Turning down a dispute over email privacy concerns, the Australian information commissioner rejected the complaint filed by an employee accusing his former employer. The rejection was based on the argument that the information in question had been accessed on the employee’s work laptop.
Shayano Madzikanda, the complainant, filed a grievance with the information commissioner in 2019, asserting that his former employer, Mecrus, a mining company, had breached his iCloud and personal email accounts. The complainant stated that he had employed his work laptop for personal tasks, such as reaching out to Mecrus’s competitors during business hours. Following the dispatch of a formal letter to him, he was suspended from work, and his work laptop was confiscated.
Madzikanda sought access to his laptop’s personal information and urged Mecrus to eliminate the personal data stored on the device. He argued that the organisation lacked a policy regarding the storage of personal information on company computers, and even if such a policy existed, it had not been enforced during his tenure of employment. Furthermore, he also asked for compensation.
Rejecting the complaint after investigation, in September 2021, a representative of the commissioner conveyed to Madzikanda that the employer had not violated his privacy rights, citing the ‘employee record’ exemption in the Privacy Act. The decision stated that since the employee was aware that the work computer did not belong to him, any data saved on the computer could potentially be considered part of the company’s employee records.
The delegate also mentioned that the employee handbook explicitly declared that any data created, stored, or transmitted on the company’s systems constituted a work product.