Belgium

Law of 8 December 1992 on Privacy Protection in Relation to the Processing of Personal Data

Belgian Constitution recognizes the right of privacy and private communications.

The principle of privacy protection is set forth in Article 22 of the Belgian Constitution: “everyone has the right to respect for his private and family life respected, except in the cases and under the conditions stipulated by law.”

The right to privacy is directly binding and can be enforced by employees in the labor courts.

The law recognizes several exceptions, many of which are the result of making the employer liable for the damages caused by the employee in the execution of their employment contract.

Generally, employers can take actions to control how and when technology – including email – can be used.

Belgium enacted the Law of 8 December 1992 on Privacy Protection in Relation to the Processing of Personal Data to implement the Data Protection Directive. The law ensures that personal data may only be processed for clearly described and justified purposes and may not be used in a manner incompatible with these purposes. The Act seeks to regulate the collection, use and processing of personal data relating to natural persons by ensuring the data subject's right to information, access, correction or deletion, and appeal.

The Act applies: (a) when the processing is carried out in the context of the activities of a permanent establishment of the controller in Belgium; or (b) if the controller, established outside the EU, makes use of equipment located in Belgium, except for mere transit.

Article 17 of the Law on Protection of Personal Data of 1992 requires prior registration and the disclosure of specific information.

See also Royal Decree of 13 February 2001 implementing the Act of 8 December 1992 on the protection of privacy in relation to the processing of personal data.

This Royal Decree lays down:

• The conditions authorizing the further processing of personal data for historical, statistical or scientific purposes;
• The conditions for processing sensitive data;
• The way in which a person whose data are processed may exercise his rights (access, rectification, deletion of his data);
• The way in which the automatic processing of personal data has to be notified.

On April 26, 2002, employer and employee representatives of the National Labor Council signed national collective agreement No. 81 on the protection of the private lives of employees with respect to controls on electronic on-line communications data.

Royal Decree declared the Agreement mandatory for the private sector to govern the employee’s right to privacy when electronic communications data are collected for monitoring.

Lists reasons that justify electronic monitoring.

In most instances, employees must consent to monitoring.

Belgian courts generally find the monitoring of emails to be lawful if the rules of the collective labor agreement are complied with.

September 13, 2005, a decision by a labor court in Brussels fined an employer who had fired an employee because her emails proved that she had been sending confidential company information to her husband who worked at a competitor. The employer in this case had not provided notice of monitoring, fired the employee on the spot and failed to confront the employee or provide her with opportunity to explain.

November 15, 2005, a labor court in Antwerp issued a similar ruling. According to the labor court, email surveillance is permitted only if the employees are individually and collectively notified before monitoring takes place. The employer must also have a policy on the appropriate use of network, emails, etc. According to the court, an employer must comply with the principle of transparency, which requires them to provide prior notification and information about email monitoring on both an individual and on a collective basis. In this case, the employer had provided no such information. The employer must also comply with the principle of “finality,” which allows monitoring for a limited number of purposes. If the employer does not comply with these principles, then the information cannot be used against the employer.

A labor court in Ghent issued similar rulings on May 9, 2005 and October 17, 2005.