in an employment contract; it would deviate from the basic principles of the statutory rules and therefore be invalid according to the law on general terms and conditions.

Nor can an obligation to be vaccinated be introduced through a works agreement and stipulated by the employer and works council. According to the established case law of the German Federal Labour Court, the parties to a works agreement are bound by the fundamental rights of the German constitution. In this regard, the physical integrity of the employees who are not willing to be vaccinated, which is protected under the German constitution, outweighs the employer's interest in making vaccination compulsory in the workplace.

However, it is permissible to promote vaccinations of employees. For example, employers can offer vaccinations by company doctors or provide paid time off for the duration of a vaccination. In addition, it is permissible – if controversial – to provide incentives for vaccinations in the form of a bonus. In any event, it is important to avoid discriminating against employees who cannot or do not wish to be vaccinated because of pregnancy, disability or for religious reasons.

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

Covid-19 vaccination is not mandatory. However, based on a newly introduced law,  vaccination is mandatory for employees working at nursing homes and for medical staff (doctors, nurses etc) and employees working at hospitals.

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

It is unlikely that any existing company policy or contractual provision would allow an employer to mandate that its employees be vaccinated. Some contracts may contain a provision that permits an employer to send an employee to a medical practitioner for examination, but this could not be stretched to include requiring an employee to be vaccinated.

However, employees are expected to comply with any “lawful and reasonable” direction from their employer. It is lawful to request that an employee be vaccinated, but there is a question over whether it would be considered reasonable. An employer’s health and safety obligations are often cited as to why such a direction would be reasonable. However, in Hong Kong there have been no locally transmitted covid-19 cases for many months, so a blanket health and safety justification may not be considered reasonable. The reasonableness would largely depend on the particular sector the employee works in, the employee’s role and nature of duties, his or her contact with people and whether the role can be carried out remotely without issue. Certain sectors, such as the hospitality industry or healthcare sector, may be able to justify that it is reasonable to mandate employees be vaccinated due to the high-risk nature of the jobs and the workplace they are in. However, many employers – even in those sectors – have not gone as far as mandating vaccinations. We expect this may be because the government has not mandated the civil service to be vaccinated or legislated that any particular sector should be vaccinated, so employers are being cautious in this regard.

If an employee refuses to receive a covid-19 vaccination, an employer cannot force the employee to be vaccinated. It could decide to do one of several things:

  • dismiss the employee for failure to follow a lawful and reasonable direction (if indeed the direction is lawful and reasonable) and taking into consideration whether the employee has any protected characteristic that would give rise to them being able to bring an indirect discrimination claim;
  • request that the employee undergo regular covid-19 testing instead;
  • agree with the employee that they can temporarily work from home (if that is possible given the employee’s role): and
  • agree to a change of role for the employee (if their current role requires being in the workplace).

This is not an exhaustive list.

Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

Vaccination in India is voluntary. Employers cannot legally mandate employees to receive a covid-19 vaccination. 

Employers may, however, refuse the entry of employees to the workplace if they are not vaccinated. However, it may not be possible to cut wages or terminate employment on the basis that an employee is not vaccinated.

Please refer to our article published in the International Employment Lawyer on this topic, including recent case law in India. This is an evolving area and we expect more developments in due course.

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

Realistically, no. There is no specific prohibition on employer-mandated vaccination in Ireland, but it will be difficult for employers to justify making vaccination mandatory under existing Irish employment law principles. Employers can, however, encourage employees to get the vaccine.

Employer-mandated vaccination presents several significant risks to employers: breaching the implied term of trust and confidence in employment contracts, giving rise to constructive dismissal claims; legal arguments that the requirement is an unconstitutional encroachment upon an employee’s private life; data protection issues; and discrimination risks.

Current government guidance, as set out in the Work Safely Protocol is that the decision to get a vaccination is voluntary and that workers should therefore make their own decisions in this regard.

However, the guidance does recognise that there may be certain circumstances where it is deemed that an unvaccinated worker is not safe to perform certain work tasks and in such circumstances, the employer may have no option but to redeploy the worker to another work task. Any such decision needs to be agreed upon between the employer and a medical practitioner in consultation with the worker.

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

As a general rule, employers cannot require employees to disclose their vaccination status. On the other hand, according to the current Italian Covid-related legislation, the company’s occupational doctor could decide to consider the vaccine as a condition for working in the office and/or consider unvaccinated employees as unfit or without the necessary requirements for gaining access to the office (without specifying the reason to the employer). In this hypothesis, the employer should verify whether the employee can work remotely or can be assigned to different duties and, if none of the above options are available, the employer may also suspend the employee without remuneration (once he/she has used up the accrued paid leave and holidays). In this respect, recent Italian case law on this matter (Tribunal of Modena of 19 May 2021 and Tribunal of Rome of 27 July 2021) stated that employees have an obligation to actively cooperate with employers in relation to health and safety in the workplace and that a violation of this obligation may entail consequences for the employment relationship, including the employee possibly being exempted from performing the work activity with no remuneration, confirming in such cases the legitimacy of an employee suspension by the employer.

However, in some hypothesis Italian law requires employees to be vaccinated to carry out their activity or requires to have specific certification to enter company’s premises (see answers below).

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

Employers are not authorised to mandate or demand employees to receive a covid-19 vaccination. If an employee refuses the covid-19 vaccine, their employer may not terminate their employment contract or impose any other sanction. However, employers may implement preventive measures according to the provisions for the reopening of workplaces, which employees must comply with. If an employee does not comply with such preventive measures or policies, their employer can terminate the employment contract with justifiable cause. It is important to mention that the employer must have abundant evidence of a policy breach by the employee for the termination to be justifiable if a lawsuit were to be filed by a dismissed employee.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

No, vaccination against covid-19is not compulsory in Portugal, not even for so-called risk groups such as medical personnel or social workers. For the time being, employers cannot force employees to be vaccinated or ask them to provide information on their vaccination status; they can only recommend vaccination. Without the Portuguese parliament passing a law making vaccination compulsory, no private or public entity can force its employees to get vaccinated.

Furthermore, to implement a compulsory policy, employers would most likely have to obtain vaccination certificates from their employees, which would be unlawful under the Portuguese labour law.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

No, they cannot require it. Indeed, employers are not even permitted to ask their employees whether they are vaccinated.

This is personal health data, which is a special category of personal data under article 9 of the GDPR, and its processing is subject to stricter requirements than ordinary personal data.

As such information is not necessary for carrying out the employee’s obligations under the employment contract, and there is no legal authorisation for employers to process such data, employers cannot ask for this information and, if employees voluntarily provide it, employers cannot implement any measure for employees based on it. If employers implement any such measure, it could be deemed null, as it could be seen as a retaliation against the right to refuse vaccination.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

There are no statutory regulations regarding vaccination requirements in Sweden. However, an employer cannot compel an employee to get vaccinated, and as a main rule, a refusal by an employee to get vaccinated does not constitute a basis for termination of employment. A requirement by an employer for employees to get vaccinated has not been tried legally, but the possibility to demand an employee to get vaccinated is likely very limited. That being said, pursuant to the Work Environment Act, employers must take all necessary measures to avoid risks of injury or ill-health at work. If no other measures than the vaccine are available to ensure a safe environment (eg, other protective measures such as social distancing, wearing face masks or cleaning are deemed inadequate), and if the business cannot eliminate the risk of infection through other protective measures such as working from home, it may be justified to require employees are vaccinated to work from the office. A refusal to get vaccinated by the employee may in such a case have consequences for their employment; for example, the employer may be entitled to move the employee to another position. Such measures shall only be taken if there are special reasons for doing so, based on the needs of the business. The nature of the business will be of importance when making such a legal assessment; for example, if the nature of the work performed justifies such a requirement (health workers in certain medical fields). The legal assessment must thus be made based on the circumstances in each case.

It is important to note that a refusal does not automatically mean that the employer may terminate the employee. The employer must observe the formal rules in the Swedish Employment Protection Act and ensure that there is "just cause" for termination. This would, inter alia, include an obligation to review and offer the individual any free positions within the company the employee is qualified for (and for which the employee doesn't need to be vaccinated for work environment reasons) before termination of employment can come into question and the threshold for just cause for termination may be reached. 

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

Generally speaking, employers must take measures to protect the health of employees. However, in principle, they are not entitled to require employees to be vaccinated, unless there is an overriding interest based on the principle of proportionality. Thus, an obligation to get vaccinated could only be imposed if other measures alone are not sufficient to protect employees and prevent transmission of the virus, such as in the health sector (eg, hospitals and nursing homes), which is often cited as an example where an exception may apply.

