Over Four Decades of Data Protection: Unexplored History with Valuable Insights for the Future – Part 3

by | Jan 28, 2025

author profile picture

About Jeremias Adams-Prassl, Six Silberman, and Halefom Abraha

Jeremias Adams-Prassl is Professor of Law at Magdalen College in the University of Oxford. He studied law at Oxford, Paris, and Harvard Law School, and is particularly interested in the future of work and innovation. Jeremias is the author of over 100 articles and books, including most recently Humans as a Service: the Promise and Perils of Work in the Gig Economy (OUP 2018) and Great Debates in EU Law (MacMillan 2021). Since April 2021, he has lead a five-year research project on Algorithms at Work, funded by the European Research Council and a 2020 Leverhulme Prize.  | Six Silberman is a postdoctoral researcher in the iManage Project at Bonavero, contributing to research on regulating algorithmic management. Silberman has previously been a software engineer and trade union official, and was co-founder with Lilly Irani of Turkopticon, a client reputation system used by workers on Amazon’s ‘Mechanical Turk’ crowdsourcing platform. Silberman has contributed to research on environmental issues in information technology, the working conditions and rights of workers on digital labor platforms, and ecological economics. | Halefom H. Abraha is an Assistant Professor at the International and European Law (IER) Department of the Utrecht School of Law. Halefom is a member of the Netherlands Institute of Human Rights (SIM) and the Utrecht Centre for Regulation and Enforcement in Europe (RENFORCE). His research and teaching interests lie in AI Regulation, algorithmic management in the labour market, and data protection. He also researches cross-border data access in the law enforcement context and digital sovereignty.

See Parts 1 and 2 of this blog here:

A renewed focus on workers’ data rights and promising pathways

Employees are considered ‘vulnerable data subjects’ under EU data protection law due to the power dynamics underpinning employment relationships, which are absent in many other data processing contexts. Similarly, the Council of Europe noted that employees become a ‘captive population’ under constant surveiellance by new technologies. Advanced workplace monitoring and algorithmic management technologies pose significant risks not only to workers’ privacy and data protection rights but also to broader social and labour rights enshrined in international and national laws. In other words, regulating workers’ data rights is not only a matter of workplace privacy and data protection but also a means of safeguarding workers’ autonomy and human dignity, and ensuring decent working conditions‒ aspects that existing privacy and data protection laws fail to adequately address.

Recent years have seen a renewed focus on workers’ data rights, driven by technological advancements in AI and their risks, that have drawn considerable media and public attention. While policymakers are beginning to address these issues, and several regulatory measures are in development in many jurisdictions (see initiatives in the US, Australia, and Germany), they are often patchy and still in a nascent stage.

While celebrating this year’s pivotal moment of data protection/privacy day, we must also acknowledge what these laws left out. The evolution of employees’ personal data protection in the workplace demonstrates a persistent recognition across multiple jurisdictions of the need for tailored regulations. However, most calls and efforts to introduce workplace-focused data protection laws have been met with legislative inaction. Existing privacy and data protection laws failed workers in many aspects. Protecting workers’ data rights requires comprehensive legislation that is responsive to, and corresponds with, the risks new technologies pose to workers’ fundamental rights and freedoms. Such legislation should be informed by, and built on, labour law principles and requirements, rather than the individualistic and consumer-oriented approaches underpinning data protection/privacy laws.

The EU has provided a promising pathway by establishing a comprehensive framework for regulating monitoring and algorithmic management in platform-based work. There is also growing interest among EU stakeholders to expand these rules beyond platform work to all workplaces, which we welcome.

Happy Data Protection/Privacy Day, Workers😊

Share this:

Related Content

0 Comments

Submit a Comment