New Ways of Working

Explore and keep track of key legal and compliance considerations for multinational employers as new ways of working become increasingly embedded as the pandemic begins to recede. Learn more about the response taken in specific countries or build your own report to compare approaches taken around the world.

Choose countries

 

Choose questions

Choose the questions you would like answering, or choose all for the full picture.

02. Outline the key data protection risks associated with remote working in your jurisdiction.

02. Outline the key data protection risks associated with remote working in your jurisdiction.

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Employers must ensure the protection of their company’s data but also of employees’ data.

According to article L. 1222-10 of the French labour code, the employer must inform the teleworking employee of the company's rules regarding data protection and any restrictions on the use of computer equipment or tools. Once informed, the employee must respect these rules.

The collective national agreement of 26 November 2020, provides more details in article 3.1.4. It is the employer's responsibility to take necessary measures to protect the personal data of a teleworking employee and the data of anyone else the employee processes during their activity, in compliance with the GDPR of 27 April 2016 and the rulings of the National Commission for Technology and Civil Liberties (the CNIL).

The CNIL said in its 12 November 2020 Q&A on teleworking that employers are responsible for the security of their company's personal data, including when they are stored on terminals over which they do not have physical or legal control (eg, employee's personal computer) but whose use they have authorised to access the company's IT resources.

The National Agreement of 26 November 2020 recommends three practices:

  • the establishment of minimum instructions to be respected in teleworking, and the communication of this document to all employees;
  • providing employees with a list of communication and collaborative work tools appropriate for teleworking, which guarantee the confidentiality of discussions and shared data; and
  • the possibility of setting up protocols that guarantee confidentiality and authentication of the recipient server for all communications.
Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

Security controls

The common risks associated with remote working derive from the absence of security controls over equipment, software, and data, and not having any policies for remote-working schemes, leading to:

  • employees storing sensitive information in their local machines, without the control of employers over such tools;
  • compromised security controls; and
  • Wi-Fi networks and routers in homes are more easily compromised, increasing the risk of exposure.

Companies have the right to install security controls for the equipment and tools to be used by teleworkers to avoid any leaks of information and limit their use, because this hardware is the property of the employer. The common practice in Mexico is to implement a security data policy and a work tools policy.

Additionally, even though there are no specific legal provisions concerning the plausible risks associated with data protection in remote-working schemes, the Federal Law for the Protection of Personal Data in Possession of Private Individuals or Entities, the Federal Law for the Protection of Industrial Property, and their regulations and guidelines, establish provisions for the protection of rights concerning personal data, confidential information, and trade secrets, which also apply to remote-working schemes; therefore, all employees working remotely must comply with these laws and regulations. To prevent and avoid the disclosure of this information, the prevailing practice is to enter into agreements with employees establishing specific obligations in connection to confidentiality and data privacy. Such obligations usually refer to the policies and processes established by employers to ensure information security, and the corresponding penalties in the event of any breach.

Last updated on 21/09/2021

10. Are there some workplaces or specific industries or sectors in which the government has required that employers make access to the workplace conditional on individuals having received a Covid-19 vaccination?

10. Are there some workplaces or specific industries or sectors in which the government has required that employers make access to the workplace conditional on individuals having received a Covid-19 vaccination?

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Please see above (questions 8 and 9) regarding the workplaces and specific industries concerned by making the access to the workplace conditional on individuals having received a Covid-19 vaccination.

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

No, the government has released a covid-19 FAQ where they clarify that vaccination is not mandatory.

Last updated on 21/09/2021

17. To what extent have employers been able to make changes to their organisations during the pandemic, including by making redundancies and/or reducing wages and employee benefits?

17. To what extent have employers been able to make changes to their organisations during the pandemic, including by making redundancies and/or reducing wages and employee benefits?

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

During the pandemic, employers were able to carry out reorganisations involving collective redundancies for economic reasons (subject to justifying a real and serious economic reason as defined by article L.1233-3 of the labour code).

They were also able to negotiate collective performance agreements to meet the needs linked to the operation of the company or to preserve or develop employment by adjusting the working hours of employees, remuneration, and determining the conditions of professional or geographical mobility within the company.

Employers may also have to negotiate or renegotiate agreements or charters on remote status or review their organisation by developing a co-working space, different from the company’s premises, on a regular or occasional basis or in case of exceptional circumstances or force majeure.

Last updated on 21/09/2021

Flag / Icon

Mexico

  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo
  • at Marván, González Graf y González Larrazolo

The federal government have reinforced the protective labour laws that prohibit redundancies and salary reduction as a general rule, stating that that the pandemic would not give legal cause for suspension of employment or dismissal. However, many employers managed to negotiate directly with unions or employees and introduced reduced temporary terms and conditions of employment that enabled companies to remain in business.

Last updated on 21/09/2021