Employee Privacy in the Workplace: Insights from Case Law

Employee Privacy in the Workplace: Insights from Case Law

Employee privacy in the workplace is a critical area of employment law that balances an employer’s right to manage operations with an employee’s right to personal dignity and autonomy. Two Kenyan cases, Mwangi v ABSA Bank Kenya PLC (2024) and Musa v Makini Schools (2025), shed light on the complexities of this balance, highlighting when employees can expect reasonable privacy and when company interests might justifiably override such expectations. Employers and employees alike must appreciate the nuances to foster lawful and harmonious workplace environments.

Understanding Employee Privacy

Employee privacy in the workplace is primarily governed by the Constitution of Kenya, the Employment Act, and the Data Protection Act. Article 31 of the Constitution guarantees the right to privacy, including the protection of personal data and communications. However, this right is not absolute, especially within the employment context, where company policies, fiduciary duties, and legitimate business interests come into play.

The two cases in question illustrate the delicate balance between an employee’s right to privacy and an employer’s right to regulate workplace conduct.

Case 1: Mwangi v ABSA Bank Kenya PLC

Thomas Macharia Mwangi, the claimant, a senior branch manager at Absa Bank Kenya, was subjected to private investigations by his employer during disciplinary proceedings. The employer hired a private investigator to scrutinize his personal life, including activities outside work hours. This investigation extended to obtaining information from third parties, allegedly without justification.

Key Legal Issues

• Right to Privacy: The court found that hiring a private investigator to look into Mwangi’s private life outside the workplace was unjustified and violated Article 31 of the Constitution.

• Due Process in Disciplinary Proceedings: While the termination was based on policy violations, the employer’s approach to collecting evidence was deemed intrusive and unlawful.

• Employer’s Justification vs. Employee’s Rights: The employer argued that the banking sector requires a high level of integrity. However, the court held that investigative measures must still align with constitutional and legal safeguards.

Court’s Decision

The Employment and Labour Relations Court ruled that the employer’s actions violated Article 31 of the Kenyan Constitution, which protects the right to privacy. The court noted that while employers can investigate employee misconduct, they must respect employees' personal lives. The court emphasized that disciplinary actions should align with employment policies and the law, ensuring fairness and proportionality.

Case 2: Musa v Makini Schools Limited

Japher Nanjira Musa, the claimant, a long-serving teacher and union representative, was dismissed following allegations of misconduct linked to private WhatsApp conversations retrieved from a colleague’s work laptop. The employer accessed these conversations during an investigation into defamatory statements allegedly shared with a blogger.

Key Legal Issues

• Employer’s Right to Access Work Devices: The court had to determine whether accessing an employee’s personal messages stored on an employer-issued device was lawful.

• Consent and Data Protection: Musa contended that accessing his messages without consent amounted to unlawful surveillance and a breach of the Data Protection Act.

• Workplace Policies and Employee Expectations: The employer argued that the messages, found on a company device, justified disciplinary action given the potential reputational damage.

Court’s Decision

The court upheld the employer’s actions, reasoning that the laptop was company property and that the retrieval of evidence was proportionate to the severity of the allegations. While recognizing the right to privacy, the court found that such rights could be reasonably limited within the scope of workplace investigations, especially when using employer-provided assets.

Comparative Analysis: Balancing Privacy and Accountability

1. Reasonable Expectation of Privacy

In Mwangi, the court highlighted that employees have a legitimate expectation of privacy, even in employment contexts. This expectation extends to personal activities outside work hours unless they directly impact the employer’s interests. By contrast, in Musa, the use of employer-provided equipment—a work laptop—was pivotal in justifying the employer’s actions. Employees must recognize that using company assets for personal communication may limit their expectation of privacy.

2. Investigative Procedures

The procedural approach in both cases reveals critical lessons for employers:

• Transparency and Justification: In Mwangi, the employer’s lack of transparency and justification for the private investigation was deemed unlawful. Employers must demonstrate a clear connection between the investigation and legitimate business interests.

• Proportionality: In Musa, the court approved the employer’s actions because they were proportionate to the allegations. Employers should avoid intrusive measures unless they are necessary to address serious misconduct.

3. Employee Misconduct vs. Employer Obligations

Employers are entitled to address misconduct that affects their operations. However, as seen in Mwangi, such actions must respect procedural fairness and the law. In Musa, the court’s decision underscores the importance of clearly communicating policies on the use of company assets and ensuring that disciplinary actions are well-founded.

Key Takeaways for Employees and Employers

For Employees:

1. Adherence to Policies: Understand and comply with workplace policies, particularly regarding company assets and communication tools.
2. Awareness of Boundaries: Maintain a clear separation between personal and professional activities. Use personal devices for private matters to safeguard privacy.
3. Know Your Rights: Familiarize yourself with constitutional protections and workplace rights to identify potential breaches.

For Employers:

1. Develop Clear Policies: Establish transparent policies on the use of company assets, investigations, and disciplinary actions. Communicate these policies effectively to employees.
2. Respect Privacy: Limit investigations to work-related misconduct and avoid unwarranted intrusions into employees' personal lives.
3. Follow Legal Procedures: Ensure that disciplinary actions align with employment laws and respect due process. Engage in fair and unbiased investigations.
4. Proportionality in Action: Tailor investigative measures to the gravity of alleged misconduct and avoid unnecessary overreach.

Broader Implications for Workplace Privacy

The contrast between Mwangi and Musa demonstrates the evolving nature of workplace privacy. Technology plays an increasingly significant role, blurring the lines between personal and professional spheres. Employers must navigate these challenges carefully to maintain trust and compliance.

Courts are likely to continue emphasizing proportionality and procedural fairness, holding employers accountable for overstepping boundaries. Meanwhile, employees must remain vigilant and proactive in understanding their rights and responsibilities.

Conclusion

The balance between employee privacy and employer oversight is delicate. The Mwangi and Musa cases underscore the importance of adhering to legal and ethical standards. Employees should safeguard their privacy by using personal devices for non-work-related matters, while employers must ensure their actions are justified, proportionate, and lawful. Ultimately, fostering a culture of transparency, compliance, and respect for privacy rights benefits both employers and employees, reducing the risk of legal disputes and workplace conflicts.