New Ways of Working

Explore and keep track of key legal and compliance considerations for multinational employers as new ways of working become increasingly embedded as the pandemic begins to recede. Learn more about the response taken in specific countries or build your own report to compare approaches taken around the world.

Choose countries

 

Choose questions

Choose the questions you would like answering, or choose all for the full picture.

02. Outline the key data protection risks associated with remote working in your jurisdiction.

02. Outline the key data protection risks associated with remote working in your jurisdiction.

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Employers must ensure the protection of their company’s data but also of employees’ data.

According to article L. 1222-10 of the French labour code, the employer must inform the teleworking employee of the company's rules regarding data protection and any restrictions on the use of computer equipment or tools. Once informed, the employee must respect these rules.

The collective national agreement of 26 November 2020, provides more details in article 3.1.4. It is the employer's responsibility to take necessary measures to protect the personal data of a teleworking employee and the data of anyone else the employee processes during their activity, in compliance with the GDPR of 27 April 2016 and the rulings of the National Commission for Technology and Civil Liberties (the CNIL).

The CNIL said in its 12 November 2020 Q&A on teleworking that employers are responsible for the security of their company's personal data, including when they are stored on terminals over which they do not have physical or legal control (eg, employee's personal computer) but whose use they have authorised to access the company's IT resources.

The National Agreement of 26 November 2020 recommends three practices:

  • the establishment of minimum instructions to be respected in teleworking, and the communication of this document to all employees;
  • providing employees with a list of communication and collaborative work tools appropriate for teleworking, which guarantee the confidentiality of discussions and shared data; and
  • the possibility of setting up protocols that guarantee confidentiality and authentication of the recipient server for all communications.
Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

As in other countries in Europe, the provisions of the EU General Data Protection Regulation (GDPR) and its German implementation in the shape of the German Federal Data Protection Act (BDSG) must be observed. Against this background, special measures must be taken to protect personal data in connection with remote work. This especially concerns third-party access to systems when computers and other portable devices are used in the home or on the go. To this end, employers often issue guidelines of standards with which employees must comply.

Also, remote working poses many data protection risks in terms of IT security and confidentiality. For example, cybercrime exploits the vulnerabilities inherent to remote working to infiltrate IT systems and steal confidential data, for instance through phishing attacks. At the same time, the confidentiality of a phone call, for example, is harder to protect while working in a co-working space, on a train or at home than in a typical workspace. Therefore, remote working may require different security measures and employers should inform their employees accordingly. In this regard, the European Union Agency for Cybersecurity last year published cybersecurity tips for remote working, both for employees (connecting to the internet via secure wi-fi networks, fully updating antivirus software and using a secure connection) and for employers (providing initial and regular feedback to employees on how to react if problems arise and restricting access to sensitive systems, etc.).

Last updated on 21/09/2021

10. Are there some workplaces or specific industries or sectors in which the government has required that employers make access to the workplace conditional on individuals having received a Covid-19 vaccination?

10. Are there some workplaces or specific industries or sectors in which the government has required that employers make access to the workplace conditional on individuals having received a Covid-19 vaccination?

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Please see above (questions 8 and 9) regarding the workplaces and specific industries concerned by making the access to the workplace conditional on individuals having received a Covid-19 vaccination.

Last updated on 21/09/2021

Flag / Icon

Germany

  • at CMS Hasche Sigle

Yes, in the healthcare and nursing sector.

Last updated on 14/04/2022