Last month the Irish regulator – the Data Protection Commission (DPC) – published a new guidance note on data protection in the workplace. In it, the DPC acknowledged that “organisations have a legitimate interest in protecting their business, reputation, resources and equipment” and may decide to monitor staff use of the internet, email and telephone. But, it stressed, “the collection, use or storage of information about workers … involves the processing of personal data and, as such, data protection law applies.” It also pointed out that individuals have a right to private life at work under the European Convention on Human Rights.
So called ‘bossware’ is becoming widespread in workplaces around the world. According to Gartner, 60% of employers with more than 200 workers in the US use employee productivity monitoring technologies. Another study found almost nine in 10 employers terminated workers after implementing monitoring software. More than one in 10 (14%) remote employees are unaware they’re being monitored.
The DPC isn’t the only body to try and temper such surveillance. Last October, the UK’s data protection regulator, the ICO published 54 pages of draft guidance on monitoring at work aimed at employers. Also in October 2022, a remote worker in the Netherlands won a case against his US-based employer, which fired him because he refused to keep his webcam running while working. The Dutch court ruled his rights had been breached and ordered the company to pay €75,000.
In the US, employers in New York, Connecticut and Delaware have to give employees notice if they’re monitoring email, internet usage or telephone conversations. And in February 2023, Senator Bob Casey and other Senate Democrats introduced the Stop Spying Bosses Act, which aims to protect workers from intrusive employer surveillance “on and off the clock”.