If vaccination can be mandatory and if an employee refuses to be vaccinated, their employer could terminate the employment contract. That decision must be proportionate and must be based on the specific circumstances of the case.

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

As per the Constitution, a person’s physical integrity cannot be interfered with except for medical necessity and exceptions set out by the law. As the covid-19 vaccination is not defined as a mandatory vaccine under the applicable laws, employers cannot make vaccinations mandatory for employees in principle. Indeed, the Ministry of Health announced that covid-19 vaccinations are voluntary.

The only mandatory vaccine under the current legislative framework is the smallpox vaccine.

The majority of Turkish academics take the view that termination for refusal to take a vaccine would not constitute rightful or valid grounds for termination. It also would not comply with the principle of termination being the last resort, as employers may proceed with other options such as encouraging employees to get vaccinated or implementing remote working. However certain academics argue that refusing to take a covid-19 vaccine may be valid grounds for termination in exceptional cases (such as employees in elderly care institutions).

Recently, the Ministry of Labour and Social Security issued a general letter regarding vaccination and testing policies that employers may apply in workplaces. The letter suggests the employers should: (i) inform all employees about protective and preventive measures against potential health and safety risks at the workplace; (ii) provide separate information in writing to employees whose covid-19 vaccinations are not complete; (iii)  inform unvaccinated employees about the potential results of receiving a covid-19 diagnosis due to unvaccination within the scope of the labour and social security legislation; (iv) require that unvaccinated employees have regular PCR tests once a week as of 6 September 2021; and (v) record the test results at the workplace for any necessary action.

The fact that these arrangements were introduced by a letter from the Ministry has been highly criticised by legal academics and practitioners, and legislators are expected to bring a law into force soon.

Last updated on 21/09/2021

Flag / Icon

United Kingdom

  • at Littler

In almost all cases, no, an employer could not issue such a requirement or mandate. However, this answer needs to be read in conjunction with the answer to question 9, below.

Absent specific legislation enabling them to do so, employers who attempt to force their staff to be vaccinated may face potential constructive dismissal claims, data protection issues, and discrimination allegations.

At the time of publication this issue remains a highly controversial one, producing significant public debate, and the legal position may change quickly.

Specific legislation dealing with this issue is very limited. In the care homes sector, regulations have been promulgated requiring staff to be vaccinated, with effect from 11 November 2021. Guidance has also been issued by the relevant Government department to assist employers with implementing the new legal requirements: see here.

Without specific legislation, the general legal position in the UK is that an employer has a legal right to issue “lawful and reasonable” instructions to employees, which they are required to comply with. Although the position has not yet been tested before the UK’s courts and tribunals, it is unlikely that a generic requirement or mandate for employees to be vaccinated would meet this test.

There may be a case for making vaccines mandatory for specific workers undertaking specific activity in certain health-care-related roles; however, again in the absence of legislation the issue is not so much whether the employer can mandate vaccination as opposed to what steps the employer is entitled to take if an employee is not vaccinated. Even if a case could be made for requiring staff to be vaccinated, an employer would need to carefully consider issues relating to data protection and discrimination.

Finally, ACAS has issued recent guidance on supporting staff through the vaccination process: see here.

Last updated on 21/09/2021

Flag / Icon

United States

  • at Littler
  • at Littler
  • at Littler

Federal anti-discrimination laws don't prohibit employers from requiring all employees who physically enter the workplace to be vaccinated for covid-19, accommodations must be made for those with religious objections or a disability.  Another option is to consider having employees show vaccination proof or submit to weekly covid-19 testing, wear masks, and keep physically distant from other workers and visitors.  Employers can also encourage and incentivise employees to get vaccinated by offering prizes, developing vaccination education campaigns, offering vaccinations on-site, covering any costs that might be associated with getting the vaccine, or providing paid time off for employees to get the vaccine and recover from any potential side effects. However, state lawmakers have introduced dozens of legislative proposals to make it harder for employers to require that employees get a covid-19 vaccine.

Up-to-date information on the USA’s response to the pandemic, including State-level news and developments, can be found at Littler’s covid hub here.

Last updated on 21/09/2021

09. What are the risks to an employer making entry to the workplace conditional on an individual worker having received a covid-19 vaccination?

09. What are the risks to an employer making entry to the workplace conditional on an individual worker having received a covid-19 vaccination?

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

As mentioned in questions 7 and 8, Resolution No. 4/2021 established that employees who choose not to be vaccinated must act in good faith and do everything they can to reduce the health risks their decision may cause to employers. Therefore, employers may limit entry to the workplace to employees who have received a COVID-19 vaccination. Please bear in mind the recommendations mentioned in questions 7 and 8 above.

Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

Unless a specific public health order allows an employer to impose such a condition on entry to its facilities (and these have been imposed by employers in certain sectors, including the aged-care sector), employers should avoid doing so as this could infringe anti-discrimination laws, and give rise to claims that an employee has suffered an adverse action.

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

Employers may ask about their employees’ vaccination status. This is since the employer’s interest in the employee’s vaccination status is greater than the employee’s personal rights. Workers are obliged to answer truthfully.

The employer may even make entry to the workplace conditional on employees’ vaccination status and is entitled to link the return to the workplace to proof of a covid-19 vaccination. This action is objectively justified provided vaccination reduces the risk of infection with covid-19 for other workers.

However, a separate question to ask is whether an unvaccinated employee is entitled to remuneration during a lockout. This assessment is to be made on a case-by-case basis. Since there is no legal basis for compulsory vaccination, a balance of interests must be made here. Many aspects play a role when balancing the interests of the employer and individual workers. For example, if there is a home-office agreement with a white-collar worker, the employer may link the return to work to changed conditions and therefore to proof of a covid-19 vaccination. In the case of blue-collar workers (or white-collar workers without a home-office agreement), however, a lockout with retention of salary will not be justifiable. The legislature currently provides three options to prove that there is no infection. A negative test result, proof of vaccination and a confirmation of a covid-19 recovery (3-G proof) are suitable ways of providing evidence here. Employers are not entitled to unilaterally impose stricter conditions without objective justification and will need to accept all three options. Furthermore, one must also consider the individual situation of the worker. Some workers are simply unable to have vaccinations for health, religious or ethical reasons. Therefore, if employers opened their business only to vaccinated workers, they might also have to pay workers who have been locked out, without receiving any work performance.

Last updated on 21/09/2021

Flag / Icon

Belgium

As stated above, the employer risks a violation of the GDPR and the Anti-discrimination Act.

In principle, the GDPR prohibits the processing of sensitive data regarding the health status of persons, unless there is a valid ground for such processing. As employees cannot freely give their explicit consent for this processing to their employer (as per their hierarchical relationship), such processing would require a legal basis, which does not exist. A violation of the GDPR could result in a fine by the Belgian Data Protection Authority (up to 20 million euros). The Belgian Data Protection Authority has confirmed that without a legal basis, it is not possible to process data on the vaccination of employees.

Next, such a condition could be seen as discrimination based on health status, according to the Anti-discrimination Act of 2007. However, a distinction based on health status can be justified by a legitimate aim and when the measures to reach this aim are appropriate and proportional. One could argue that the prevention of the spread of covid-19 is a legitimate aim and that an obligation to get vaccinated is appropriate. However, some would state that mandatory vaccination is not proportionate, as employers can take other measures (eg, social distancing, teleworking) to prevent the spread of the virus. At least Unia does not seem to believe that a mandatory vaccination can be justified. A discrimination claim could, for example, result in a damages claim (lump-sum compensation of three to six months’ salary). A legal basis for mandatory vaccination would take away this risk of discrimination.

The Federal Public Service of Work also notes that a mandatory vaccination would violate the Act of 22 August 2002 regarding patients’ rights. This Act provides for freedom of choice for all patients undergoing medical treatment.

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

Considering by analogy the Supreme Federal Court’s decision on the possibility of federal, state and municipal authorities imposing restrictive measures for citizens who refuse vaccination and health and safety rules in the workplace, we understand that there may be grounds to defend a policy allowing only employees who have been vaccinated to access the office, as long as those who are not vaccinated can still work from home without major consequences (such as termination). That being said, the main risk would be having those employees who have not received a covid-19 vaccination argue that they have been discriminated against and claim for an award of damages for pain and suffering – especially if they are subject to discipline (including termination).

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

For employees for whom vaccination is not mandatory, employers cannot make entry to the workplace conditional on vaccination, nor can they threaten to dismiss the employee if they have not had the vaccine.

