Workplace privacy

Last updated

Workplace privacy is related with various ways of accessing, controlling, and monitoring employees' information in a working environment. Employees typically must relinquish some of their privacy while in the workplace, but how much they must do can be a contentious issue. The debate rages on as to whether it is moral, ethical and legal for employers to monitor the actions of their employees. Employers believe that monitoring is necessary both to discourage illicit activity and to limit liability. With this problem of monitoring employees, many are experiencing a negative effect on emotional and physical stress including fatigue, lowered employee morale and lack of motivation within the workplace. [1] Employers might choose to monitor employee activities using surveillance cameras, or may wish to record employees activities while using company-owned computers or telephones. Courts are finding that disputes between workplace privacy and freedom are being complicated with the advancement of technology as traditional rules that govern areas of privacy law are debatable and becoming less important. [2] [3]

Contents

Workplace privacy of employees also involves privacy of using approved websites on firm computers without monitoring. Workplace privacy involves the employer putting in the effort to protect employee privacy from both within the firm and outside the firm.

Europe

There are two general directives on personal data protection and these apply to employees instead. The first being the (97/66/EC) which protects individuals as regards the processing of personal data and the free movement of such data. №2002/58 which amends 97/66/EC refers to the processing of personal data and the protection of privacy in the electronic communications sector. (‘Data Protection at Work’ by the European Commission).The second is EU Directive 95/46/EC on the protection of individuals with regards to the processing of personal data and on the free movement of such data limits and regulates the collection of personal information on individuals, including workers. Firms that monitor employees' use of e-mail, internet, or phones as part of their business practice without notifying employees or obtaining employee consent can be, in most cases, sued under Article 8 the European Convention on Human Rights. Although EU law is clear that e-mail interception is illegal, the law is not totally clear as to whether companies may prohibit employees from sending private e-mails. [4]

United States

There is no federal law in the US that requires employers to notify staff on being monitored and practically no expectation of privacy for an employee using the company's devices, but the Omnibus Crime Control and Safe Streets Act of 1968 provides some privacy protections for employees. See Omnibus Crime Control and Safe Streets Act of 1968 § Employee Privacy . The Electronic Communications Privacy Act extends protections to include email messages, cell phones and other electronic communications, however the act outlines important exceptions, such as the expressed intent of "legitimate business purposes." The scope of these exceptions has, in some cases, been a point of contention. [5] See Electronic Communications Privacy Act § Employee Privacy .

A 2005 survey of more than 500 U.S. companies found that over half of employers had disciplined employees and about one in four had terminated (fired) an employee for "inappropriate" use of the internet, such as sending an inappropriate email message to a client or supervisor, neglecting work while chatting with friends, or viewing pornography during work hours. [6]

The tools that are used for electronic surveillance are often caching proxy servers that are also used for web monitoring.

Canada

In R v Cole, [7] the Supreme Court of Canada ruled that

Computers that are reasonably used for personal purposes — whether found in the workplace or the home — contain information that is meaningful, intimate, and touching on the user’s biographical core. Canadians may therefore reasonably expect privacy in the information contained on these computers, at least where personal use is permitted or reasonably expected.

Full text of Supreme Court of Canada decision available at LexUM and CanLII

Australia

In Australia, only a few States have workplace surveillance laws. In relation to the Workplace monitoring Act of 2005 (NSW) s10, s12, an employer can monitor an employee’s computer usage only if there is a workplace policy noted for the monitoring, and the employees are notified that their computer activity is being monitored. [8]

United Arab Emirates

In United Arab Emirates, Employers have the right to monitor computers provided to employees for work provided employees are aware and agree to it, particularly when it involves personal data. If employees do not give consent, it is prohibited to monitor them even during working hours. (According to Federal UAE Laws; Constitution of the UAE (Federal Law 1 of 1971), Penal Code (Federal Law 3 of 1987 as amended), Cyber Crime Law (Federal Law 5 of 2012 regarding Information Technology Crime Control), and Regulating Telecommunications (Federal Law by Decree 3 of 2003 as amended)).

Russian Federation

Employee monitoring is legal in Russia. Art. 21 of the Labor Code of the Russian Federation requires employees to conscientiously perform labor duties assigned to them by the employment contract. In that same vein, Art. 22 of the Labor Code of the Russian Federation requires the employer to provide all the tools necessary for employees to execute their work duties, and the employer has the right to monitor work performance on these devices. That said, all parties involved in the monitoring process must be adequately informed of the monitoring and reasons. Monitoring company computers is legal and necessary in Russia. According to Art. 22 of the Labor Code of the Russian Federation, the employer must provide all the tools necessary for employees to perform their labor duties. In the modern workplace, computers are labor tools. Therefore, if the employer provides the computer, they have the right to control usage. That being said, the law requires an employer who monitors employees to create an atmosphere of transparency. The monitoring process has to be included in the employment contract and policies. Notably, the monitoring should be during working hours, and no personal information should be collected to avoid legal misunderstandings.

