The accelerated digital transformation of the labour market, driven notably by the COVID-19 pandemic, has brought remote work to the forefront of socio-economic and legal debate across the European Union. While remote and hybrid models of work offer flexibility and new economic opportunities, they also present profound legal challenges that test the adaptability of EU law, particularly in light of the Union’s foundational commitment to fundamental rights and the rule of law. 

​

One of the most pressing legal concerns relates to digital surveillance and data protection. Employers increasingly resort to monitoring software, algorithmic management tools, and AI-driven analytics to evaluate productivity, attendance, and even behavioural patterns of employees working from home. These practices directly engage Article 8 of the Charter of Fundamental Rights of the European Union (CFR) (the right to protection of personal data) and must comply with the principles enshrined in the General Data Protection Regulation (GDPR), including lawfulness, transparency, purpose limitation, data minimisation, and accountability.

​

However, in practice, many employees are subjected to opaque monitoring systems that fail to guarantee meaningful consent or provide sufficient safeguards against disproportionate data processing. The GDPR’s reliance on consent in the employment context is especially problematic, given the imbalance of power between employer and employee. The principle of proportionality, further reinforced by Article 52(1) CFR, becomes crucial in assessing the legality of such surveillance mechanisms. Additionally, Article 1 CFR, which recognises human dignity as inviolable, is potentially undermined in work environments governed by constant algorithmic oversight.

​

Another critical issue is the absence of harmonised legislation regarding the “right to disconnect”. While some Member States, such as France (Loi n° 2016-1088), Spain, and Belgium, have enacted specific laws establishing this right, many others rely solely on collective agreements or voluntary policies. This fragmented approach creates a normative gap and exacerbates inequalities between workers within the internal market, conflicting with the EU’s objective of upward social convergence under Article 151 TFEU. The lack of uniform standards also hinders legal certainty and the effective enforcement of labour rights in cross-border remote work arrangements.

​

In parallel, the cybersecurity dimension of remote work raises substantial concerns about employer liability and regulatory consistency. The NIS2 Directive and sectoral digital obligations impose duties on employers to ensure the integrity of remote infrastructures. Nevertheless, in cases of data breaches or system failures, the attribution of responsibility remains legally complex, particularly when personal devices or insecure networks are used. Furthermore, existing national labour laws vary significantly in terms of employer duties regarding occupational safety in digital contexts, revealing a need for a more integrated EU legal approach.

​

Remote work also brings to light the persistent digital divide, with direct implications for the principle of equality before the law (Article 20 CFR) and non-discrimination (Article 21 CFR). Socio-economic disparities, such as limited access to high-speed internet, digital devices, or appropriate home environments, impact not only productivity but also the realisation of fair and dignified working conditions. The uneven distribution of digital literacy and infrastructure across regions and social groups threatens to deepen structural inequalities within the labour market, undermining the EU’s cohesion objectives.

​

From a normative perspective, the legal challenges of remote work cannot be fully addressed through sectoral reforms or soft law instruments alone. Instead, this article argues for the development of a coherent, rights-based EU legal framework that integrates labour law, data protection, and digital rights in a unified manner.

 

This may involve:

• the adoption of binding EU legislation on the right to disconnect;

• enhanced guidance from the European Data Protection Board (EDPB) on lawful monitoring practices;

• and the promotion of minimum digital infrastructure standards, especially for vulnerable workers.

​

Ultimately, safeguarding rights in the context of remote work is not merely a matter of regulatory compliance, but a test of the EU’s capacity to uphold the rule of law in a rapidly evolving technological landscape. Ensuring that digital transformation respects human dignity, equality, and legal certainty is essential to maintaining the legitimacy of both EU governance and national legal systems in the digital age.

​​​​​​​​​​​​​​​​​​