Employee Surveillance Can Turn Your Office Dystopian If You Don’t Reciprocate Transparency and Security

No company wants to be known for treating its workers like robots. Yet that’s exactly what happened to Amazon. Obsessed with efficiency, the tech giant long ago decided to incorporate employee monitoring software into all aspects of its business. From observing Amazon drivers’ behavior while they’re on the road to tracking warehouse workers’ “time off task” to going so far as to hire private detectives to gather intelligence on striking workers in Europe. Unfortunately, regardless of their impact on productivity, these excessive monitoring practices have also branded Amazon as a terrible place to work in many corners.

Evidently, Amazon is feeling the heat. Earlier this year, the company announced that it would be changing its time off task metrics to make sure the system doesn’t penalize workers for going to the bathroom or talking to HR managers. And in California, Gov. Gavin Newsom signed a bill that will require Amazon and other similar companies to disclose any workplace productivity measures applied to California workers. This law goes into effect in January 2022.

With Amazon’s handling of employee monitoring in mind, it makes sense that many workers — and even employers — view employee tracking as invasive and abusive. Employee monitoring is frequently seen as something that benefits organizations and rarely the workers, who are increasingly working remotely.

So, should corporate surveillance software be relegated to the dustbin of failed work schemes? Not necessarily.

Equitable Employee Monitoring Has a Host of Benefits

Done right, monitoring how employees spend their time can be a significant boon for everyone in an organization. In general, equitable monitoring can provide benefits within three categories.

Wellness

Professional services firm PwC in 2020 asked if any of its employees were interested in wearing a smartwatch that would record their biometric data to see if sleep could affect performance. The project only had 1,000 spaces, but 2,000 employees signed up. Crucially, PwC made it clear that they would anonymize and aggregate staff data, with only the worker able to access their own data in its raw form. Just as importantly, employees who saw their heart rate spike received support services like medical assessments and counseling.

Productivity

From an HR point of view, employee monitoring can aid with attendance tracking, which can ease staffing issues, help deal with employee absenteeism and improve overall worker morale. After all, no one likes to feel like they’re putting in extra hours when their coworker is slacking off. By tracking employees, HR managers can also ensure objective performance reviews, rewarding hard-working individuals and teams and gauging possible training and development paths for workers that may be struggling. This can reduce employee turnover and improve employee retention. As evidenced in PwC’s program, HR can also use employee monitoring to determine employee wellness. Another benefit of employee tracking is automated payroll management, which frees up HR professionals’ time to focus on more important, human-centric tasks.

Cybersecurity

Monitoring can also improve an organization’s security by making it easier to catch some of the bad cybersecurity habits that employees can sometimes fall into. In an annual study conducted by Apricorn, over a third of IT decision-makers admitted that remote employees have knowingly put their organization at risk of a data breach. Crucially, more than half think that remote staff who have not yet put their organization in danger will do so in the future.

Most employees aren’t focused on cybersecurity. They’re there to do their jobs, not prevent attacks or breaches. Unsurprisingly, phishing scams and employee negligence continue to be among the biggest sources of corporate attacks.

On the other hand, in some cases, employees may purposely put their organization at risk. LockBit 2.0, a prominent ransomware-as-a-service outfit, is currently recruiting employees within corporate organizations to help them breach the businesses they work for in return for a handsome profit. For any disgruntled worker, taking down their employer while at the same time getting paid for it may seem like a no-brainer.

Today’s monitoring tools can give organizations a new layer of visibility into these kinds of threats and violations, allowing security awareness training to be rolled out when and where it’s most needed.

What Monitoring Cannot Do

Whether used for management, to improve cybersecurity or any other legitimate use case, employees can find benefit in being monitored.

However, they also need to know that monitoring is happening. Rather than silently installing what is effectively corporate spyware on employee devices, organizations should allow their staff to download monitoring software themselves. Employees also need to be told what exactly will be monitored (for example, web browsing and app activity) and when.

Perhaps most critically, organizations need to know that monitoring employees remotely does not equate to managing them. Some tools boast employee “coaching features” that promise to use AI to streamline management. Nevertheless, they should not be relied upon for making business-critical decisions.

When used to assess workforce dynamics, monitoring tools can be a powerful business aid. But if remote monitoring is used to single out employees, the impact on morale can be disastrous.

Organizational Risks From Employee Monitoring

While most business leaders are well aware that overly invasive employee monitoring can lead to negative PR or even a cultural crisis, they also need to understand that collecting employee data comes with increasing legal responsibility. Although no data protection legislation currently prohibits employee monitoring outright, various present and forthcoming laws place legal obligations on employers who collect employee data.

Under the GDPR, employees in the EU must be informed about any monitoring activities that may be taking place in their work environments and given an option to object to data collection and usage. In the EU, data collected from employees must also be protected from data breaches in the same way as customer data. Although no equivalent federal data privacy law exists in the U.S., California residents will soon gain similar, but not quite as stringent, protection from the CPRA.

Starting Jan. 1 2023, CPRA-impacted employers who expose employee personal information through data breaches may face fines of up to $7,500 per violation. Elsewhere, both in the U.S. and globally, similar laws are taking shape. Even if organizations are not affected by data protection legislation now, few employers can count on being immune forever from legal responsibilities regarding employee data. As a result, the only genuinely sustainable approach to monitoring employees is to minimize data collection as much as possible.

Four Steps to Sustainable and Secure Monitoring

Rushing to bridge the gap between the traditional office environment and the new remote or hybrid reality, employers may have thought it wise to start monitoring their work-from-home employees last year without much foresight. Today, however, making these efforts sustainable requires a different approach. Here are four key points that any organization that wants to continue monitoring their employees needs to consider:

1. First and foremost, every organization needs to bring employees into the conversation around monitoring from Day One.
2. Access to monitoring tools and the data they collect needs to be strictly controlled. Ultimately, any data collection must be foreshadowed by a strict usage plan that details how and when organizations will use this data and when it will be destroyed.
3. Rather than deploying monitoring as a broad solution, HR leaders need to identify useful analytical insights that monitoring could deliver. Similarly, they need to remain aware that monitoring can never provide a complete picture of employee behavior. Instead of using the data from monitoring tools to issue warnings whenever an employee does something “wrong,” violations should be used to help identify training opportunities.
4. Executives approving monitoring programs need to be aware of two things: a) the risks improper monitoring poses to their organization’s culture and b) the potential legal implications that poor data collection practices can have on their business. It is crucial that monitoring systems are designed accordingly, with success metrics built around improving outcomes rather than collecting “more data.”

Final Thoughts

Employee monitoring should never be the first tool an organization reaches for, regardless of the planned use case. Instead, it is best to see it as a last resort.

When other methods of gaining visibility into workforce behavior or managing compliance are not possible, employee monitoring solutions may have a role to play in an organization. However, even in cases when the reasons for doing so are clear-cut and justifiable, any business that monitors employees needs to be transparent about the process, aware of risks that come with the process and have a clear plan for what happens to the data collected.

Ultimately, sustainable and equitable employee monitoring has nothing in common with workplace spying.