If an employer makes the return to the company premises conditional on vaccination, they are violating the employees’ privacy and medical confidentiality, and employees may freely refuse it. In case of dismissal, it could be judged null and void since it may violate the employee's privacy and medical secrecy.

On the other hand, for employees working in the above-mentioned establishments (bars, restaurants, department stores, shopping centres etc.), the employer may make the return of the employee to work conditional on the presentation of a health pass (either a negative PCR test, or proof of vaccination status concerning covid-19, or a certificate of recovery following a covid-19 contamination).

Finally, for health professionals, there will be no risk for the employer. The employer will be able to condition the return to the premises on proof of vaccination status.

Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

Under current law, employers may not make employment conditional on employees being vaccinated. If an employer refuses an employee access to the workplace, the employee is not only entitled to continued payment of salary, but can also enforce his or her right to employment (ie, through an interim injunction to compel the employer to grant access to the workplace and to provide employment). In addition, there is a risk for the employer that the demand for vaccination will be assessed as discrimination, at least in the case of employees who cannot or do not want to be vaccinated because of pregnancy, because of a disability or for religious reasons.

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

See question 7 regarding vaccination and entering the workplace.

Given that covid-19 vaccination is not mandatory (with some exceptions for employees working in nursing homes, hospitals etc), making entry subject to having received a covid-19 vaccination is not lawful and gives employees grounds to raise a discriminatory claim against their employer.

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

If an employer were to implement this condition, there may be employment law and data privacy issues.

The potential data privacy issues are set out in response to question 11 below.

From an employment law perspective, making entry to the workplace conditional on having a covid-19 vaccination may constitute a breach of contract or an unreasonable variation of employment terms, unless it was consented to by the employee or it amounts to a lawful and reasonable direction. If an employee is dismissed as a result of not being able to enter the workplace (eg, they were unable to carry out their full job duties without being in the workplace and were therefore made redundant), this individual could challenge the reasonableness of their dismissal if they have two or more years’ service.

Employees protected by Hong Kong’s anti-discrimination ordinances may also be able to bring claims against their employers if the condition is disadvantageous to them as a group and the individual is also personally affected. For example, if an individual who is pregnant or breastfeeding decides not to receive a covid-19 vaccination because of recommendations from their doctor regarding their baby’s health, and they are refused entry to the workplace, they may claim indirect sex discrimination on the basis that while the condition applies to the entire workforce, it is more disadvantageous to those who are pregnant or breastfeeding as they are less likely to be vaccinated and, in turn, it has disadvantaged her personally. Regarding this individual’s losses, this may be limited to injury to feelings but could also lead to financial loss if this individual missed out on opportunities as a result of not being able to enter the workplace or was dismissed.

The government has not mandated that employees need to be vaccinated to have access to the workplace but it has stated, concerning certain sectors, that if employees are unvaccinated, they will need to be regularly covid-19 tested. This approach seems sensible and justifiable and, therefore, private sector companies may also decide to follow this approach. 

Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

The employer has a right to restrict the entry of any employee to its office premises if the employee is not vaccinated. In such a case, the employee may continue to work remotely.   

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

Where employers can objectively justify restricting access on that basis (e.g. to maintain a safe working environment), the risk of such a restriction being successfully challenged is limited. However, the processing of this data may be problematic from a data protection perspective.

In any event, it does not confer any particular advantage to adopt this approach given that the current official guidance is that normal workplace “covid-secure” measures (eg, mask-wearing and social distancing) will remain applicable for all employees, irrespective of vaccination status.

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

As mentioned above, the company’s occupational doctor can lawfully consider the Covid-19 vaccination as a necessary requirement for entering the workplace. Should employers impose this measure without the intervention of its occupational doctor and prohibit unvaccinated employees from entering the company and work, it may give rise to claims against the employer for demotion and damages.

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

Entry to the workplace could be conditioned on receiving a Covid-19 vaccination as a health and safety measure to prevent the spread of the virus. However, since vaccination is not mandatory, employees who have decided not to get vaccinated have the right to remain active and continue providing services at the employer’s premises or remotely without changes to their employment conditions.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

Employers cannot require employees to provide information regarding their health – namely but not exclusively regarding their vaccination – except when it is strictly necessary and relevant to assess their suitability for work and the stated purpose is provided in writing to employees. Please note that even in such cases, health data would be provided to the occupational doctor – ie, not directly to the employer – who in turn can only communicate to the company an employee's fitness to perform their role.

Therefore, it is unlawful to make entry to the workplace conditional on employees having an optional vaccine such as covid-19, both from a labour and a data protection perspective. Such behaviour can be deemed a very serious breach of labour laws, leading to penalties, orders to cease such conduct, and damages under general civil law principles.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

The employer may face administrative fines for breaching obligations on labour law and personal data:

  • by hiring only vaccinated individuals, the employer’s decision could be considered discrimination against individuals who decide not to get the vaccine; and
  • by asking job applicants whether they are vaccinated, the employer could breach the regulations on personal data. As this is data concerning health, it is a special category of personal data under the GDPR, and its processing is prohibited except in specific cases, which would not apply in this case.

Any of these actions is a very serious breach, leading to labour-related administrative fines ranging from €6,251 to €187,515 (as of 1 October 2021, from €7,501 to €225,018). Additionally, the employer may face administrative fines for breaching the GDPR.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

Requiring employees to be vaccinated in the office may render discrimination claims from employees unable or unwilling to take the vaccine due to characteristics protected in the Swedish Discrimination Act. As mentioned above, an employer cannot compel an employee to get vaccinated. However, the employer must take all necessary measures to avoid risks of injury or ill health at work according to the Work Environment Act. If no other measures than a vaccine are available to ensure a safe environment (where other protective measures such as face masks, safe distancing or similar are deemed inadequate), it could be argued that it is justifiable to ask employees to be vaccinated to work from the office or continue homeworking until the rate of infection has gone down, if this is necessary and proportionate to ensure a safe working environment.

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

Except in the abovementioned exceptional cases, employers prohibiting unvaccinated employees from working would be obliged to pay these employees their full salary, even though they did not perform their work.

In principle, employers do not have a justified reason for processing data relating to the employees' vaccination status (which is considered sensitive data). Processing such data could be considered illegal. The employer can only verify the existence of a covid-19 certificate.

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

As mentioned above, employers are under an obligation to protect their employees. This means that employers should consider the health of employees working at physical premises. On the other hand, as explained above, employers cannot force employees to get vaccinated, and making entry to the workplace conditional on an individual worker receiving a covid-19 vaccination may be construed as pressure by the labour courts.

Please see question 8 regarding the option of requesting mandatory PCR testing.

Last updated on 21/09/2021

Flag / Icon

United Kingdom

  • at Littler

As indicated above in response to question 8, the position has not yet been tested before the UK’s courts and tribunals and remains the subject of vigorous public debate.

Many commentators have highlighted the potential risks of unfair dismissal and discrimination claims by employees against employers, as well as data privacy issues, if employers make entry to a workplace subject to vaccination. These issues are discussed below.

Insisting on vaccination as a requirement to return to a physical work location may lead to the following employment law risks:

  • if an employee believes the requirement is an unreasonable demand, it can trigger them bringing a potential “constructive” dismissal claim if they refuse to comply with it and resign in protest, or an “ordinary” unfair dismissal claim if they refuse and are dismissed. As there has been no judicial consideration of this issue, we do not currently know in what circumstances such a requirement would be deemed unreasonable; and
  • if the requirement is a blanket requirement without exceptions, it can give rise to potential discrimination claims, the most obvious of which are as follows:
    • if the employer does not make reasonable adjustments for staff with health issues who cannot be vaccinated, it could trigger a potential disability discrimination claim;
    • if a staff member cannot comply with the requirement because of a religious or similar belief, it may give rise to an indirect discrimination claim for this reason; and
    • similarly, a blanket requirement could indirectly discriminate against younger staff as, at the time of writing, not all over 18s will have been offered both vaccinations. In this context, it should be kept in mind that the general position is that the UK’s age discrimination legislation does not just protect older workers or workers over a particular age (such as workers aged at least 40) but can extend to all age groups. The particular issue with younger staff and vaccines should improve by the end of September 2021 when the government has said that all adults will have been offered both doses. Employers can consider making adjustments to the policy (such as allowing regular testing instead of double vaccinations).

