Oct
29

Employee Monitoring, Part 1: The Difference Between Monitoring and Surveillance

Employee Monitoring, Part 1: The Difference Between Monitoring and Surveillance

October 29
By

As of 2011, over three-quarters of all U.S. companies monitor their employees’ Internet use. PC World reporter Robert Strohmeyer summarizes the reasons behind the need to do so:

Time spent on frivolous websites can seriously hamper productivity, and visiting objectionable sites on company PCs can subject your business to serious legal risks, including costly harassment suits from staffers who may be exposed to offensive content…Either unintentionally or maliciously, employees can reveal proprietary information, jeopardizing business strategy, customer confidentiality, data integrity, and more. And, of course, unchecked web activity can expose your network and systems to dangers from malware and other intrusions.

And employee monitoring is legal. In a February 2014 blog post, monitoring services provider SpectorSoft writes:

Not only is it legal to monitor employees on their computers and online, there is no federal US law that requires employers to notify workers they are being monitored [emphasis mine]. So while it is a best practice to inform employees of the company’s right to monitor all activity on employee computers and disclose it in the employee handbook, companies are NOT required to do so in the US.

But just because you can monitor your employees’Internet use without legal repercussions doesn’t mean you should track every keystroke they make. I’ll discuss the practical reasons in my next post, but for now, let’s look at the ethical issues that crop up you monitor your team’s Internet usage.

When does monitoring cross the line?

According to Gartner security and risk analyst Andrew Walls, it is reasonable to monitor events on your company network to protect its assets and reputation. However, Walls differentiates between monitoring and surveillance, urging managers to consider the difference when putting together a monitoring policy.

Riva Richmond, who interviewed Walls for her Entrepreneur article 3 Tips for Legal and Ethically Monitoring Employees Online, paraphrases:

Surveillance, defined as tracking an individual’s activities, has “a creepy factor” that can cause pushback from employees, [Walls] says. Avoid such trouble by engaging only in focused surveillance of a person if you have well-founded suspicions of policy or legal violations and have the documented agreement of top managers and your attorney.

Richmond goes on to explain the ways in which surveillance, as defined by Walls, can lead to a host of potential pitfalls:

You could create a morale problem and hurt employee performance if your workers feel a distrustful Big Brother is lurking over their shoulders. You could inadvertently learn about people’s religion, sexual orientation, political views and medical problems, creating potential privacy dilemmas or even opening your firm up to discrimination lawsuits. And you could run afoul of the National Labor Relations Board if you discipline employees for making negative comments about you online. A year ago, [the NLRB] issued guidelines affirming employees’ right to discuss and seek to improve their working conditions, following a number of cases involving social media.

How do you determine whether you’re crossing the line from monitoring to surveillance? William Parent, a philosophy professor at Santa Clara University, lists six criteria for deciding whether invading an employee’s privacy is an ethically defensible action:

1. For what purpose is the undocumented personal knowledge sought?

2. Is this purpose a legitimate and important one?

3. Is the knowledge sought through invasion of privacy relevant to its justifying purpose?

4. Is invasion of privacy the only or the least offensive means of obtaining the knowledge?

5. What restrictions or procedural restraints have been placed on the privacy-invading techniques?

6. How will the personal knowledge be protected once it has been acquired?

In other words, scrutinizing an employee’s every move without reasonable cause can backfire, regardless of whether that employee signed her right away to privacy when she joined your company. If you believe you can and should monitor every email or personal bank transaction an employee makes while at the office, then your company has bigger structural problems than any amount of surveillance can catch.

In my next post, I will look at the practical reasons why Big Brother-style surveillance tends toward the problematic. Until then, please share your thoughts in the comments or on Twitter!

Photo credit: nolifebeforecoffee via Flickr