Economic theory

According to the Coase Theorem, an employer and an employee never agree to a contractual arrangement that would reduce the total surplus generated by the two parties together. Hence, when we observe workplace surveillance, then the costs (say, the worker's disutility caused by the loss of privacy) must be smaller than the benefit (say, the additional profit due to a reduction of shirking), because otherwise the parties would abolish surveillance (the worker would be willing to accept a smaller wage in exchange for more privacy, which would increase the employer's profit more than surveillance could do). However, the Coase Theorem holds only if there are no transaction costs. Schmitz (2005) has shown that in the presence of asymmetric information (leading to a moral hazard problem), the total surplus generated by an employer and an employee can be increased if workplace surveillance is prohibited by law. [9]

See also

Notes and references

  1. Katz, Lee Michael (2015-06-01). "Monitoring Employee Productivity: Proceed with Caution". SHRM. Retrieved 2020-10-25.
  2. Howstuffworks "How Workplace Surveillance Works"
  3. Electronic surveillance in the workplace
  4. Sylvia Mercado Kierkegaard (2005) Reading Your Keystroke: Whose Mail Is It? Lecture Notes in Computer Science, Publisher: Springer Berlin / Heidelberg, Volume 3592 / 2005, Chapter: p. 256
  5. "The Legal Risks of Monitoring Employees Online". Harvard Business Review. 2017-12-14. ISSN   0017-8012 . Retrieved 2021-04-16.
  6. Surfing the Web on the Company Dime : NPR
  7. Makin, Kirk. "Supreme Court rules employees have right to privacy on work computers". The Globe and Mail. Retrieved 3 March 2017.
  8. "Workplace monitoring and surveillance". OAIC. Retrieved 2021-02-26.
  9. Schmitz, Patrick W. (2005). "Workplace surveillance, privacy protection, and efficiency wages". Labour Economics. 12 (6): 727–738. doi:10.1016/j.labeco.2004.06.001. hdl: 10419/22931 . ISSN   0927-5371.

Related Research Articles

Computer and network surveillance is the monitoring of computer activity and data stored locally on a computer or data being transferred over computer networks such as the Internet. This monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals. It may or may not be legal and may or may not require authorization from a court or other independent government agencies. Computer and network surveillance programs are widespread today and almost all Internet traffic can be monitored.

<span class="mw-page-title-main">Hidden camera</span> Type of surveillance camera

A hidden camera or spy camera is a camera used to photograph or record subjects, often people, without their knowledge. The camera may be considered "hidden" because it is not visible to the subject being filmed, or is disguised as another object. Hidden cameras are often considered a surveillance tool.

<span class="mw-page-title-main">Mass surveillance</span> Intricate surveillance of an entire or a substantial fraction of a population

Mass surveillance is the intricate surveillance of an entire or a substantial fraction of a population in order to monitor that group of citizens. The surveillance is often carried out by local and federal governments or governmental organizations, such as organizations like the NSA, but it may also be carried out by corporations. Depending on each nation's laws and judicial systems, the legality of and the permission required to engage in mass surveillance varies. It is the single most indicative distinguishing trait of totalitarian regimes. It is also often distinguished from targeted surveillance.

Medical privacy, or health privacy, is the practice of maintaining the security and confidentiality of patient records. It involves both the conversational discretion of health care providers and the security of medical records. The terms can also refer to the physical privacy of patients from other patients and providers while in a medical facility, and to modesty in medical settings. Modern concerns include the degree of disclosure to insurance companies, employers, and other third parties. The advent of electronic medical records (EMR) and patient care management systems (PCMS) have raised new concerns about privacy, balanced with efforts to reduce duplication of services and medical errors.

<span class="mw-page-title-main">Omnibus Crime Control and Safe Streets Act of 1968</span>

The Omnibus Crime Control and Safe Streets Act of 1968 was legislation passed by the Congress of the United States and signed into law by President Lyndon B. Johnson that established the Law Enforcement Assistance Administration (LEAA). Title III of the Act set rules for obtaining wiretap orders in the United States. The act was a major accomplishment of Johnson's war on crime.

<span class="mw-page-title-main">Carnivore (software)</span> Electronic communication monitor used by the FBI

Carnivore, later renamed DCS1000, was a system implemented by the Federal Bureau of Investigation (FBI) that was designed to monitor email and electronic communications. It used a customizable packet sniffer that could monitor all of a target user's Internet traffic. Carnivore was implemented in October 1997. By 2005 it had been replaced with improved commercial software.

