How can a manager keep an eye on staff without overstepping the mark? Cameron Cooper looks at the options and the impact on staff who feel that they are being spied upon.
Video cameras in toilets, software monitoring staff email, and satellite tracking of workers’ movements in vehicles: at first glance, it seems that Big Brother – the George Orwell version, not reality TV’s – may be invading the workplace.
What is the legal status, however, of workplace surveillance measures? And what are the rights of employers and staff?
Much of the debate around office spying emanates from New South Wales (NSW) following last year’s release of the Workplace Surveillance Act, which updates old video surveillance legislation and includes new forms of monitoring such as email “snooping” and global positioning system tracking of workers. Under the laws, companies can face fines of $5500 if they do not warn their employees of surveillance measures.
While controversial, the NSW blueprint is being monitored in states such as Victoria, South Australia and Queensland, and is likely to provide the core of future moves towards consistent nationwide rules on surveillance. The NSW laws address three major areas:
- Overt surveillance: employers must give staff at least 14 days’ prior notice of surveillance, while new employees have to be notified before they start work. The kind of surveillance (camera, computer or tracking), how it will be carried out, and whether it will be continuous or intermittent must be revealed.
- Covert surveillance: this is unlawful except when the employer has gained authority from a magistrate. This is usually possible only in cases where the employer is trying to establish if staff is involved in unlawful activity while at work.
- Specific prohibitions: these outlaw surveillance of employees in change rooms, bathrooms or toilets. A company cannot deploy a work surveillance device if a staff member is not at work.
Listen to the unions, and they will say there has been a massive rise in the number of workplaces that spy on their employees.
Australian Workers’ Union National Secretary Bill Shorten has argued that workplace surveillance is spiralling out of control, telling the media: “We’re not slaves if we’re workers, we’re not owned by our employers.”
Estimates suggest up to 80 per cent of the Australian workforce is subject to some sort of surveillance. In NSW alone, about 360,000 of a total of 400,000 workplaces are thought to be conducting some form of monitoring in offices.
Peter Croft, Managing Director of Clearswift Asia-Pacific, which provides content security software for email and web users, works with many of Australia’s largest corporations on IT system protection.
Clearswift, like some other proprietary systems, uses software that sits on the email gateway and checks emails for size, attachments and key phrases that may cause alarm. Sophisticated software programs can distinguish contextually, for instance, between the sexually explicit use of the word “breast” and terms such as “breast cancer”.
Croft believes there has been a degree of hysteria around privacy concerns and the new NSW Act. He says the legislation simply allows for smart organisations to protect their IT systems from spam, virus and phishing attacks. The key for bosses is to be upfront with staff about surveillance measures.
“You should be telling your employees what things will and won’t land them in hot water,” Croft says.
For staff, this means taking basic precautions such as not swearing or being abusive in emails, avoiding written harassment of others and, of course, resisting the temptation to download and display sexist, racist or pornographic material from the internet.
Croft acknowledges, however, that there are some murky areas around the Act, such as the use of work laptops at home.
“That’s a question mark, but certainly in the black and white areas, where you are sitting at your desk using a company laptop, using company-provided bandwidth and company-provided software and you are sending a personal email, then as long as you have been told that emails will be monitored, the company is completely within its rights.”
Far from being overly intrusive, Croft suggests that organisations should be going even further to protect their intellectual property.
The NSW legislation comes amid growing concerns in some sectors over staff privacy. Stories of the misuse of surveillance make great fodder for newspaper headlines and television current affairs shows.
Last year, baggage handlers hit out at moves to secretly monitor their movements with hidden cameras. This was allegedly part of a Federal Government push to allay concerns over the involvement of airport staff in drug smuggling. There are complaints from nanny agencies that parents are using covert surveillance to spy on babysitters (wall clocks with cameras and teddy bears with cameras typically cost $400 to $600). And last year, 500 Blacktown Council workers in western Sydney walked off the job after managers were allegedly caught spying on staff, including monitoring workers on their picnic day.
Despite such cases, Peter Arthur, Partner and Head of the Workplace Relations Group at law firm Allens Arthur Robinson, believes the NSW legislation strikes the right balance between protecting the security of employers and the privacy of staff.
“My view is that the legislation is a fair balance,” he says. “I don’t think that it places an unreasonable burden on employers.”
Arthur says ongoing email surveillance is occurring at most corporations through software defences, and that “adequate notification” of such practices is required. He says “best practice” dictates that a box alert appears on screen each morning advising staff of the company’s surveillance policy.
“My feeling is that most employees would know that there is a real possibility that their email traffic from work could be the subject of scrutiny.”
With covert video surveillance, for example, Arthur says the NSW Act requires a magistrate “to put a great deal of weight in the interests of privacy”.
