Work: the Guarantor puts a halt to Poste’s queue management system

Work: the Guarantor puts a halt to Poste’s queue management system

The system adopted by post offices to manage the queue at counters can no longer be used as, in fact, it can also allow for the pervasive and constant monitoring of employees. This is the decision taken by the Privacy Guarantor at the outcome of an investigation initiated to carry out an in-depth examination of the numerous reports sent by employees and trade unions on the operating mode of the “queue management system” implemented by the company.

The employees turned to the Guarantor complaining that the company had implemented a system that displayed the names of operators on the luminous display placed above the counters without informing them in advance. The trade unions, on their side, highlighted that the company had not entered into any specific agreement with the trade unions on the matter. However, the Guarantor noted that criticalities of the system concerned aspects that were far more significant that those reported.

During the preliminary investigation, the company had stated, above all, that showing the names of the operators to the public, just like the identification badges on the employees’ uniforms, was useful for improving the relationship with users.  As regards the actual management system operating mode and the related processing of personal data, Poste instead had stated that it had acted in full compliance with the Privacy Code and labour regulations, given that the system adopted “represents a business tool that falls within the scope of the freedom of the organization of work “. It had also added that it was not required to provide its employees with an ad hoc communication as the data gathered by the system were not used for purposes related to the conduct of the work relationship.

On the contrary, in its decision, the Authority had reported several profiles of unlawfulness processing. First of all, it reiterated that employees must be provided with complete information on the processing of their personal data. It then underlined that the features of the queue management system and the ensuing penetrating control were not proportionate to the purposes of “organizational and production”, “occupational safety” and “protection of corporate assets”, allowed by labour regulations.

The so-called “monitoring dashboard” used by the company to manage the system, enabled over 12,000 subjects – with different degrees of visibility at national and peripheral level – to access the data relating to all the counters and operators in service, at any time and at a given office, in real time and on an ongoing basis. This data could be collected and stored, also based on not well-specified “anomalies”, and could be extracted in individual reports.

The Guarantor also noted that, pursuant to the sector regulations, the system could not be considered as a mere “working tool” that is indispensable to provide the service, and also able to allow, even indirectly, for the remote control of employees. For this reason, Poste should have adopted the specific guarantees provided by the law, including the specific agreement to be signed with the trade unions.

Thus, the Guarantor has prohibited Poste to use the unlawfully processed data with immediate effect.

I has however ordered the storage of such data to guarantee the protection of the rights before the judicial courts and the possible acquisition by the competent authorities.


(from the Newsletter of the Privacy Guarantor of 21.12.2017)