Assuming there is no specific legislation enabling an employer to do this, the risks of making entry to the workplace conditional on individual vaccination may be mitigated somewhat if:

  • there is a specific and strong justification for the requirement, rather than just a generic desire on the part of the employer, that other COVID-safe working practices cannot achieve. This justification should be supported by the outcome of a properly considered risk assessment;
  • steps are taken to mitigate the impact on employees who cannot, for health reasons, comply with the requirement; and
  • there is an alternative working arrangement available to those who do not, or cannot, comply with the requirement (such as continuing to work from home).

Where employers can objectively justify restricting access on the above basis, the risk of such a restriction being successfully challenged by an employee will be reduced. However, it must be emphasised that this issue remains wholly untested in the UK judicial system.

There is a further, ancillary issue, relating to data protection. The ICO has issued guidance essentially to the effect that although employers may undertake spot-checks of employee vaccination status, in most cases it is far less likely to be justifiable for employers to retain a record of any employee’s vaccination status: see question 11 below, and also see here.  

Last updated on 21/09/2021

Flag / Icon

United States

  • at Littler
  • at Littler
  • at Littler

While federal anti-discrimination laws don't prohibit employers from requiring all employees who physically enter the workplace to be vaccinated for covid-19, accommodations must be made for those with religious objections or a disability through alternative measures. Those can include getting tested weekly or working remotely.  In addition, state law is rapidly evolving in this area and we have seen a steady increase in worker lawsuits that are filed on the basis that treating unvaccinated people differently is discriminatory or unlawful. 

Up-to-date information on the USA’s response to the pandemic, including State-level news and developments, can be found at Littler’s covid hub here.

Last updated on 21/09/2021

10. Are there some workplaces or specific industries or sectors in which the government has required that employers make access to the workplace conditional on individuals having received a Covid-19 vaccination?

10. Are there some workplaces or specific industries or sectors in which the government has required that employers make access to the workplace conditional on individuals having received a Covid-19 vaccination?

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

At present, no. However, please bear in mind the considerations mentioned in questions 7 to 9, and that each sector may have its own specific requirements.

Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

Yes, operators of health, aged and disability care facilities are subject to public health orders which make vaccination against covid-19 a requirement of entry.

Whether an employer would be justified in terminating employment based on an employee’s refusal to be vaccinated will depend on the particular circumstances, and an employer would be required to follow a proper process before making any such decision (including allowing the employee the opportunity to be heard before a decision is made that might affect their employment.

We note the Fair Work Commission, Australia’s employment relations tribunal, has upheld the termination of an aged-care receptionist who refused an influenza vaccination. The decision to terminate the employment was made in the context of a public health order that no one was allowed to enter the facility operated by the employer without an up-to-date influenza vaccination to ensure the safety of its clients. We consider this decision serves as a precedent for those employers who are subject to public health orders concerning covid-19 and faced with employees refusing to receive the covid-19 vaccination.

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

In principle, there is already the legal possibility to impose vaccinations for certain professions in the health sector. However, this option has not been exercised yet. There is no legal basis for compulsory vaccination in most sectors.

In certain sectors, customers must provide a negative test result, proof of vaccination or a confirmation of a covid-19 recovery (3-G proof) to enter a certain facility. This applies, for example, to restaurants, the accommodation industry, close-contact services, leisure facilities, residential facilities, nursing and care facilities and cultural institutions. In this regard, employers are well-advised to require the same standard of testing (3-G Proof) of their workers. In most of the aforementioned sectors, this is compulsory anyway.

To sum up, there is no explicit regulation stipulating that only vaccinated workers may enter the workplace. Vaccination is just one of three options you can choose from to enter certain facilities. The same applies to workers in most cases.

Last updated on 21/09/2021

Flag / Icon

Belgium

Until now, there have been no such requirements.

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

On a state level, some specific sectors considered “essential” (meaning that they continued to operate normally – or were hardly affected – especially at the beginning of the pandemic) had their vaccination schedules prioritised, by the state government, over the rest of the population (eg, health professionals, public transportation drivers and teachers). In spite of that, proof of actual vaccination was not a requirement for individuals in these sectors to keep working during the pandemic.

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Please see above (questions 8 and 9) regarding the workplaces and specific industries concerned by making the access to the workplace conditional on individuals having received a Covid-19 vaccination.

Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

No.

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

Vaccination is mandatory for specific categories of employees (see above) as well as all employees working at public and private hospitals. Employees of the health and care sector cannot duly provide their services if they are not vaccinated and their employer is released from their obligation to pay salaries.

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

The government has not required this expressly. However, for certain industries, such as the catering industry, it has introduced arrangements to allow restaurants and bars to expand their business hours and the number of customers permitted per table depending on the vaccination status of their employees. For example, if all of the establishment’s staff have been fully vaccinated, they may be able to operate at a higher capacity for longer hours.

Similarly, the government has not mandated that civil servants or those in the education sector must be vaccinated to access the workplace, but has said that they must be regularly tested if they are not vaccinated.

Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

No, not in general. However, an order has been issued directing district health authorities in Tamil Nadu (Chennai) to ensure complete vaccination of all employees and their family members in respect of all workplaces in the State[2]. The Chief Commissioner of the Bangalore municipal authority (BBMP) has issued a circular on 26 August 2021 stating that employers of commercial establishments, industries, hotels and restaurants and other offices within BBMP jurisdiction must ensure their employees are vaccinated[3] and also ensure regular testing.

However, in a recent judgment, the Meghalaya High Court stated that it is unconstitutional for government authorities to make vaccinations mandatory for individuals at the cost of their livelihood, given existing judgments by the apex court in India considering “right to livelihood” a part of “right to life” under Article 21 of the Indian Constitution. This decision was followed in a Gauhati High Court order (Aizwal Bench) and similar views were taken by the Manipur High Court and Gauhati High Court (Kohima Bench) on state directions regarding mandatory vaccination of individuals. As a result, the constitutionality of a government mandate, such as the one issued by the public health authority in Tamil Nadu and the BBMP commissioner for vaccination of individuals, is debatable.


[2] Guidelines issued by the Tamil Nadu Director of Public Health dated July 24, 2021 available at: https://drive.google.com/file/d/1GNLtFc-QTnhx1_QPmFd56aTeCPlFWdRk/view?usp=sharing

[3] https://drive.google.com/file/d/19_1A7CtE2Qdy7Fbeihrsh9PHpEAHy8RE/view?usp=sharing

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

Not yet. At present, indoor dining is confined to individuals who can provide proof that they are fully vaccinated or that they have recovered from COVID-19 within the previous six months. However, this restriction only relates to customers rather than staff, and so there is no obligation on restaurant or pub staff to be fully vaccinated to gain access to their workplace.

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

Yes. Under the provisions of article 4 of Legislative Decree No. 44/2021, health operators have a legal obligation to be vaccinated against Covid-19 to perform their work.

Moreover,  a new Decree Law  published on 21st September 2021 provides that from 15th October to 31st December 2021, the so-called Green Pass will be required to access the workplace to all employees of the private and public sector.

The Green Pass is the EU certificate which states that the individual has received two doses of the covid-19 vaccination, has recovered from coronavirus, or has tested negative for covid-19 in the previous 48 hours).

Employees who do not have the Green Pass will not be entitled to enter into the workplace and will be considered AWOL (absent without leave) without being entitled to receive their salary until the employee acquires a Green Pass or in any case until 31 December 2021.

Failure to comply with the obligation to check the Green Passes will entail a penalty from 400 to 1,000 euros (doubled in case of repeated violation). 

If the employee accesses the workplace without the Green Pass, he/she may also be subject to an administrative sanction ranging from 600 to 1,500 euros and could also be subject to disciplinary sanctions.

Guidelines for employers and employees are expected from the Government to clarify several doubts created by the new piece of legislation.

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 24/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

No, the government has released a covid-19 FAQ where they clarify that vaccination is not mandatory.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

No, there are not.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

No, there are not.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

There are no such requirements for any sector. There are currently no recommendations from relevant Swedish authorities that employers should treat unvaccinated employees differently to vaccinated employees.

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

No. However, with cases of covid-19 on the rise, the question of whether people working in specific fields, such as the health sector, should be required to be vaccinated is hotly debated.

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

No. As mentioned above, the Ministry of Health has stated that the covid-19 vaccination is available voluntarily. Also, according to the Ministry of Labour and Social Security’s general letter, mandatory PCR testing is regulated as a voluntary mechanism at the employer’s discretion, considering different working methods in all workplaces.