<span class="mw-page-title-main">Electronic Communications Privacy Act</span>

The Electronic Communications Privacy Act of 1986 (ECPA) was enacted by the United States Congress to extend restrictions on government wire taps of telephone calls to include transmissions of electronic data by computer, added new provisions prohibiting access to stored electronic communications, i.e., the Stored Communications Act, and added so-called pen trap provisions that permit the tracing of telephone communications . ECPA was an amendment to Title III of the Omnibus Crime Control and Safe Streets Act of 1968, which was primarily designed to prevent unauthorized government access to private electronic communications. The ECPA has been amended by the Communications Assistance for Law Enforcement Act (CALEA) of 1994, the USA PATRIOT Act (2001), the USA PATRIOT reauthorization acts (2006), and the FISA Amendments Act (2008)

Email privacy is a broad topic dealing with issues of unauthorized access to, and inspection of, electronic mail, or unauthorized tracking when a user reads an email. This unauthorized access can happen while an email is in transit, as well as when it is stored on email servers or on a user's computer, or when the user reads the message. In countries with a constitutional guarantee of the secrecy of correspondence, whether email can be equated with letters—therefore having legal protection from all forms of eavesdropping—is disputed because of the very nature of email.Morrison, Steven R. "What the Cops Can't Do, Internet Service Providers Can: Preserving Privacy in Email Contents". Va. JL & Tech.</ref>

Information privacy, data privacy or data protection laws provide a legal framework on how to obtain, use and store data of natural persons. The various laws around the world describe the rights of natural persons to control who is using its data. This includes usually the right to get details on which data is stored, for what purpose and to request the deletion in case the purpose is not given anymore.

Privacy law is the body of law that deals with the regulating, storing, and using of personally identifiable information, personal healthcare information, and financial information of individuals, which can be collected by governments, public or private organisations, or other individuals. It also applies in the commercial sector to things like trade secrets and the liability that directors, officers, and employees have when handing sensitive information.

Telephone call recording laws refer to the official legislation regarding call recording in different countries, including how or if the consent of parties is required beforehand.

Employee monitoring software is a means of employee monitoring, and allows company administrators to monitor and supervise all their employee computers from a central location. It is normally deployed over a business network and allows for easy centralized log viewing via one central networked PC. Sometimes, companies opt to monitor their employees using remote desktop software instead.

Employee monitoring is the surveillance of workers' activity. Organizations engage in employee monitoring for different reasons such as to track performance, to avoid legal liability, to protect trade secrets, and to address other security concerns. This practice may impact employee satisfaction due to its impact on the employee's privacy. Among organizations, the extent and methods of employee monitoring differ.

<span class="mw-page-title-main">Canadian privacy law</span>

Canadian privacy law is derived from the common law, statutes of the Parliament of Canada and the various provincial legislatures, and the Canadian Charter of Rights and Freedoms. Perhaps ironically, Canada's legal conceptualization of privacy, along with most modern legal Western conceptions of privacy, can be traced back to Warren and Brandeis’s "The Right to Privacy" published in the Harvard Law Review in 1890, Holvast states "Almost all authors on privacy start the discussion with the famous article 'The Right to Privacy' of Samuel Warren and Louis Brandeis".

Bourke v. Nissan Motor Corp., No. B068705, was a California court case in which the Second Appellate District Court of the California Courts of Appeal upheld the original decision of the trial court in favor of the defendant, Nissan Motor Corporation, against the charges of the plaintiffs, who alleged wrongful termination, invasion of privacy, and violation of their constitutional right to privacy, under the California constitution, in connection with Nissan's retrieval, printing, and reading of E-mail messages authored by plaintiffs.

Ontario v. Quon, 560 U.S. 746 (2010), is a United States Supreme Court case concerning the extent to which the right to privacy applies to electronic communications in a government workplace. It was an appeal by the city of Ontario, California, from a Ninth Circuit decision holding that it had violated the Fourth Amendment rights of two of its police officers when it disciplined them following an audit of pager text messages that discovered many of those messages were personal in nature, some sexually explicit. The Court unanimously held that the audit was work-related and thus did not violate the Fourth Amendment's protections against unreasonable search and seizure.

Computer surveillance in the workplace is the use of computers to monitor activity in a workplace. Computer monitoring is a method of collecting performance data which employers obtain through digitalised employee monitoring. Computer surveillance may nowadays be used alongside traditional security applications, such as closed-circuit television.

The Personal Data Privacy and Security Act of 2009, was a bill proposed in the United States Congress to increase protection of personally identifiable information by private companies and government agencies, set guidelines and restrictions on personal data sharing by data brokers, and to enhance criminal penalty for identity theft and other violations of data privacy and security. The bill was sponsored in the United States Senate by Patrick Leahy (Democrat-Vermont), where it is known as S.1490.

<span class="mw-page-title-main">Whistleblower protection in the United States</span>

A whistleblower is a person who exposes any kind of information or activity that is deemed illegal, unethical, or not correct within an organization that is either private or public. The Whistleblower Protection Act was made into federal law in the United States in 1989.

Indiscriminate monitoring is the mass monitoring of individuals or groups without the careful judgement of wrong-doing. This form of monitoring could be done by government agencies, employers, and retailers. Indiscriminate monitoring uses tools such as email monitoring, telephone tapping, geo-locations, health monitoring to monitor private lives. Organizations that conduct indiscriminate monitoring may also use surveillance technologies to collect large amounts of data that could violate privacy laws or regulations. These practices could impact individuals emotionally, mentally, and globally. The government has also issued various protections to protect against indiscriminate monitoring.