With CCTV cameras everywhere you go these days, how likely is it that your employer or client will be keeping an eye on you? Basically, quite likely. Employers can monitor staff through a variety of methods  – but it must do so in a way that is consistent with several legal requirements.

Many employers will choose to monitor phone and IT systems usage by their staff, and in some sectors employers will also use CCTV and other methods to monitor their products/goods.

Employers may choose to monitor their staff for any of the following reasons:

  • To safeguard their employees or members of the public (for e.g. health and safety reasons)
  • To protect business interests (prevent crime or misconduct)
  • To ensure quality of customer services (which can also show training needs for their employees)
  • To comply with legal and regulatory obligations

Most large employers now will have a Social Media Policy which may include monitoring of employees usage of networking websites (and so on). Many employers will also have an IT and Communications Policy also setting out how employees can use their systems.

The laws that cover the area of monitoring include:

  • The Regulation of Investigatory Powers Act 2000 (RIPA)
  • The Telecommunications (Lawful Business Practice)(Interception of Communications) Regulations 2000 (LBP)
  • The Data Protection Act 1988 (including the 2003 Code, Monitoring at Work)

The implied legal obligation of trust and confidence that exists between an employer and employee is also relevant.

However, The Human Rights Act 1998 also plays an important role here as it gives individuals’ a right to privacy and the UK’s laws try to recognise that employees may feel that monitoring by their employer at work is intrusive.

Therefore, employers need to find a balance between an employee’s legitimate expectation to privacy and the Employers interests when they monitor their staff, in any way.

Because of the need for this balance, the current UK laws distinguish between:

  • Targeted monitoring (of one individual) and systematic monitoring (where all employees or groups of employees are regularly monitored in the same way)
  • Open and covert monitoring
  • The monitoring of already-accessed communications and the monitoring or intercepting of un-accessed electronic communications (e.g. telephone calls, faxes, emails and internet access).  An ‘interception’ happens when the contents of the communication are made available to someone other than the sender or intended recipient. The sender and recipient of the communication must consent to the interception for this to be lawful. ‘Interceptions’ are highly regulated under the RIPA and LBP laws (above).
All these monitoring types can be lawful.

Therefore when Employers set up monitoring systems they must:

  • Tell staff the nature and extent of monitoring that may take place
  • Be clear what levels of privacy an employee can or cannot expect when using their employer’s systems to make personal communications
  • Provide an unrecorded telephone line for employees to use in emergencies if all other telephones are routinely recorded/monitored
  • Be clear what levels of email/internet/phone usage by the employee for personal reasons is permitted and what is not
  • Provide written policy statements about the monitoring
  • Explain how the employer will use the information obtained via monitoring
  • Explain how the information will be stored and processed in accordance with the Data Protection Act

Targeted monitoring

Generally, monitoring should normally be carried out by an employer in an open and systematic way only, unless targeted and/or covert monitoring is justified.

Targeted monitoring will usually only be justified where there are grounds to suspect criminal activity or serious malpractice by the employee in question and the monitoring is necessary to prevent or detect this crime or malpractice. This monitoring would usually then lead to a disciplinary hearing where the employer believes the employee has breached company policies.

Surveillance of staff outside of the workplace may also be acceptable if the employer can demonstrate it was ‘justifiable’ (they have credible reasons to suggest an employee is involved in wrongdoing or breaching company policies) and ‘proportionate’ (the employer did not go any further than was necessary in its use of surveillance).

Basically, any monitoring that is done by the employer must be proportionate to the issue the employer seeks to address.

If you are an Employer and need ongoing professional help with these complicated issues then talk to us at The HR Kiosk (click here) - a Human Resources Consultancy for small businesses – you can retain us for as much time as you need.

Please note that the advice given on this website and by our Advisors is guidance only and cannot be taken as an authoritative interpretation of the law. It can also not be seen as specific advice for individual cases. Please also note that there are differences in legislation in Northern Ireland.

Photo by Jonathan McIntosh