On the other hand, the Ministry of Internal Affairs issued a separate circular, which regulates mandatory PCR testing for certain activities. As per the said arrangement, unvaccinated persons must have proof of a negative PCR test result conducted within the past 48 hours before attending collective activities such as a concert, cinema and theatre; or undergoing intercity travel by plane, bus, train or other means of public transportation, except for private vehicles. In this regard, business managers or organisers must query the attendee’s vaccination status or medical history (for the immunity period scientifically acknowledged for covid-19) or a negative PCR test result conducted within the past 48 hours. The attendees who either have not recovered from covid-19 or fail to provide a negative PCR test result will not be allowed to conduct that activity. It may be possible to say that, in addition to the attendees, employees who facilitate these activities can also be requested to provide a negative PCR test result, if they are unvaccinated.

Likewise, the Ministry of Education introduced a similar practice at schools. Accordingly, all unvaccinated school staff who encounter students face-to-face must undergo mandatory PCR testing twice a week.

In addition to the above, according to the Ministry of Internal Affair’s circular, governorates or district governors will be entitled to introduce PCR testing enquiries regarding the persons who have not been vaccinated or recovered from covid-19 attending other activities and events with a decision to be rendered by the Provincial or District Public Health Council. Therefore, it is expected that the scope of mandatory PCR testing for unvaccinated persons will be expanded.

Last updated on 21/09/2021

Flag / Icon

United Kingdom

  • at Littler

Yes.

The UK Department of Health and Social Care recently amended applicable regulations (the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014) to make it mandatory for all care home workers and other visiting professionals to be fully vaccinated against covid-19, unless they have an exemption or there is an emergency. The changes will take effect from 11 November 2021.

More information on this can be obtained from the Care Quality Commission (the relevant regulator): see here.

Last updated on 21/09/2021

Flag / Icon

United States

  • at Littler
  • at Littler
  • at Littler

Yes, this includes the healthcare industry, as well as some federal and municipal agencies.

Up-to-date information on the USA’s response to the pandemic, including State-level news and developments, can be found at Littler’s covid hub here.

Last updated on 21/09/2021

11. What are the key privacy considerations employers face in relation to ascertaining and processing employee medical and vaccination information?

11. What are the key privacy considerations employers face in relation to ascertaining and processing employee medical and vaccination information?

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

According to Resolution No. 4/2021, employees may present a reliable proof of vaccination, or state (as an affidavit) the reasons why they were not able to take a vaccine, as applicable. Therefore, employers are entitled to enquire about an employee’s vaccination status (even though it is considered sensitive data according to PDPL).

However, employers may not use this information to discriminate between employees, as this may expose the employer to potential claims and, eventually, constructive dismissal liability.

In addition, employers may collect and store such documentation according to the provisions established in PDPL (please see question 2 above).

As mentioned previously, it is recommended that employers request the information in Spanish to avoid unnecessary misinterpretation. If the employee does not speak Spanish, it is also recommended that a dual language is used. The Spanish version will always prevail in the event of a dispute.

Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

Employee privacy is generally protected under both international privacy laws and, in most cases, national-level laws that protect against intrusion of individual privacy and regulate the collection, storage and use of personal information.

Australian employers will only be able to collect information about an employee’s vaccination status in very limited circumstances, and generally only if the employee consents and where the collection of that information is necessary to maintain a safe workplace.

Employers in certain sectors, such as health, aged and disability care, may be allowed to collect information about a worker’s vaccination status without consent, as such collection may be required or authorised by law to ensure the safety of vulnerable potential contacts within facilities in those sectors.

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

Employers are entitled to ask workers about their vaccination status. Since this information contains sensitive data, employers may not store this information longer than is required. However, employers might be obliged to inform co-workers or third parties, due to an identified infection of a worker.

Furthermore, employers are required to take appropriate technical and organisational measures to protect this information.

Last updated on 21/09/2021

Flag / Icon

Belgium

Employers are not entitled to ask their employees about their medical or vaccination status. If employers were to require employees to share this information, they would violate the right to privacy of the employees and the rules of the GDPR.

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

There are two main concerns when dealing with the processing of employees’ medical and vaccination information. The first one relates to the processing itself: under the Brazilian General Data Protection Law, the legal basis for processing that information would be either “protection of life” (eg, a safe and healthy workplace) or “compliance with the law or regulatory rules” to the extent that employers have the legal duty to promote a safe and healthy workplace. Moreover, companies are advised to keep access to information concerning one’s health as limited as possible and for as long as that information is useful (ie, for a determined period). Companies should also collect that sort of information in an anonymous form to mitigate risks in connection with violation of privacy (eg, an unauthorised person who has access to that information). The second one concerns employers’ ability to enquire on an employee’s vaccination status: there is still no consensus as to the legality of such a practice; however, taking into account employers’ general obligation to ensure a safe and healthy workplace and that labour courts and the Labour Public Prosecutor have considered termination of employees who refused to get vaccinated valid, we understand that there would be grounds to support the legality of ascertaining employees’ medical and vaccination information.

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Moreover, regarding the processing of data relating to an employee’s vaccination, the CNIL has not yet issued a directive on the specific subject of the processing of employee vaccination data by employers. Because of their sensitive nature, data relating to employee health are subject to special legal protection: they are in principle prohibited from being processed. Employers, therefore, may not keep a list of vaccinated employees, or disclose the names of those who do not wish to be vaccinated.

In fact, according to the CNIL, "because of their sensitive nature, data relating to a person's health are subject to special legal protection: they are in principle prohibited from being processed. In order to be processed, its use must necessarily fall within one of the exceptions provided for by the GDPR, thus guaranteeing a balance between the desire to ensure the security of individuals and respect for their rights and fundamental freedoms. Moreover, their sensitivity justifies that they be processed under very strong conditions of security and confidentiality and only by those who are authorized to do so.

The exceptions that can be used in the context of work are limited and can generally be based on either :

  • the need for the employer to process this data to meet its obligations in terms of labour law, social security and social protection: this is the case for the processing of reports by employees,
  • the need for a health professional to process such data for the purposes of preventive or occupational medicine, (health) assessment of the worker's capacity to work, medical diagnoses etc.

For these reasons, employers who would like to initiate any steps aimed at ascertaining the state of health of their employees must rely on the occupational health services.

The CNIL points out that only competent health personnel (in particular occupational medicine) may collect, implement and access any medical forms or questionnaires from employees/agents containing data relating to their health or information relating in particular to their family situation, their living conditions or their possible movements"

However, we find these exceptions difficult to apply in the context of covid-19.

For employees subject to mandatory vaccination, the law allows the employer, or regional health agency if applicable, to store the result of the check on the proof of vaccination status.

Please note that the employer may not keep the proof of vaccination. In other words, the employer may not keep the QR code, only the “Yes/No” result of the test. Keeping the result is limited in time (currently until 15 November 2021).

The information thus collected is personal data subject to the General Data Protection Regulation (GDPR).

Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

Data that an employer collects to draw inferences about an employee's health is special category personal data. Such data is granted special protection under the General Data Protection Regulation and the German Federal Data Protection Act. The collection and processing of employee health data for the employment relationship is only permitted if the employee consents, or if it is necessary for the exercise of rights or to meet legal obligations under employment law and if there is no reason to assume that the interests of the employee involved in the protection of his or her data prevails. In case of doubt, a distinction will have to be made according to the type of information and the environment in which the employee is employed. The following applies: since an employer is obligated under its duty of care, specifically according to the Corona Occupational Health and Safety Ordinance and the SARS-CoV-2 Occupational Health and Safety Regulation, to take effective measures to protect employees’ health following a risk assessment, it is, in any event, authorised to collect such health data as is necessary for the effective implementation of protective measures.

Based on these principles, the employer is entitled to ask questions regarding the Covid-19 vaccination only in the healthcare sector (ie in doctors' practices and clinics). Outside these areas, it is permissible to ask whether the employee has symptoms of covid-19. It is equally admissible – albeit contentious – to ask whether a worker is currently ill with covid-19. This is because, without knowledge of the specific danger of an illness, the employer cannot take any special protective measures and might endanger other employees and third parties by employing that employee. A question about vaccination status will only be permitted where workers are employed in special areas (eg, electricians in hospitals) or where customers require that only vaccinated workers are employed.

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

Medical and vaccination information falls within a special category of data (ie, data concerning health) according to article 9 of the GDPR. Against this background, it can be only processed in exceptional circumstances by relying on one of the following potential legal bases:

(i) it is provided for in a specific legal provision as a respective obligation either for employers of a specific sector or for all employers (article 9(2)(b) of the GDPR); 

(ii) it is deemed necessary so that the employer meets their obligation to protect employees’ health and safety in the workplace, under the provisions of article 9(2)(b) of the GDPR and Greek Law 3850/2010; or

(iii) the employee voluntarily discloses vaccination-related information to the employer, so that transmission of data falls within the scope of article 9(2)(a) of the GDPR.

