Business
I’m hiring staff for my startup, what do I need to know about workplace surveillance
Workplace surveillance isn’t new, but employees and trade unions are becoming a lot more clued-in to the ramifications and implications of monitoring staff. This poses unique challenges for startups. One day you’re happy one or two-woman band riding along by the seat of your pants, the next day you’re hiring and struggling to navigate complex employee rights while protecting your own assets.
There are many reasons a startup will need to consider workplace surveillance. For example, some firms need to monitor employee movements for the safety of their people. Some use it to protect staff from exposure to situations that are above their paygrade. Others use it (often badly) for employee productivity.
When it comes to workplace surveillance there’s a fine line between legitimate due diligence and snooping. The key to not being on the wrong side of that fine line is to considering the following.
Have you got consent?
This is by far the most important thing to consider. If you plan to utilise surveillance in any form in at your startup, you need to get consent from all employees who will be subject to this surveillance. This may involve including it in their actual employment contract, or in specific terms of service for technology and equipment they may use. For example, if you want to monitor Internet usage, you can gain consent by showing a pop-up or other on-screen interaction that requires the user to agree that they consent to tracking and surveillance as they use said technology. The latter approach, as opposed to a catch-all ‘agreement’ is often easier to implement.
Is what you’re doing relevant?
Different startups require different kinds of monitoring and tracking. If your business has intellectual property to protect, surveillance married with encryption processes may be relevant. But that doesn’t mean you need to track your people’s Internet usage or monitor their movements in company vehicles. The key to a well-respected workplace surveillance programme is relevance and proportionality. Which brings us to…
Is what you’re doing proportionate?
As well as being relevant, any surveillance used in your business must be proportionate. Yes, you may need to use a door entry system, but that doesn’t mean you need to deploy facial recognition on it. You may wish to restrict and monitor access to certain websites, but do you really need to track and record all website visits? It’s important to identify areas of risk and address them with adequate, but not over the top, solutions.
Are you handing the data correctly?
Even assuming you follow all of the above guidance to the letter, how you handle the data you gather – whether that’s video, door pass activity or web browsing – can make or break compliance and really cause employee trust to take a hit.
Online Spy Shop, a Manchester-based surveillance consultancy recommend being cautious with how you handle data and creating systems that protect everyone.
“Handling sensitive data comes with a large set of very important responsibilities and if people in organisations around the UK are thinking carefully about who to trust with the data they care about, that’s a good thing
“As we’ve seen a lot recently, corporate data breaches can spell PR disaster for any organisation. So it’s really important to implement systems and processes that not only protect sensitive data, but that also protect individuals within the company. Unauthorised personnel should not have to make a decision about whether they handle data – it shouldn’t be on them to make that call. If it is, the system has already failed.
“Only authorised, qualified personnel should be getting close to sensitive or personal data in the first place, regardless of how others within the organisation perceive them.”