The Agency offers a set of recommendations aimed at eradicating workplace harassment and gender-based harassment when these types of behaviours occur in the digital sphere through the use and processing of personal data.
Technological advances have led to changes in today’s society as new ways to shop, communicate and meet day-to-day needs have been developed, giving rise to new business ideas which may have been unthinkable just a few years ago.
Many sectors of the economy are faced with the need to reinvent themselves which is leading to a more digital and open society where entrepreneurs and start-ups are making efforts to experiment, innovate and launch onto the market solutions, products and services based on original and daring ideas that utilize the immense possibilities offered by new technologies.
However, the development of ICT and the spread of solutions that keep us hyperconnected also lead to new risks arising from the ease with which information becomes viral as well as the difficulty in removing it. All of this creates a new form of harassment that can be ongoing and long-lasting. This online violence can affect all sectors of the population in addition to the work environment. Irrespective of a company’s size and business model, employers are responsible for fighting it in order to guarantee their workers’ safety and physical, mental and emotional health.
As part of its Sustainability and Social Responsibility Plan and in line with United Nations Sustainable Development Goal 5 ‘Gender Equality’, the Spanish Data Protection Agency is firmly committed to fostering actions aimed at preventing, stopping and eradicating all types of digital violence through data harming people’s dignity, liberty and privacy. For this reason and with a view to helping companies adapt to complying with their obligations under data protection regulations, added to this material as one further dimension is a set of specific recommendations aimed at eradicating workplace harassment and gender-based harassment when these types of behaviours occur in the digital sphere through the use and processing of personal data in such manner that the victim’s privacy is affected.
These recommendations start with a commitment statement by the data controller to prevent and eradicate digital harassment so the company becomes aware of the risks involved with the Internet and ICTs as concerns these types of behaviours and encourages a culture of respect for people’s privacy as well as awareness on the job for personal data.
Once the company’s position regarding these types of behaviours is clear, it is essential to adopt specific measures aimed at preventing cyberharassment to avoid illegal processing of employee data by other employees. To this end, information and training are key: information on what types of behaviours are inappropriate when using new technologies and training for employees so they may become aware of the risks involved with illegal personal data processing when it comes to people’s privacy and intimacy and understand the criminal and administrative consequences which may be applicable.
Finally, besides prevention, it is important to implement measures aimed at eradicating digital harassment with a firm commitment by the company which should be presided by the obligation of cooperating with the competent authorities, setting up the mechanisms of action established in harassment prevention policies and developing special channels for handling harassment situations that arise involving illegal personal data processing.
You can find more information at the website on Help for victims of gender violence and digital violence, the recommendations published by the Spanish Data Protection Agency concerning the use of Data protection as a guarantee for harassment prevention policies and, for guidance, the Protocols of action against workplace harassment and actions against Sexual and gender harassment within the Spanish Data Protection Agency.