This technical guidance from the Equality and Human Rights Commission (‘EHRC’) sets expectations and best practice for eliminating and dealing with harassment in a post #MeToo world. It offers clarity and detail on issues ranging from legal obligations to carrying out investigations. The previous EHRC guidance on this topic was just six pages long, so the fact the new version stretches to over 80 pages shows the seriousness with which the issue is taken nowadays.
In the context of research showing how harassment remains prevalent and often goes unreported, the guidance puts the onus on employers to be more inquisitive about what is going on in their workplaces, rather than simply having policies and dealing with complaints. It also aims to reflect the modern world of work, with references to social media harassment, power abuse, the General Data Protection Regulation (‘GDPR’) and the availability of new online reporting systems. While the main focus is on sexual harassment, the guidance covers all the forms of harassment that are unlawful under the Equality Act 2010.
Much of the guidance explains the legal tests for different types of harassment and victimisation and when employers can be liable for these, using many examples. A couple of areas that are particularly worth noting are set out below.
The reasonable steps defence
An employer is not liable for harassment committed by a worker in the course of his or her employment if it can show it took all reasonable steps to prevent the harassment. The guidance emphasises that the steps must be taken before the harassment happened, although how an employer responds to a complaint may help to show that the issue is taken seriously. The guidance says that an Employment Tribunal (‘ET’) may expect an employer to have taken a certain step even if it would not have prevented the harassment in a particular case. It also points out that a step which is likely to be effective in preventing harassment might be reasonable even if it is expensive, time-consuming or troublesome, using the example of training all managers on an anti-harassment policy.
Harassment by third parties including clients
The guidance acknowledges that there is currently no explicit legal duty to prevent third-party harassment (its re-introduction is currently under consultation). However, the guidance is emphatic in saying that employers can be liable for third-party harassment under various other legal provisions. These include: indirect discrimination, where a policy of failing to deal with such issues particularly disadvantages women; direct discrimination, if complaints by some groups are treated differently from complaints by other groups; and constructive unfair dismissal claims. The guidance is also clear that employers should in any event be doing what they can to tackle this issue.
Steps employers are expected to take
The guidance goes on to explain the practical steps that the EHRC thinks employers should be taking or at least considering. Some of the notable recommendations are set out below.
Social media and other out-of-work scenarios
Employers should discipline employees for harassing colleagues on social media. Policies should cover this, and should also say that employees can be disciplined for any out-of-work harassment that calls into question their suitability to carry out the role.
Be careful what you say about malicious complaints
Warning that policies too often overemphasise malicious complaints, the guidance says it must be clear that workers will not be disciplined just because their complaint is not upheld. They should only face disciplinary action if it is found both that the allegation is false and was made in bad faith (that is, without an honest truth in its belief).
Be transparent about outcomes
Employers should take steps to ensure they can tell complainants about the outcome of their complaints, even though this may involve disclosing personal data about the accused. Privacy notices and other documents may need reviewing to cover the disclosure of disciplinary outcomes.
Policies should cover overseas sites, subject to local law.
Publish policies on your website?
Employers should at least consider publishing their policies on their external-facing website (for easier access and to make a public commitment about eliminating harassment).
The guidance recommends that employers create a GDPR-compliant central record of all harassment complaints in a level of detail that allows trends to be analysed.
Employers should proactively seek to be aware of what is happening in the workplace, scanning for warning signs and carrying out regular staff feedback surveys.
Employers should consider setting up reporting systems which allow anonymous reports to be made. Such systems could: capture complaints that would otherwise go unreported; encourage complainants to come forward; and allow some form of action even if full investigation is not possible (due to the anonymity of the complainant).
Investigate complaints, even historic ones
The guidance includes detail on how to carry out investigations. It also tackles the issue of historic complaints (a key issue thrown up by #MeToo) saying that employers should investigate them rather than assuming they can’t find evidence because the events occurred a long time ago.
Train your workers
Employers should train all workers in the different types of harassment and victimisation and ensure the training is refreshed at regular intervals, including on how to address third-party harassment where applicable.
Employers should make sure there are trained workers who can support a complainant through the process of making a complaint. These could be members of the HR team or may be nominated ‘guardians’.
Employers should reflect on where the power imbalances fall within their organisation and consider what they might do to address this.
Carry out a sexual harassment risk assessment
This is an important new feature of the guidance, advising that existing risk-management frameworks traditionally used in the workplace health and safety context could be used for this process. (Indeed, the risk of sexual harassment should arguably already be part of a health and safety risk assessment.) Assessments should identify the risks and the control measures identified to minimise the risks. Risk factors may include, for example: power imbalances; job insecurity; lone working; the presence of alcohol; customer-facing duties; particular events that raise tensions locally or nationally; lack of diversity in the workforce; and workers being placed on secondment.
Use in legal proceedings
While the new EHRC guidance is not legally binding, it can be taken into account by ETs and used by claimants in evidence. We anticipate it will be referred to regularly in harassment claims. It is also laying the groundwork for a new statutory Code of Practice, which we expect to be published in draft for consultation sometime this year. The Code is likely to mirror the content of this guidance in many respects, but will have greater legal force. Employers would be well advised to start preparing by benchmarking their current approach to harassment against the guidance.