employee-monitoring-dpia

Installation
SKILL.md

Employee Monitoring DPIA

Overview

Employee monitoring represents one of the highest-risk processing activities under GDPR because it combines multiple EDPB WP248rev.01 risk factors: systematic monitoring (criterion 3), data concerning vulnerable data subjects — employees are explicitly classified as vulnerable due to the inherent power imbalance in the employment relationship (criterion 7), and often innovative technology (criterion 8). The European Data Protection Board's Guidelines 3/2019 on processing of personal data through video devices and the Article 29 Working Party's Opinion 2/2017 on data processing at work establish that any employee monitoring system requires a DPIA under Art. 35(1) GDPR before deployment.

This skill provides a structured DPIA methodology tailored specifically to employee monitoring scenarios, incorporating the proportionality framework from Barbulescu v Romania (Grand Chamber, ECHR, Application No. 61496/08, 5 September 2017) and national supervisory authority guidance from the CNIL, ICO, and German Federal Commissioner for Data Protection.

DPIA Trigger Analysis for Employee Monitoring

Why Employee Monitoring Always Requires a DPIA

Employee monitoring meets at least three of the nine EDPB WP248rev.01 criteria:

Installs
10
GitHub Stars
187
First Seen
Jun 9, 2026
employee-monitoring-dpia — mukul975/privacy-data-protection-skills