New concerns in electronic employee monitoring: have you checked your policies lately?

Author:Ford, Janet


Employers have long had compelling reasons to monitor employees. For example, management at Los Angeles California City Hall discovered that employees were streaming the 2012 Summer Olympics over the corporate network while at work. Management's response: "Stop watching the Olympics at work!" (Winton, 2012). Events like the Olympics or the annual March Madness basketball tournament impact corporate networks during very specific times, but imagine an employer monitoring its network and discovering that every day employees are watching over 50,000 YouTube videos, streaming over 4,000 hours of music over the internet, or streaming movies from Netflix. This discovery, in fact, prompted Proctor & Gamble to shut down access to movies from Netflix and music from Pandora for its 129,000 employees (Schwartz, 2012).

Ensuring employee productivity is a major consideration to support the monitoring processes. But employers have also long been aware of the risk of legal liability or loss to which their organizations may be exposed as a result of inappropriate employee activities online (Papa & Bass, 2004). Lawsuits based on online harassment are typically cited as a concern that justifies employee monitoring, but these are by no means the only legal claims that can arise from employee activity online. In recent years, employee activity on social media outlets, along with employer responses to such activity, have increasingly exposed organizations to liability for unlawful discrimination (Gaskell v. University of Kentucky, 2010), violation of labor laws (Hispanics United of Buffalo, Inc., 2012), and even violation of securities laws (Bondi & Lofchie, 2011). In addition to legal liability for employee misconduct, employers are concerned about threats to their organization's intellectual property as vital data and information are increasingly stored in digital format that is easy for employees to access and distribute outside of the organization's protocols (Willey, Ford, White & Clapper, 2011). To support and justify employee monitoring, employers have adopted policies that attempt to define the limits of permissible employee online activity and identify forms of impermissible online activity that might expose the organization to legal liability or loss. As with all best business practices, it is not enough to simply develop an employee monitoring policy. Successful organizations regularly review and update their policies and review the enforcement of those policies to ensure that they are addressing current concerns in a way that complies with state and federal laws (Rozwell, 2012).

The monitoring of employees' emails, internet usage, telephone communications and social media gives rise to confusing legal responses. While some law supports the necessity of monitoring, other law exists to limit the electronic monitoring of employees to protect employee privacy, leaving employers between a rock and hard place. On top of these concerns, recent rulings by the National Labor Relations Board confound the problem for organizations by strictly interpreting monitoring policies that could impact employees' rights under the National Labor Relations Act. Additionally, numerous states have either enacted or are considering legislation that would limit the use of social media as a monitoring tool. It's time to take out those monitoring policies, dust them off, and be sure the organization's policies comply with law.


Business organizations are able to use hardware and software to electronically monitor a wide variety of employee behaviors both in and out of the workplace. Attendance and facility use can be monitored using video surveillance and through employee badges where entry and time spent in various access areas is logged. In addition, new applications for physical access cards provide authentication and access to digital systems which may ultimately lead to the convergence of Information Technology (IT) security and physical security (Walls, 2012a). Not only can employee access cards provide a digital record of their physical whereabouts, but also global positioning system (GPS) chips and radio frequency identification (RFID) chips have been used to monitor the location of assets, such as laptops, phones, and vehicles, used by employees (Ciocchetti, 2011). Beyond monitoring the physical location of assets or employees, organizations also monitor employee productivity (Mujtaba, 2003) including the use of communication equipment and computer equipment that their employees use daily: activity on the desktop personal computers, keystroke logs, email communications, text-messages; use of social network sites, use of the internet and search engines; and telephone use, including voicemail monitoring (Ciocchetti, 2011).

A Decade of Electronic Monitoring: 1997--2007

Monitoring techniques differ in both their usage in the workplace and in their usage over time. Surveys of member and client companies of the American Management Association (AMA) specifically examined workplace monitoring over the ten-year period from 1997 to 2007, though not all technologies were measured for all years (AMA, 2000; AMA, 2001; AMA, 2008; Anonymous, 2005). For example, monitoring using technologies such as social network sites and blogs were not measured prior to 2007. The surveys revealed that, for the period from 19972005, some monitoring techniques, such as the recording and review of telephone conversations or voicemail messages and the review and video recording of employees to assess job performance were used by less than 21% of the businesses surveyed (AMA, 2000; AMA, 2001; Anonymous, 2005). Video recordings of employee job performance grew at the very low rate of .2% per year (AMA, 2000; AMA, 2005). Although voicemail storage and review grew at a fairly high rate of nearly 14% per year during the period, its use is not widespread, at l5% of the surveyed companies (AMA, 2005).

Other employee monitoring techniques showed more widespread usage with several of those monitoring techniques showing higher rates of growth over time (see Figure 1).

For example, from 1997-2007, monitoring email messages grew at the highest annual rate (17% per year) while storing and reviewing computer files and computer use show very high growth rates of 12% and 11% per year respectively. Telephone use monitoring was fairly sizeable at 45% while monitoring internet connections was quite common at 66%. Both of those techniques showed low growth rates of 3% per year with telephone use being measured for the ten-year period from 1997-2007, and monitoring internet connections as measured for the eight-year period from 2000-2007 (AMA, 2000; AMA, 2001; AMA, 2008; Anonymous, 2005). Monitoring employees on social networking sites and on the blogosphere were first measured in 2007 and show rates of usage of 10% and 12% respectively (AMA 2008). New technologies and applications will continue to affect electronic monitoring.

Recent Trends in Electronic Monitoring

A recent trend is the use of social media by employees or potential employees. Gartner Inc., an IT research firm, conducted a survey that showed widespread adoption of social networking sites across a variety of U.S. industries including the media industry (77%), education and telecom industries (58%), and the retail industry (52%) among others (Rozwell, 2012). Organizations monitor social media use of both employees and potential employees (Willey, White, Domagalski, & Ford, 2012). Surveys of employers over the last seven years show that in 2013, 39% of employers screened potential employees using social network sites (Grasz, 2013) up from 12% (Grasz, 2006), which represents a growth rate of 225%. Information on social network sites can both help a potential employee get hired as well as hinder a potential employee from getting hired. Current employees are also monitored as to their social media use, and Gartner recommends that organizations develop social media policies, rules and training for organization employees who might be forbidden from, encouraged to use or even asked to use and track social media sites as part of their job assignments (Mann, 2012). The social network sites that organizations are monitoring fall into four major categories: public sites such as Facebook, Twitter and LinkedIn; public sites that are not based on advertising, like MyCube; semiprivate social network sites like Yammer; and private social networks such as Mumsnet (Casper, 2011). Software such as SocialLogix is able to detect multiple social media sites employees use and uncover their user profiles. While it is not uncommon to monitor social media for employee postings, particularly in the major sites such as Facebook and LinkedIn and Twitter, recent technology capabilities make it possible to monitor other social networks even if the employee posts in multiple languages. To prevent posts that are inappropriate, organizations must first monitor and intercept them using a variety of tools including network infrastructure tools, services that integrate with social media platforms and social media management software (Walls, 2012b).


To a significant and increasing extent, organizations monitor employee activity to reduce potential exposure to legal liability to third parties and also to minimize the risk of harm resulting from employee misconduct. Not only must an organization take reasonable measures to protect third parties from the wrongful conduct of employees, it must also take measures to protect itself from employee acts that might undermine the organization's business interests. Although these concerns over employee misconduct are not new, technological developments have provided employees with increased opportunities to divert themselves from their work obligations and engage in...

To continue reading