Bank was wrong to refuse information request
Under the Data Protection Act 1998, an employee can request information which identifies and is personal to them, held by their employer.
A recent case in the East London Employment Tribunal held that a dismissal was unfair as the employer failed to investigate an employee's defence that her conduct was condoned by senior management, and that the employer's refusal to respond to her Subject Access Request clearly affected her ability to defend her actions.
Ms McWilliams was a foreign exchange trader at Citibank NA's London office. As part of her role she was required, at times, to use Bloomberg online chat rooms to communicate with traders at other banks. In and around January 2013, in view of concerns about possible Libor manipulation, Citibank NA prohibited such chats. On January 30, 2014, Ms McWilliams was informed her chats would be investigated and she was suspended on March 11, 2014, pending a disciplinary hearing.
On March 26, 2014, she made a Subject Access Request (SAR) under the Data Protection Act 1998 for all data stored or processed by Citibank NA relating to her.
She named 25 individuals whose communications were included within the scope of her request, several of whom were within her direct management chain.
Citibank NA refused to respond to the request on the ground that it was disproportionate.
Ms McWilliams provided 38 search terms, many of which were directly relevant to the disciplinary issues - for example, 'chat room', 'FX scandal', 'misconduct' and 'discuss'.
However Citibank NA still refused to respond, maintaining that the request was unreasonable.
Ms McWilliams stated that she was not able to respond to the disciplinary allegations about various chats without this information and, in June 2014, she wrote to the Information Commissioner's Office in relation to the matter.
Ms McWilliams was dismissed for gross misconduct in September 2014 and at the same time the Financial Conduct Authority provided an outcome of its investigations that Citibank NA's guidance on chat rooms was not specific and did not explain in sufficient detail the types of communications that it considered unacceptable.
Ms McWilliams appealed her dismissal. It was not upheld and she issued proceedings for unfair dismissal and wrongful dismissal.
The Tribunal held that the decision to dismiss "fell outside the band of reasonable responses" because it had considered Ms McWilliams' conduct in isolation and should have considered the fact that the chat rooms of the sort that she had engaged in were condoned by senior managers.
The Tribunal stated that the employer had unreasonably treated her arguments as attacks on others rather than evidence as to the context of her own conduct. It had been Ms McWilliams' position that she had committed breaches of confidentiality obligations but had genuinely believed that it was permissible as her line managers and colleagues had been doing likewise.
The Tribunal went on to hold that Citibank NA's conduct in connection with the Subject Access Request in this case was unfair and "materially affected" her ability to set out fully her response to the allegations at the disciplinary hearing.
It did however state that she contributed to her dismissal by her own conduct and that this would also be dealt with at the remedies hearing.
The Tribunal specifically commented that while employee requests for information under the Data Protection Act 1998 may sometimes be "little more than a fishing exercise", that was not the case in this scenario. Even if her SAR had been unduly excessive, Citibank NA did not even attempt to supply documents which would be on a proportionate basis and limited to the disciplinary hearing.
Employers should always seek professional legal advice in dealing with disciplinary matters and matters relating to the Data Protection Act 1998 to avoid costly and time-consuming litigation.
Maxine Orr is a Partner specialising in employment law in Worthingtons Commercial Solicitors Belfast. For more information, call 028 9043 4015