I spy, with my little eye… an employer who requires a workplace surveillance policy
It is becoming increasingly common for employers to monitor their employees whilst in the workplace, and when using employer devices. Although Australia does not currently have uniform laws governing the surveillance of employees, in the Australian Capital Territory and New South Wales, there are specific regulations which dictate what an employer must do before conducting surveillance on their employees. Failure to comply can see penalties imposed.
THE WORKPLACE PRIVACY ACT 2011 (ACT)
The Workplace Privacy Act 2011 (ACT) (WPA) regulates a broad range of surveillance methods that may be used by an employer in monitoring workplace activities and covers any workplace surveillance undertaken by data, optical, or tracking surveillance devices and including the monitoring and recording of emails of which a worker is the sender or recipient, and the monitoring of access to internet websites.
If an employer plans to use a surveillance method covered by the WPA, it must first give 14 days written notice of the intended surveillance to any affected workers. The notice must address:
- details of the planned surveillance; and
- invite workers to consult with the employer as to the proposed method for conducting the surveillance.
Compliance with a Policy
The WPA imposes a further specific requirement that any data surveillance must be in accordance with a workplace policy on surveillance. This policy must state:
- how the employer’s computer resources (such as emails and internet access) may, and must not be used;
- what information about the use of the employer’s computer resources is logged and who may access the logged information; and
- how the employer may monitor and audit a worker’s compliance with the policy.
It is an offence not to comply with these requirements, and an infringement may result in a penalty of up to $15,000 for a company.
Blocking emails and internet access
Under the WPA, it is an offence for an employer to stop the delivery of an email to or from a worker, or to stop a worker’s access to a website unless stated otherwise in the employer’s policy on electronic communication and internet access. If an employer stops the delivery of an email, it is required under the WPA to give the affected worker notice of the prevented delivery as soon as possible.
As discussed above, overt surveillance is permitted under the WPA so long as the necessary notification and policy requirements are complied with. Covert or undisclosed workplace surveillance is only permitted under the WPA where it is suspected that an employee is engaging in illegal activities and an employer has obtained a court order to engage in covert surveillance.
PRACTICAL IMPLICATIONS FOR EMPLOYERS
Practically speaking, this legislation means that employers with workplaces in the ACT should only conduct data surveillance where suitable notice is given, and the surveillance is conducted in accordance with clear policies and procedures. If your organisation operates in multiple jurisdictions, it may be prudent to establish policies that meet the statutory requirements of the ACT and NSW.
For more information on workplace surveillance legislation, please contact Carina Zeccola.