Moreover, employers must comply with fundamental data-processing principles (article 5 of the GDPR) and any other obligation provided for under the GDPR when processing special categories of personal data as data controllers. In particular, data minimisation and storage limitation principles must be observed by employers. In addition, employees have to be previously informed according to article 13 of the GDPR of the processing of their personal data and appropriate technical and organisational measures must be implemented according to article 32 of the GDPR (eg, restricted access to data, confidentiality etc).

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

Employers must ensure that they provide their employees with a Personal Information Collection Statement (PICS) before collecting their personal data in respect of medical and vaccination information, which sets out how they will collect, use and transfer the employees’ medical and vaccination data. It may be that an employer has already issued employees with PICS that cover the provision of medical and vaccination information for the specific purposes now required, but the wording should be carefully checked before relying on it, to ensure it definitely covers the current circumstances.

Under the PDPO, employees should be notified of the purpose for which their personal data is being collected and the personal data should only be used for that purpose. If, once the personal data has been collected, the employer then wants to use it for a different purpose, it will be necessary to seek the employees’ consent to it being used for that alternative purpose. An example may be that an employer notifies employees that it is seeking their medical and vaccination information for monitoring purposes only and later decides that it wants to use that information to devise a return to office strategy and determine whether to dismiss certain employees. In this situation, the employer would need to notify its employees of these alternative purposes and ask each of them to provide their consent to their personal data being used for these new purposes. If the employees refused to provide consent, then the employer would not lawfully be able to use the personal data for the new purposes and, if it did, it would be in breach of the PDPO.

The PDPO also requires employers to obtain no more personal data than is necessary for the purposes it is collected. For example, with a vaccination record, it may not be necessary for the employer’s purposes to know what type of vaccination an employee had and, as such, this information should not be collected.

Employees must also be notified of whether it is mandatory or voluntary to provide their personal data and, if it is mandatory, the consequences if they decline to provide it. For example, with vaccination information, an employer may inform employees that it is mandatory to confirm whether or not they have been vaccinated and, if they decline to do so, they will be treated as unvaccinated for internal policy and strategy purposes.

Employers are required to inform employees of the classes of persons to whom the data may be transferred. For example, if an employer wanted to use vaccination data to provide those who had been vaccinated with some form of benefit, the employer may need to provide the employees’ vaccination data to the third party who provides that benefit. Transferring personal data outside of Hong Kong is not currently prohibited or restricted, but employees should be notified if the data is to be transferred to a third party outside of Hong Kong (eg, a subsidiary or holding company of their employer).

Employees need to be informed of their right to request access to their personal data and employers must take precautions to protect personal data from leakage or unauthorised access, and only retain the data for a reasonable period that is necessary for its purpose.

Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

An employee’s medical information and history (in electronic form) is treated as SPDI under Indian privacy law, for which employers need to comply with the applicable data privacy requirements, such as procuring consent from the concerned individuals, adopting, publishing and complying with a privacy policy for collection, and processing or storage of such SPDI.

Additionally, where employers are required to disclose such data to any third parties (eg, manpower service providers may be required to disclose employee SPDI concerning covid-19 symptoms to clients to whom their employees are assigned), they should ensure that their privacy policy covers such disclosure of SPDI of employees to third parties and it receives specific consent from the concerned employees providing their SPDI to third parties. The employer in this situation should also contractually ensure that the third party receiving such SPDI complies with the applicable data privacy norms.

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

Information about a person’s vaccination status is special category personal data for the purposes of the GDPR. It represents part of their personal health record and is afforded additional protections under data protection law.

The Data Protection Commissioner has issued guidance stating that the processing of information about an employee’s vaccination status is unlikely to be necessary or proportionate in most employment situations (see here), except potentially in industries which have a very obvious, urgent and direct safety need (such as the provision of frontline healthcare services) or the Irish government introduces new measures requiring employers to process this data.

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

Only the company occupational doctor is entitled to process any health data concerning employees, as expressly clarified by the Italian Data Protection Authority (DPA). Circular no. 198 of May 13th, 2021 issued by the Italian Data Protection Authority (“Documento di indirizzo”), referring to the implementation of the voluntary vaccination campaign in the workplace, clarified that “employers shall not be allowed to collect, directly from the employees concerned, through the occupational doctor, other health professionals or health facilities, information on all aspects relating to the vaccination, including whether or not the employee intends to adhere to the campaign, whether or not the vaccine has been administered and other data relating to the employee's health condition”. Moreover, the Italian DPA has recently confirmed this principle in Circular no. 273 of July 22, 2021 (i.e. that employers cannot directly process the data regarding the vaccination of employees), also in order to avoid any kind of direct and indirect discrimination based on an employee’s decision to be vaccinated or not.

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

Under the Federal Law for the Protection of Personal Data in Possession of Private Individuals or Entities, employers may obtain and treat employees’ personal data without having to obtain consent if such information is required for compliance with employers’ and employees’ obligations. As employers are obliged to implement all necessary measures to prevent workplace accidents and disease outbreaks, we believe that employers are entitled to gather and process such information, if required, to comply with these obligations. Employers must always treat this information and data as confidential.

Notwithstanding the above, employers must provide or make available to employees the data privacy notice through which it is established that their data, including but not limited to health information, may be gathered and processed to comply with the obligations derived from the employment relationship.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

See question 9.

In addition to the aforementioned rules for processing employee’s health data, from a personal data perspective, the processing of special categories of data (vaccination data qualifies as health data) is generally forbidden unless one of the exceptions foreseen in article 9 (2) of GDPR applies. Therefore, this processing would only be lawful if this data is necessary for preventive or occupational medicine or for assessing the working capacity of the employee.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

As mentioned, any information concerning health is a special category of personal data, whose processing is limited under specific circumstances.

The law does not entitle employers to ask employees whether they are vaccinated. Processing personal health data must comply with article 22 of Law 31/1995, on occupational risk prevention, which means that:

  • in general terms, employers cannot use personal data on employees’ health for discriminatory purposes or to the detriment of any employees;
  • access to employees’ personal medical information will be limited to medical personnel and health authorities that monitor the health of workers, and providing such information to an employer or other personnel without the express consent of the worker is prohibited; but
  • employers and those responsible for health and safety will be informed of the conclusions of any check-ups to determine the workers’ ability to perform their job or the need to introduce or improve protection and prevention measures, so that they can properly carry out their preventive functions.

Based on this and the fact that there are no different regulations on covid-19 prevention based on employee vaccination, employers do not have access to vaccination information unless employees freely give their consent.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

Medical and vaccination information relating to an individual constitute health data, which is considered a special category of personal data under article 9 of the General Data Protection Regulation (GDPR). The main rule is that the processing of such data is prohibited, unless there is an applicable exemption to process the data (for example, that processing is necessary for the employer to fulfil their obligations and exercise their special rights within labour law and in the areas of social security and social protection. From a general employment law perspective, however, it does not appear necessary for the employer to register or draw up lists of employees’ immunity in any way to fulfil an obligation or right within labour law and in the areas of social security and social protection.

Article 9.2 (i) GDPR offers another exemption to the general prohibition to process special category data: it may be lawful if the processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and medicinal products or medical devices. However, such processing must be based on EU or member state law, which normally does not apply for "ordinary" businesses.

To summarise, the opportunity for employers to lawfully process employee medical data and data on vaccination under the GDPR is very limited.

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

Employers cannot access employee data related to vaccination status, and the processing of such data is not permitted.

Regarding the protection of other data, employers and employees based in Switzerland are subject to the FADP. Under that Act, personal data is any information relating to an identified or identifiable person. Health-related data is considered to be "sensitive personal data" and is subject to specific protections. Medical data, therefore, would be subject to the requirements for processing sensitive personal data.

Several principles guide the processing of data. The principle of lawfulness of processing states that personal data only can be processed lawfully. This means that such action requires a justifiable reason, which could be the consent of the subject, a predominant public or private interest or a legal provision. In the context of employment relationships, the validity of employees' consent as a justification is often called into question, given the unequal relationship inherent in any employment contract (thus preventing the employee from consenting freely).

According to the principle of good faith, it is not permitted to collect personal data without the knowledge and consent of the person concerned. Anyone who deceives that person is in violation of the principle of good faith. The collection of personal data and the purposes of the processing must be recognisable to the subject.