However, he concedes there is a grey area in the Act in that it does not specifically define surveillance. Allens Arthur Robinson argues such a definition should refer to an “ongoing process” of surveillance and exclude a one-off downloading of an employee’s documents to check if there is evidence of fraud.
“In my opinion the investigation of a one-off occasion of the employee’s records would not fall within the scope of the Workplace Surveillance Act,” Arthur says. “That situation has not been made clear either by the courts or by the NSW Act itself.”
Nevertheless, Arthur agrees that NSW is leading the way in updating surveillance laws and suggests it is advisable for such measures to be adopted across the nation.
“It’s always desirable because so many companies operate across the country with different state jurisdictions. The standardisation of rules has to be a good thing. It just increases the cost of business operating in Australia if every time they want to do something they have to consult four or five different systems of law.”
Not surprisingly, New South Wales Attorney-General Bob Debus has trumpeted the changes in his state and claims they protect privacy.
Anna Johnston, the Chair of the Australian Privacy Foundation, is less enamoured, saying the NSW legislation offers a “hollow promise” of protecting the rights of workers.
Johnston is disappointed that there are no requirements in the Act for employees to agree to be under surveillance; rather, it merely calls on employers to tell their staff that surveillance will occur.
She believes the legislation is stacked in favour of bosses, “particularly when new employees join an organisation that already has surveillance, it’s kind of like it or lump it”.
Yet she agrees that some surveillance measures are necessary.
“We are privacy advocates but not privacy zealots,” she says. “We realise that privacy is not an absolute value – it must be balanced against other values and other interests such as law enforcement and public safety.”
The most important concerns for Johnston are determining who assesses surveillance material in the first instance (“Is it just some junior person working in IT who makes this call?”), and what happens to that material in the long term (“That’s not often spelt out in nearly enough detail”).
She also argues that aggrieved staff have few avenues of complaint.
“All the Act does is say, oh well, the employer has committed an offence. All the employee can do is take it to the police and ask the police to prosecute the employer.”
That can also be unfair, Johnston says, on employers who innocently make a minor error of compliance that could result in a conviction.
“That’s one of our concerns. There’s no middle ground,” she adds.
As the NSW reforms take hold, the push is on for greater national consistency of surveillance laws. The Australian Law Reform Commission is reviewing the Federal Privacy Act, and new legislation is likely to consider emerging issues such as workplace drug and alcohol testing.
In the meantime, the emphasis is on ensuring that employers do not overstep the mark when spying on staff.
Claudio Venegas, a solicitor at Access Business Lawyers, a law firm specialising in workplace laws, says a clear line of communication is crucial with new staff and existing workers.
“And it means that for existing employees all they have to do is give them a rundown of the office policy, keep copies of that policy and make sure the employees understand the policy.”
With camera surveillance, Venegas says the emphasis is on deterrence. The NSW bill requires that cameras be clearly visible to staff and that clear signage be erected informing workers that such cameras exist.
“The aim of the act is complete transparency,” he says. “So if you suspect somebody is putting their hands in the till you put a camera in, you put up the signs. It’s a commonsense approach. It would be ridiculous for an employee to continue to take money out of the till after being given notice that they are being watched.”
In terms of the rights of staff to access surveillance material, Venegas believes employers have a moral duty to agree to any staff requests.
“It would be good practice for an employee to ask for that if he or she feels there [has been] a breach of the Act,” he says. “The employer would have to have a very good reason not to disclose that to an employee.”
Checks and balances
Aaron Sault, Director of IT business solutions company PlanTec, with his business partner in Queensland, jointly oversees 30 staff across New South Wales, Queensland and Victoria. While Sault has never felt the need to monitor his staff closely he is aware of industry colleagues who have had to “set traps” for dishonest employees.
“There have been instances where both permanent and contract staff have been accepting money on the side and it did go under the radar for quite a while. Employers expect that the integrity of their employees is genuine after the interview and hiring process. But many employees take advantage of their organisation only after they are employed, and the employer then has limited opportunity legally to spy on employees, though this could have assisted in court cases,” Sault says.
PlanTec has assisted companies with IT solutions and the automation of compliance regulations that prevent this kind of behaviour, or at least have measures in place that make it difficult for such irregularities to continue.
“At one of our clients’ organisation, staff were able to process invoices sent to the company without reconciliation to the supply of services. Some of the staff had been processing duplicate invoices with payments being made for their own financial gain. The IT systems we implemented provided immediate notification of any disputed or irregular payments by staff, and provided trends on which staff were processing what payments on what frequency so that this could be used to assess the integrity of the financial processing.
“This form of legal spying identified an individual who was later confronted with some irregular payments and was terminated for fraud.”