Worker monitoring: the rules change in December 2026

December feels a long way off until you notice it is six months, and six months in a business go by in the time it takes to sort out a couple of contracts and reshuffle a crew. The 2nd of December 2026 is the date by which every country in the Union has to have written the new platform work rules into its own law, and inside those rules sits a chapter that touches a lot more companies than realise it: the automated monitoring of the people who work for you. It is not just about couriers and the big digital platforms. It speaks to anyone running a system that gathers data on its workers and makes decisions off the back of it. If you are a British firm with crews operating in Europe, this is the market your teams live in, and the ground under them is moving.

The directive has been in force since the end of 2024, but until now it stayed a thing for specialists, a European text that seemed to have nothing to do with the van parked outside a site in Lyon or Rotterdam. Now it enters the phase that matters, the one where each state turns it into national law and someone has to enforce it. And here is the real shift, the one already showing up in 2026 inspections: regulators no longer ask only whether you have a legal basis to collect that data. They ask how intrusive the tool you use actually is. Having a lawful reason is no longer enough if the system you have set up watches people far more closely than the job requires.

It is a subtle reversal, but a heavy one. For years the question was “am I allowed to do this?”. Now the question becomes “do I really need to collect all of this?”. Belgium, Spain, Portugal and the Netherlands have already raised the bar on enforcement, and the direction is the same everywhere: reward whoever gathers little, aggregated, neutral to the behaviour of any single person, and penalise whoever surveils each action minute by minute. Put plainly for anyone with crews in the field, the old habit of “let’s log everything, you never know” is fast becoming exactly the thing not to do.

Work across borders and the rule shifts at every line on the map

The awkward part is that there is no single rule. The directive sets the principle, then each state drops it into its own frame, and that frame changes a fair bit the moment you cross a border. At home in the UK you are outside the directive itself, but UK GDPR and the ICO still set the bar for the British side of the operation, and the ICO has been blunt that monitoring has to be necessary and proportionate, not a fishing trip. Step into Germany and before you switch on any location system you go through the Betriebsrat, the works council, which has a real say over remote monitoring. In France certain processing has to fit the framework laid out by the CNIL. In Italy there is Article 4 of the Workers’ Statute and the Garante, which has already said very clear things about company GPS. Same underlying intent, four different routes, and woe betide anyone who muddles them.

For a business operating in two or three markets this turns into a small maze. You end up needing to know, country by country, which legal basis is accepted, what you have to declare before you start, which notice you owe the worker and how long you may keep the data. Slip up on one of those steps and it is no longer a formality: with the new rules and inspections growing sharper, that is the kind of carelessness that ends in a fine. To find your way without losing your mind we put together a country by country map of GPS worker monitoring across the EU, with the law that applies, the authority in charge and what you have to tell the employee, in plain words.

Compliance is not bought in December, it is built before

There is a temptation, faced with a deadline, to wait for the last moment and then sprint. With this one it does not work, for a practical reason: if the system you run today collects too much, in December a memo will not fix it. Either the tool was built to gather the bare minimum, or you are changing it. And changing it in a hurry, while the inspector is knocking, is the worst spot you can put yourself in.

The smart way to get there ready is to flip the order of things. Do not start from “how much can I log”, start from “what is the minimum I need to run the work and prove it if asked”. For anyone sending people into the field, that minimum is surprisingly small: where the shift started, where it closed, at what time, and a record of the visit when the work has to be demonstrated. All the rest, location taken continuously through the day, the lunch-break shadowing, not only is useless, it is precisely the kind of collection the new rules look at askance.

---

Gather little, and be able to prove it

That idea is what GeoTapp is built on. Location is taken only when you clock in and clock out of the shift, there is no continuous tracking, and once a session is closed it stays as it is. Which means you gather the minimum you genuinely need and, at the same time, you hold solid proof if a client disputes the work or an inspection asks you to account for it. Compliance, instead of being a weight to chase in December, becomes the way the tool is made from the very first tap. On top of that the device attests itself through Play Integrity and App Attest, and the photo can only come from the live camera, so what you keep is little but trustworthy.

The point, in the end, is that the new rules do not ask you to give up knowing what your crew is doing. They ask you to stop knowing what you do not need. It is a distinction that rewards whoever already worked cleanly and puts on the spot whoever hoarded everything out of habit. Which side do you want to be standing on, come the 2nd of December?