European Restructuring Monitor (ERM)
Eurofound's ERM database on restructuring-related legal regulations provides information on regulations in the Member States of the European Union and Norway which are explicitly or implicitly linked to anticipating and managing change.
Data Protection Act (Act XX of 2018, Chapter 586 of the Laws of Malta); Articles 32 and 41 of the Constitution of Malta (1964)
LAST UPDATE 2023 - THIS CONTENT WILL NOT BE UPDATED
There is no law specifically on employee monitoring in Malta. It therefore falls under the Data Protection Act (Act XX of 2018, implementing the GDPR, Regulation (EU) 2016/679), with privacy also being constitutionally protected. The employee's consent is not usually considered sufficient justification for employee monitoring, because the power imbalance in the employer-employee relationship compromises the employee's ability to freely grant such consent. A Data Protection Impact Assessment is required for employee monitoring, including for purposes of evaluating the employee's performance at work; if risks to the ‘rights and freedoms of data subjects’ (GDPR, Art. 35) remain in the processing operation, the Information and Data Protection Commissioner must be consulted.
Disputes relating to dismissals on the basis of claimed breaches of privacy have come before the Industrial Tribunal. The responsibility for monitoring and enforcing the GDPR and the Data Protection Act lies with the Office of the Information and Data Protection Commissioner (IDPC), as the national supervisory authority and regulatory body. The Information and Data Protection Appeals Tribunal decides cases relating to the monitoring of employees and the use of employees’ personal data, and hears appeals from the decisions of the Office of the Information and Data Protection Commissioner.
Under Article 20 of the Data Protection Act, the IDPC may impose an administrative fine for violations, by order in writing.
The decision usually involves a balancing of the employer's legitimate interest and the employee's right to privacy. For example, IDPC’s Data Protection Guidelines for Banks (2018) specify (in line with Article 29 of the Data Protection Working Party’s Opinion 2/2017, adopted 8 June 2017), that employers should consider whether any processing operation in relation to employees’ use of technologies is: necessary; fair; proportionate; and transparent (p. 10).
In August 2019, the bank HSBC was fined €5000 by the IDPC, in a case where a bank employee's personal data was being monitored. HSBC had investigated the employee’s bank account and social media posts without the employee’s consent and without notifying the employee, to find out whether the employee (an active trade unionist) was receiving another salary for part-time work, which they suspected was being undertaken in breach of the conditions set out by the bank. The Information and Data Protection Commissioner found in favour of the employee in relation to the scrutiny of his bank account, noting that the bank had abused its position of power and access, and saying that the access ‘exceeded what would generally be expected in the conduct of a relationship between a bank and an account holder.’ The processing was found to be outside lawful grounds, and the purpose for which the data was accessed was found to be in violation of the Data Protection Act. No violation was found in relation to the monitoring of social media posts, since these were available to the group and the bank was found to have a legitimate interest in them, because of disputes between the employee and the bank that were ongoing at the time (Agius, 2019).
Eurofound (2023), Malta: Employee monitoring and surveillance, Restructuring legislation database, Dublin, https://apps.eurofound.europa.eu/legislationdb/employee-monitoring-and-surveillance/malta
This Eurofound research paper explores key trends in restructuring in recent years, highlighting the companies that announced the largest job losses and job gains in the EU. It builds on an analysis of company announcements recorded in Eurofound’s European Restructuring Monitor (ERM), alongside a new classification of restructuring events involving changes in company location.
:quality(80))
Employers increasingly use tools such as email, SMS and messaging apps like WhatsApp or Signal to communicate with employees. While these technologies offer both efficiency and convenience, their use in communicating sensitive information, particularly for notifying employees of dismissal, raises legal concerns. This article explores the legal framework on dismissals across the EU, with a special focus on the use of digital means for communicating employment dismissals. Drawing on examples from various Member States, it examines the legal validity of digital dismissals.
:quality(80))
In 2023, thousands of workers in big tech lost their jobs. Meta, Amazon, Google, Apple, Microsoft and Salesforce had been considered to offer good and secure jobs up to this point. Giants of the information and communication technology (ICT) sector, these companies are among the highest paying, with Eurostat data from 2022 indicating that workers in ICT had the second-highest median gross hourly earnings (surpassed only by earnings in the financial sector).[1] These layoffs were a shock, especially as the biggest companies had hired extensively during the COVID-19 pandemic. What happened in the two years after this redundancy wave – was that the end of the cuts or did the companies start expanding again?
:quality(80))
In 2024, the automotive sector in the EU came to the fore in public and policy discussions. The focus was on the slowdown in electric vehicle (EV) sales, rising global competition, belated investments in new technologies, and the potential closure of production lines in Europe. A number of European car manufacturers and suppliers announced their intention to make large-scale redundancies and change long-standing collective agreements on job security and wages, while workers raised concerns amid demonstrations and industrial action.
:quality(80))