Bad news for employers. The Office for the Protection of Personal Data considered the inspection of the sobriety of employees by the employer as unlawful
On the website of the Office of Personal Data Protection a message appeared about the legality of employers’ checks on the sobriety of employees. It is a response to the debate created after the introduction of amendments to the Labor Code in May this year and numerous questions addressed to the Office by confused employers in this matter.
Unfortunately, according to the Office, the employer is not entitled to test the sobriety of his employees, and not only as part of preventive control (even with the help of so-called „losomat”- device for generating random decision), but also in the case of suspicion that the employee is under the influence of alcohol.
The Office’s position is based on an unfavorable interpretation for employers of the provisions of the Act on upbringing in sobriety and counteracting alcoholism. The Office believes that this Act in art. 17 clearly sets out the conditions that must be met in order to be able to test the employee’s sobriety.
And so the employer must have a reasonable suspicion that the employee came to work under the influence of alcohol or consumed alcohol while working. This eliminates the possibility of preventive sobriety control, e.g. all company drivers or people entering the construction site. In addition, the employer or an authorized security officer may not carry out the tests – he / she must call the relevant authorities for this purpose.
What are the employers allowed to then? Only closely observe your employees and if you find out by other methods than testing with a breathalyzer, not allowing such an employee to work. In such a situation, the breathalyzer test may be carried out by, for example, the police at the request of the employee or the employer.
The Office emphasized that it does not accept any of the concept of acceptability of the sobriety control of employees presented on the basis of the provisions of the GDPR and the Labor Code. In particular, the control of the sobriety of employees cannot be authorized due to justified interests of the employer (Article 6 (1) (f) of the GDPR) or the need to ensure safe and hygienic working conditions (Article 6 (1) letter c of the GDPR).
Interestingly, the Office concluded that the sobriety survey of employees is not a form of monitoring the work referred to in art. 223 § 4 of the Labor Code. It seems that this is a response to signals from the Ministry of Digitization, responsible for the amendment of the Labor Code in connection with the introduction of the GDPR, which in this provision looked at the employer’s rights to control the sobriety of employees. This is not the first time when the Office of Personal Data Protection does not agree with the position of the Ministry of Digitization regarding the rights of employers in the processing of personal data – a similar conflict concerned the possibility of employers retaining recruitment documents of candidates after recruitment process. The dispute between the Ministry of Digitization and the Office is primarily has an impact on employers who receive contradictory information about their rights and obligations related to data processing.
In my opinion, the current provisions of the Labor Code, and even more so the GDPR, do not prevent the examination of the sobriety of employees by the employer – as a special form of monitoring employees in accordance with art. 223 § 4 of the Labor Code – if it is justified by circumstances, e.g. particularly dangerous working conditions. Employees’ safety and health should be treated in this situation as a priority over the protection of their privacy and personal data. The position of the Office put many employers, especially those which introduced sobriety control as a reaction to alcohol-related or occupational accidents related to alcohol consumption, in a very difficult situation it is whether to stop sobriety control and increase the risk of accidents or continue the control, despite high penalties resulting from the GDPR.