privacy

Subscribe to privacy via RSS

As sweeping reforms converge to redefine workplace standards, employer responsibilities and employee rights, 2026 will require global businesses to balance rapidly evolving workplace regulation with the need to safeguard commercial interests.

Global regulation shifts in focus

Across the UK, the Americas and Europe, three key themes dominate: equity, openness and flexibility.

In the UK, the recent Employment Rights Act will broaden protection against unfair dismissal by reducing the qualifying period from two years to six months and removing the existing caps on compensation. These changes are anticipated from January 2027. The act will create other significant changes in 2026 and into 2027, including measures strengthening union influence; broadened thresholds for collective consultation and increased associated penalties for breaches; severe restrictions on imposing contractual variations, improved job security for zero- and low-hours workers; and broadened protections against harassment. In short, there will be a seismic shift to the compliance landscape. Employers will need to stay alert, as many of the finer details remain unknown.

The European Union is taking a proactive approach to strengthen its global competitiveness, aiming to boost innovation and economic growth. However, core worker protections are likely to remain strong with employers facing a wave of new regulation including the Pay Transparency Directive, the AI Act, and a revised framework for European Works Councils. Meanwhile, the Quality Jobs Roadmap forms part of the EU’s strategy to generate and maintain sustainable, high-quality employment. This potentially includes legislative measures to safeguard workers’ rights while adapting to ongoing technological, economic, and societal developments.

Recent employment law developments across Asia Pacific and Latin America also reflect a strong focus on worker protection, flexibility and fairness. Wage reforms are prominent, with South Korea and multiple Philippine regions announcing significant minimum wage increases, while Malaysia’s Gig Workers Bill enhances rights and security for nontraditional workers. Broader labor rights are evolving through measures like South Korea’s Yellow Envelope Act, which expands union protections, while Singapore’s Workplace Fairness Act seeks to ensure fair treatment for employees, including by providing greater protection against workplace discrimination. In Latin America, labor reforms are continuing, with Brazil seeking to strengthen equal pay compliance, Colombia modernizing its labor inspection regime, Mexico proposing reforms to strengthen workers’ rights and Argentina seeking to introduce sweeping changes to modernize labor relations while fostering competitiveness.

Overall, these changes underscore a regional trend toward safeguarding employee well-being, regulating digital work environments and ensuring equitable treatment across diverse employment models.Continue Reading A Year of Workforce Transformation Prioritizing Fairness

This article was originally published by IAPP linked here.

When monitoring employees in the workplace in the U.S. and Canada, employers must be cognizant of their obligations under employment and data privacy laws. 

In the US, employers can mostly negate privacy expectations from developing in the workplace by providing clear notice of monitoring practices and which notice is required in certain states, such as New York. But under the California Consumer Privacy Act, data minimization requirements apply and monitoring practices must be justifiable as necessary and proportionate.

In Canada, employers are required to balance operational needs such as safety, security and productivity, with the privacy rights of their employees. Monitoring should be reasonable, proportionate and tied to a legitimate business purpose. Organizations must comply with applicable federal or provincial privacy legislation, which can include safeguarding any employee personal information collected, obtaining employee consent in certain circumstances, and providing notice to employees of monitoring practices. 

For federally regulated private-sector employers — such as banks, airlines and telecommunications companies — employee monitoring is generally governed by the Personal Information Protection and Electronic Documents Act. Provinces that have enacted privacy laws deemed “substantially similar” to PIPEDA are exempt from its collection, use and disclosure provisions under section 26(2)(b). Presently, only Alberta, British Columbia and Québec have privacy legislation that is substantially similar to PIPEDA.

US: A patchwork of requirements apply to employers

At the federal level in the U.S., employee monitoring is primarily governed by the Electronic Communications Privacy Act and the Stored Communications Act, which permit monitoring for legitimate business purposes but impose strict limits on unauthorized interception and access to private communications. Further, employers must conduct all workplace monitoring and surveillance in compliance with federal, state and local anti-discrimination laws. And, all employers, even those with a nonunionized workforce, must comply with the National Labor Relations Act when conducting workplace monitoring and surveillance. Continue Reading Employee Monitoring in the US and Canada: What Employers Need to Know

CPPA Adopts Expanded Regulations

Please join us for our next virtual session to discuss the newly adopted CCPA regulations—on September 30 from 12 to 1pm Pacific. In this session, our interdisciplinary team will discuss what the new regulations cover and what companies can do now to comply.