According to the principle of proportionality, only data necessary and suitable for the set purpose may be processed. In addition, according to the principle of purpose, data collected may only be processed for the purposes that were communicated at the time of collection, that arise from the circumstances or that are provided for by law. Finally, the principle of accuracy implies that the processor of personal data must ensure the data is accurate and, if necessary, correct data that is no longer accurate.

In addition, under certain circumstances, EU General Data Protection Regulation also may apply to Swiss companies. However, its general requirements and principles are similar to those of the FADP.

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

Medical and vaccination information can be processed by employers only with the explicit consent of employees. In labour law, considering the dynamics between employers and employees, any consent given by employees may be challenged as it may not be voluntary. Therefore, the processing of such health data, even with the consent of employees, would impose risks upon employers from a data protection perspective.

Last updated on 21/09/2021

Flag / Icon

United Kingdom

  • at Littler

Information about a person’s vaccination status is special category personal data for the purposes of the GDPR. It represents part of their personal health record and is afforded additional protections under data protection law.

An employer should only seek to process such data if it has a lawful basis for doing so under the UK’s implementation of the GDPR and the Data Protection Act 2018. In particular, there are limited lawful reasons for processing special category data such as health records.

It is beyond the scope of this Q&A answer to provide a detailed analysis of the potentially lawful bases for processing the special category data of employees, but general guidance can be found from the ICO – here.

For these purposes, processing means:

  • checking an employee’s vaccine status digitally (eg, by scanning a QR code);
  • checking an employee’s vaccine status manually and retaining any data from any such check in any form; or
  • any subsequent usage of the data after it has been checked digitally or manually and recorded.

Employers should be aware that the ICO has issued specific guidance on processing employee vaccine status data. Essentially, this guidance is that although employers may undertake spot-checks of employee vaccination status, there will be significantly fewer cases where it would it be justifiable for employers to retain a record of any employee’s vaccination status: see the ICO’s position on this as follows (quotes taken from the ICO here; emphasis has been added by us):

Does the UK GDPR apply if I decide to check people’s COVID status?

UK GDPR applies to certain ‘processing’ of personal data. If you are only conducting a visual check of COVID Passes (either a hard-copy document or a pass held on a digital device) and do not retain any personal data from it, this would not constitute ‘processing’. The activity would therefore fall outside of the UK GDPR’s scope.

However, if you are conducting checks digitally (for example, by scanning the QR code displayed on the pass), this would constitute processing of personal data – even if you do not keep a record of it. The UK GDPR would therefore apply.

If you make a record of any personal data, whether you conduct visual or digital checks, then you would be processing personal data and the UK GDPR would apply.

Can I record information about my employees’ vaccine status?

Your reason for recording your employees’ vaccination status must be clear and necessary. If you cannot specify your use for this information and are recording it on a ‘just in case’ basis, or if you can achieve your goal without collecting this data, you are unlikely to be able to justify collecting it….

Last updated on 31/08/2021

Flag / Icon

United States

  • at Littler
  • at Littler
  • at Littler

With limited exceptions, the Americans with Disabilities Act requires employers to keep confidential any medical information they learn about any applicant or employee. Medical information includes not only a diagnosis or treatment, but also the fact that an individual has requested or is receiving a reasonable accommodation. In addition, employers must maintain reasonable security measures to protect sensitive personally identifying information.  Specific data privacy rules vary state by state.

Up-to-date information on the USA’s response to the pandemic, including State-level news and developments, can be found at Littler’s covid hub here.

Last updated on 21/09/2021

12. What are the key health and safety considerations for employers in respect of remote workers?

12. What are the key health and safety considerations for employers in respect of remote workers?

Flag / Icon

Argentina

  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua
  • at MBB Balado Bevilacqua

Employers must notify the corresponding labour risk insurer (ART) about any employees that work remotely to ensure that in the event of an accident or illness the ART will provide cover. ARTs must determine new policies addressed to the home-office framework to control and verify the conditions under which remote work is undertaken and to indemnify remote workers. 

In addition, the ML must research the applicable hygiene and safety conditions. If an employee under the home office framework suffers an accident at home, it will be considered a work-related accident and will be covered by the corresponding ART, if the accident: took place where the employee has disclosed they are working from; it occurred during their working day; and it happened while they were working.

Last updated on 21/09/2021

Flag / Icon

Australia

  • at People + Culture Strategies

Employers have an obligation under health and safety legislation to take all reasonable steps to ensure the health and safety of workers. This obligation does not cease where the work is carried out remotely, and in the context of a remote-working arrangement, key considerations for employers may include:

  • whether employees have a safe space in which to work;
  • whether employees have the necessary equipment, including an ergonomic desk and chair; and
  • being aware that employees may face increased pressure on their mental health and wellbeing when working from home for extended periods, and taking appropriate actions which may include:
    • checking in with employees on a semi-regular basis to ensure they do not feel isolated and/or excluded; and
    • reminding employees of what counselling services or other wellbeing programs are available for them to access.

 

Last updated on 21/09/2021

Flag / Icon

Austria

  • at Littler
  • at Littler
  • at Littler

Any regulations concerning the general protection of workers apply to teleworkers as well. Only workplace-related regulations do not apply here. Thus, an employer's duty of care does not end at the worker’s front door when the worker performs their work from home. In Austria, several large companies produce videos for their workers showing the ideal design of a teleworking workplace. They use these videos to support their workers to set up their teleworking workplace properly. In some cases, workers are even offered the opportunity to film their workplace and send the video to the employer. Experts then assess whether the workplace meets occupational health and safety requirements.

Last updated on 21/09/2021

Flag / Icon

Belgium

Until the pandemic, there were almost no legal rules relating to health and safety for remote workers, other than those laid down in article 15 of CBA No. 85 on structural teleworking. This article states that the act of teleworking should be communicated and also the rules concerning health and safety, specifically the use of computer screens, should be respected. Next, the health and safety prevention service would also need to access the workplace of the teleworker to see whether health and safety rules are respected or correctly applied.

Last updated on 21/09/2021

Flag / Icon

Brazil

  • at Pinheiro Neto
  • at Pinheiro Neto Advogados

Employers are still responsible, to a certain extent, for ensuring a healthy and safe workplace even in a remote setting. The CLT establishes that employers must give express guidelines on ergonomics for employees to observe at home, which employees must acknowledge. Furthermore, the Labour Public Prosecutor issued Technical Note No. 17/2020 to guide companies through the pandemic, when many companies have shifted to a remote model. Among such guidelines, employers have been advised to provide training on health and safety.

Last updated on 21/09/2021

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

The health and safety considerations for employers in respect of remote workers are the following:

  • Modes of work time control or workload regulation;
  • Determination of the time slots during which the employer can usually contact the remote worker to respect the right to disconnect and the right to privacy;
  • Organise an annual meeting to discuss working conditions and workload; and
  • Evaluate professional risks, in particular those linked to the employee's distance from the colleagues and regulating the use of digital tools.
Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

Employers' main considerations regarding the health and safety of remote workers should focus on a risk assessment of their remote workplace and the safety training of remote workers. It should be emphasised in this context that employers are only required to do what is actually within their power and control. In the case of remote working, employers are therefore particularly dependent on their employees' cooperation to ensure occupational safety.

Based on these considerations, remote workplaces must be subject to a risk assessment. Employers may try to personally inspect the workplace at the private home of an employee. However, this is unusual and, because of the constitutional protection of the integrity of the home, is subject to the employee's consent. Furthermore, especially in the case of mobile work, it must be taken into account that the place of work is not fixed and is determined by the employee. Thus, the employer usually requests the information required for the risk assessment by obtaining sufficiently specific information from the employee. The physical stresses resulting from the location of the workplace, the equipment of the work materials, the amount of light at the workplace, the height of a work desk; and the working environment must be taken into account. This applies to private workplaces as well as to workplaces in co-working spaces or other work environments (eg, hotel, train). Also, the psychological stress resulting from the duration of working hours, the lack of (personal) contact with colleagues and customers or the increasing mixing of private and professional life must be recorded. Based on the risk assessment of the remote workplace, the employer must prepare instructions on necessary measures to protect health and safety and ensure those instructions are implemented. These instructions should enable the employee to recognise and avoid hazards in their remote workplace.

Last updated on 21/09/2021

Flag / Icon

Greece

  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm
  • at Kyriakides Georgopoulos Law Firm

Key considerations include health and safety issues, both in terms of mental health due to employees’ isolation from their colleagues, and in terms of safety because when working from home it is difficult to identify what constitutes and what does not constitute a work accident.

