Privacy. That is a quality that has strongly eroded in our time. We see the word more and more often in the newspaper and on television, yet we have less and less privacy. George Orwell would turn around in his grave if he knew what governments, organizations, and companies know about us.

Data storage does not cost anything anymore. Almost all information is consequently stored for future use. We are being watched and wiretapped everywhere. At the same time, we expose ourselves in detail on YouTube, Facebook, and LinkedIn. We use WhatsApp until we drop. As often in life, it does not happen to us, we do it to ourselves. As a consequence, we have been swallowed by the Privacy Monster. The ladies ’Safety’ and ’Commercial Interest’ are the two holy cows that pull the cart carrying the throne of the Privacy Monster. And we all follow like sheep.

Corporate governance and privacy, how does it work? The Privacy Monster also wanders around the business community with a wide-open mouth. We will only discuss the boardroom here. The Management Board and Supervisory Board do not just face any Privacy Monster. There is even a two-headed monster wandering around here! On the one hand, the number of rules to protect the privacy of employees and clients increases, subject to sanctions and liability. On the other hand, you are expected to collect sufficient information on your employees, clients, and even on your managing directors and supervisory directors, so that you know exactly who you are dealing with. How to combine these seemingly contradictory requirements without being crushed in the mouths of the monster?

Lawyers have developed an interesting principle for this purpose. It is the principle of proportionality. You have to adjust the intensity and power of your actions and measures to the weight of the matter, the gravity of the possible consequences if you do not take measures, and with due observance of the qualifying interests. A measure can never be harsher than necessary to achieve the intended goal. An example from criminal law: for a relatively minor offense, for instance driving a car without a driver’s license, a reasonable penalty is imposed instead of life in prison. Drunk driving can have much more serious consequences than driving without a driver’s license. Therefore, a more severe punishment is appropriate.

The same applies in the boardroom. Proportionality. You cannot spy on your staff or install cameras if this is not functional. Moreover, you have to be transparent about it, in principle. So you can install cameras next to the cash register and next to the safe, but no cameras in the canteen. Yet, it is allowed in the canteen of a prison. Listening in unnoticed is not allowed, but a tape recording of a telephone conversation announced in advance is. You are allowed to collect information on the background of your staff from the persons concerned themselves. Collecting it from others without their knowledge is quite easily inappropriate and consequently not allowed. Collecting information from the Internet is allowed, for it is public. And once you have this information, you have to handle it carefully. So it has to be treated confidentially. Moreover, by law this information cannot simply be shared with third parties.

The Management Board is responsible for making proportional choices in case of such dilemmas. The Supervisory Board has to verify whether the company has a privacy policy, and if so, whether it is adequate and observed. If not, at some point all parties involved will inevitably be bitten hard by the Privacy Monster. So put it in its cage.

Do you have a question about corporate governance yourself? Please e-mail it to and perhaps your question will be discussed in the next blogpost!