Click here to register.

CLE will be offered.

Baker McKenzie is pleased to invite you to an afternoon exploring strategy and risk in the year of the dragon.

Alongside industry leaders from Meta and Dayforce, this will be an interactive discussion exploring how businesses can harness the power and auspiciousness of the mythical dragon in building a comprehensive data, AI and cyber

It is an unprecedented time for California companies’ privacy law obligations. The California Privacy Rights Act (CPRA) took effect on January 1, 2023 with a twelve-month look-back that also applies to the personal data of employees and business contacts. The California Privacy Protection Agency recently finalized regulations and has kicked off a new phase of rulemaking including on

On October 30, 2023, President Biden issued a 63-page Executive Order to define the trajectory of artificial intelligence adoption, governance and usage within the United States government. The Executive Order outlines eight guiding principles and priorities for US federal agencies to adhere to as they adopt, govern and use AI. While safety and security are predictably high on the list, so too is a desire to make America a leader in the AI industry including AI development by the federal government. While executive orders are not a statute or regulation and do not require confirmation by Congress, they are binding and can have the force of law, usually based on existing statutory powers.

Instruction to Federal Agencies and Impact on Non-Governmental Entities

The Order directs a majority of federal agencies to address AI’s specific implications for their sectors, setting varied timelines ranging from 30 to 365 days for each applicable agency to implement specific requirements set forth in the Order.

The actions required of the federal agencies will impact non-government entities in a number of ways, because agencies will seek to impose contractual obligations to implement provisions of the Order or invoke statutory powers under the Defense Production Act for the national defense and the protection of critical infrastructure, including: (i) introducing reporting and other obligations for technology providers (both foundational model providers and IaaS providers); (ii) adding requirements for entities that work with the federal government in a contracting capacity; and (iii) influencing overall AI policy development.Continue Reading Biden’s Wide-Ranging Executive Order on Artificial Intelligence Sets Stage For Regulation, Investment, Oversight and Accountability

New York may soon restrict employers and employment agencies from using fully-automated decision making tools to screen job candidates or make other employment decisions that impact the compensation, benefits, work schedule, performance evaluations, or other terms of employment of employees or independent contractors. Draft Senate Bill 7623, introduced August 4, aims to limit the use of such tools and requires human oversight of certain final decisions regarding hiring, promotion, termination, disciplinary, or compensation decisions. Senate Bill 7623 also significantly regulates the use of certain workplace monitoring technologies, going beyond the notice requirements for workplace monitoring operative in New York since May 2022 and introducing data minimization and proportionality requirements that are becoming increasingly common in US state privacy laws.

While there is not yet a federal law focused on AI (the Biden administration and federal agencies have issued guidance documents on AI use and are actively studying the issue), a number of cities and states have introduced bills or resolutions relating to AI in the workplace. These state and local efforts are all at different stages of the legislative process, with some paving the path for others. For example, New York City’s Local Law 144 took effect on July 5, prohibiting employers and employment agencies from using certain automated employment decision tools unless the tools have undergone a bias audit within one year of the use of the tools, information about the bias audit is publicly available, and certain notices have been provided to employees or job candidates (read more here).

If enacted, Senate Bill 7623 would take things much further. Here are some of the most significant implications of the draft legislation:Continue Reading Check Yourself Before You Wreck Yourself: New York and Other States Have Big Plans For Employer Use of AI and Other Workplace Monitoring Tools

Since July 1, 2023, the California Privacy Protection Agency has the power to bring administrative enforcement actions under the California Consumer Privacy Act (CCPA) (see our post on California Privacy Law Action Items for Employers).

While a June 30, 2023 ruling by the Sacramento County Superior Court stays enforcement of the March 29, 2023

Implementation status and background to the directive 

The European Whistleblowing Directive (WBD) was supposed to be implemented by the European Union’s 27 member states by no later than December 17, 2021, impacting employers with operations in those jurisdictions.

One year on from this deadline, despite the European Commission (EC) commencing infringement procedures against those countries