In general, employers are liable towards employees for health and safety issues even during the remote-working arrangement; the employer is obliged to inform remote workers regarding company policies on health and safety matters including information about organisational and technical issues, equipment usage guidelines and inform them of the procedure to be followed if there is an accident during working hours, their right to take adequate breaks and their right to disconnect.

A new ministerial decision that will further specify such health and safety rules as well as the procedure that the Labour Inspectorate will follow to check compliance with health and safety measures is expected soon.

Last updated on 21/09/2021

Flag / Icon

Hong Kong

  • at Lewis Silkin
  • at Lewis Silkin
  • at Lewis Silkin

There are no specific health and safety rules that have been introduced for remote workers by the government. However, employers must abide by their statutory and common law duty to ensure the health and safety at work of their employees, as far as is reasonably practicable. This obligation would likely extend to remote working (although this has not yet been tested in the courts). Employers would therefore be required to ensure that their employees’ home-working environment is commensurate with the standards that they are required to uphold in the workplace, otherwise they may find themselves liable for breach of their statutory or common law duties.

While there has been no specific legislation on health and safety considerations for remote workers, some employers in Hong Kong have introduced policies and guidelines for remote workers, including related to workspace configuration, conducting desk assessments, recommended stretches and breaks and also a focus on mental health.

Last updated on 11/10/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

India has labour laws concerning compensation payable by the employer for any personal injury caused to an employee “arising out of and in the course of” employment. While these laws have been extended in cases where an employee was travelling on official duties, we are yet to come across a specific precedent related to remote working in India. Additionally, remote working has led to the emergence of several unprecedented mental health-related issues among employees working from home, which is something employers are grappling with. Employers should also ascertain whether its insurance coverage applies to employees working remotely.

Last updated on 21/09/2021

Flag / Icon
Ireland

Ireland

  • at Littler

Employers have an ongoing legal duty to maintain a safe working place and environment. Responsibility for health and safety at work rests with the employer, whether or not that work is being done at the worker’s home.

Employers need to consult with their employees to assure themselves:

  • that the employee is aware of any specific risks regarding working from home
  • that the work activity and the temporary workspace are suitable
  • that they provide suitable equipment to enable the work to be done
  • that there is a pre-arranged means of contact.

The Health and Safety Authority has produced helpful guidance and information on the health and safety issues relating to remote working, which is available here.

Last updated on 21/09/2021

Flag / Icon

Italy

  • at Toffoletto De Luca Tamajo

Under Smart Working regulations, employees can choose the place in which they perform their work activity. Consequently, employers are not required to verify the safety of any possible place of work but must provide employees with information. In particular, employers have to provide employees and the workers’ safety representative, at least on an annual basis, with a document which indicates the general risks and the connected specific risks linked to Smart Working.

Furthermore, it is highly recommended for employers to organise courses focused on the peculiarities of smart working (especially from an H&S perspective). In any case, employees are required to cooperate in the implementation of safety measures in order to address the risks associated with the performance of work outside the premises of the company.

©Toffoletto De Luca Tamajo, ©Ius Laboris

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

The 2019 reform on teleworking provides for specific protection to ensure workers' health and safety rights. A Mexican Official Standard Regulation (NOM) must be published within 18 months of the enactment of the Reform; however, the authorities have not issued any additional provisions yet.

The only current and relevant obligation for employers with remote workers related to health and safety is to register their employees at the IMSS. Registration with the IMSS ensures standard health and safety protection, such as the applicable framework for other workers. Further, employers must guarantee a safe working environment, and provide adequate equipment to render services. Nevertheless, executing a written agreement with remote employees stating their sole and individual responsibility for ensuring that they are fulfilling their work duties in a safe environment has become standard practice.

Last updated on 21/09/2021

Flag / Icon

Portugal

  • at Cuatrecasas
  • at Cuatrecasas

According to the Portuguese Labour Code, teleworking employees have the same rights and duties as other employees, namely concerning working conditions, health and safety, and medical care arising from work accidents or occupational illnesses. Employers must also be mindful of the isolation of remote employees by ensuring regular contact with the company and other employees.

Employers are responsible for the identification and management of risks in teleworking and on-site work alike. When addressing the health and safety risks of remote working, employers must pay particular attention to psychosocial risks and ergonomic factors.

Employers must also keep insurance companies informed of the specific workplace of remote or teleworking, to ensure that their policy will cover any work accident that might occur.

Last updated on 21/09/2021

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

Articles 15 and 16 of the Law on Remote Working provide that remote workers are entitled to appropriate health and safety conditions in the workplace, and that risk assessment and prevention planning should consider the specific risks of remote working, in particular, psychosocial, ergonomic and organisational factors.

The Law on Remote Working refers especially to labour conditions such as working-time distribution, employee availability, rest time and the right to disconnect to be considered for occupational risks purposes.

Indeed, article 18 of that Law provides that remote workers are entitled to digital disconnection outside their working hours, which means that the employer must have in place an internal policy on the right to disconnect, and training and awareness action on the reasonable use of technological tools to prevent computer fatigue. Before implementing this internal policy, employers must consult with workers’ representatives.

Collective bargaining agreements may further develop this right.

Last updated on 21/09/2021

Flag / Icon

Sweden

  • at DLA Piper
  • at DLA Piper
  • at DLA Piper

Under Swedish law, employers have overall responsibility for the employee's work environment and must take all necessary measures to prevent employees from being exposed to risks of injury or ill-health. This responsibility lies with the employer irrespective of whether the work is performed at the office or remotely. Employees, however, also have an obligation to participate in work environment management and should participate in the implementation of any measures necessary to achieve a good working environment, as well as draw attention to potential safety risks. A close dialogue between the employer and employees is important, and often even more so where the work is carried out remotely.

The employer's management of the working environment should be conducted systematically, ensuring that it fulfils applicable rules and regulations for a good work environment. This systematic management should include risk assessments of the business, active measures, and follow-ups in respect of the work environment. Furthermore, employers must, as a main rule, implement adequate action plans and policies to ensure a safe working environment. In companies with many remote workers, it is generally a good idea to set up clear guidelines for remote-working routines (eg, regarding support, communication and physical equipment).

Last updated on 21/09/2021

Flag / Icon

Switzerland

  • at Lenz & Staehelin

In general, employers must take necessary measures to protect the life, health and safety and personal integrity of employees. They must avoid demanding excessive effort from employees and may not burden them with work that could damage their health. Therefore, they have to organise workflow in such a way as to not overwork employees. They also have communication and training obligations, in particular, informing employees and instructing them on risk-prevention measures. Employers generally must ensure that employees' workplaces are properly designed, taking into account equipment, buildings and the working environment.

These measures also apply to remote working and employers are not relieved of their obligation to protect employees' health and safety when work is performed offsite. In the case of remote working at the employer's request, employers have to ensure that employees are provided with the necessary equipment to comply with these conditions or if necessary offer financial compensation for employees to make the necessary arrangements themselves. In any case, employers should ensure that employees are made aware of the health risks involved with remote working, in particular concerning the workplace layout working hours and rest periods.

Last updated on 30/09/2021

Flag / Icon

Turkey

  • at Gün + Partners
  • at Gün + Partners
  • at Gün + Partners

As per article 12 of the Regulation on Remote Working, employers must inform employees about the occupational health and safety measures required for remote working, provide necessary training, ensure health inspections, and take necessary measures about any equipment provided to employees.

Also, article 4 of the Occupational Health and Safety Law No. 6331 further stipulates that employers, in general, must:

  • ensure that all safety measures, including but not limited to those preventing occupational risks and providing information and training, are taken; order in the workplace; all necessary tools and equipment are supplied; health and safety measures are adjusted to changing conditions; and that the current status of the workplace improves;
  • supervise and monitor whether the occupational health and safety measures are complied with, and correct any incompatibilities;
  • conduct or ensure a risk assessment;
  • pay attention to an employee’s suitability for a role in the scope of health and safety; and
  • take the necessary measures so that employees, other than those who receive adequate information and instruction, to not enter places that would lead to life-threatening or a particular danger.

However, Turkish academics argue that several health and safety obligations may not apply to remote working, as they do not apply. For instance, they state that certain obligations arising from the occupational health and safety legislation such as preparing an emergency plan, firefighting, first aid, and evacuation are not applicable to remote working, as it would be unreasonable to expect employers to fulfil these kinds of obligations regarding a place outside their authority.

To conclude, along with the obligations set out under the Regulation on Remote Working, employers should comply with general occupational health and safety obligations, where applicable.

Last updated on 21/09/2021