New Ways of Working

Explore and keep track of key legal and compliance considerations for multinational employers as new ways of working become increasingly embedded as the pandemic begins to recede. Learn more about the response taken in specific countries or build your own report to compare approaches taken around the world.

Choose countries

 

Choose questions

Choose the questions you would like answering, or choose all for the full picture.

02. Outline the key data protection risks associated with remote working in your jurisdiction.

02. Outline the key data protection risks associated with remote working in your jurisdiction.

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Employers must ensure the protection of their company’s data but also of employees’ data.

According to article L. 1222-10 of the French labour code, the employer must inform the teleworking employee of the company's rules regarding data protection and any restrictions on the use of computer equipment or tools. Once informed, the employee must respect these rules.

The collective national agreement of 26 November 2020, provides more details in article 3.1.4. It is the employer's responsibility to take necessary measures to protect the personal data of a teleworking employee and the data of anyone else the employee processes during their activity, in compliance with the GDPR of 27 April 2016 and the rulings of the National Commission for Technology and Civil Liberties (the CNIL).

The CNIL said in its 12 November 2020 Q&A on teleworking that employers are responsible for the security of their company's personal data, including when they are stored on terminals over which they do not have physical or legal control (eg, employee's personal computer) but whose use they have authorised to access the company's IT resources.

The National Agreement of 26 November 2020 recommends three practices:

  • the establishment of minimum instructions to be respected in teleworking, and the communication of this document to all employees;
  • providing employees with a list of communication and collaborative work tools appropriate for teleworking, which guarantee the confidentiality of discussions and shared data; and
  • the possibility of setting up protocols that guarantee confidentiality and authentication of the recipient server for all communications.
Last updated on 21/09/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

An individual’s sensitive personal data or information (SPDI), which includes information on passwords; financial information such as a bank account, credit card or debit card or other payment instrument details; physical, physiological and mental health conditions; sexual orientation; medical records and history; or biometric information or other details related to such information provided to a body corporate for the provision of services or such information received for processing under a lawful contract or otherwise and its storage are protected under Indian data privacy rules. There are certain mandatory obligations for collectors of such SPDI in electronic forms, including obtaining the consent of the data provider, formulating, publishing, and complying with a privacy policy for treatment of such data and adopting certain standards of security practices. However, these obligations are not specific to remote-working arrangements; they govern the terms of the data being collected by the employer.

With employees working remotely, employers are facing a challenge with protecting the security of client data and other confidential information, which may be duplicated or disclosed to third parties by employees working remotely on unsecured personal devices.

Last updated on 08/07/2022

Flag / Icon

Qatar

  • at Clyde & Co
  • at Clyde & Co

Data loss, cyber security, privacy and maintaining confidentiality are the key data risks associated with working remotely.  Taking precautions against importing viruses, compromising system security, and maintaining confidentiality while working remotely are key considerations for employers. Internal policies and procedures should be put in place to ensure employees are aware of their obligations, and operating through virtual private networks could minimise potential risks. 

Last updated on 08/11/2021

10. Are there some workplaces or specific industries or sectors in which the government has required that employers make access to the workplace conditional on individuals having received a Covid-19 vaccination?

10. Are there some workplaces or specific industries or sectors in which the government has required that employers make access to the workplace conditional on individuals having received a Covid-19 vaccination?

Flag / Icon

France

  • at Proskauer Rose
  • at Proskauer Rose
  • at Proskauer Rose

Please see above (questions 8 and 9) regarding the workplaces and specific industries concerned by making the access to the workplace conditional on individuals having received a Covid-19 vaccination.

Last updated on 21/09/2021

Flag / Icon

India

  • at Nishith Desai
  • at Nishith Desai

The Chief Commissioner of the Bangalore municipal authority (BBMP) issued a circular on 26 August 2021 stating that employers of commercial establishments, industries, hotels and restaurants, and other offices within BBMP jurisdiction must ensure their employees are vaccinated[1] and also provide regular testing. The Karnataka state government (Bangalore) also issued direction for labour authorities to ensure employees in industries or factories including IT employees are vaccinated with two doses of covid-19 vaccine, with a direction for labour authorities to check the vaccination status of employees of such establishments.[2] Currently, the legal validity of such government circulars in view of the latest Supreme Court judgment in the matter Jacob Puliyel v. Union of India is debatable and there is a low likelihood of such circulars being strictly enforced by government authorities.


[1] https://drive.google.com/file/d/19_1A7CtE2Qdy7Fbeihrsh9PHpEAHy8RE/view?usp=sharing

[2] https://ksdma.karnataka.gov.in/storage/pdf-files/CAB%20and%20Vaccination%20Industries%20English%20order%20RD%20158%20TNR%202020%20(3)%20dated%2005-01-2022.pdf

Last updated on 08/07/2022

Flag / Icon

Qatar

  • at Clyde & Co
  • at Clyde & Co

Not currently, but this may become a requirement in the future.

Last updated on 08/11/2021