6. Key elements of a policy

CCTV, telephone and internet monitoring

Make it absolutely clear in any policy that if an employer wants to monitor workers in any of the above ways it must:

• demonstrate good cause for the monitoring;

• make staff fully aware of any surveillance policy and the reasons for surveillance;

• only allow one or two people access to computer logs or phone call recordings and ensure information is stored in accordance with the Data Protection Act 1998;

• never read or listen to emails or calls which are evidently personal or private; and

• never undertake covert surveillance unless there is evidence of criminal activity.

Personal information

Make sure the policy covers personal information and spells out employees’ right to:

• know what their information is used for;

• know if any checks have been carried out on them (and their results);

• know exactly what information is held about them. (This can be requested from an employer, who is legally obliged to provide it within 40 days;

• correct any errors in their personal record;

• ensure that their information is securely kept; and

• refuse tests or checks that are disproportionate or have no business purpose.

Privacy impact assessments

Negotiators should be aware of an initiative by the Information Commissioner’s Office (ICO) which calls on organisations to conduct “privacy impact assessments” (PIAs) to ensure any new systems and technologies which involve personal data and/or intrusive technologies are “privacy-friendly”.

In June 2009, the ICO launched its Privacy impact assessment handbook, with guidance on conducting both large and small scale impact assessments, as well as compliance checking later on. The handbook is free to download from the ICO website. PIAs are voluntary and aim to encourage organisations to think about how to safeguard individual privacy before introducing new IT systems.

Union privacy

Once again, a number of respondents to the LRD survey of union reps expressed concern about union electronic correspondence being monitored. Many reps deliberately opt to communicate via hotmail (or a separate external email), text or face-to-face communication in preference to the work email system or telephone for any sensitive business. As one higher education rep noted: “Many members think, without any evidence, that their emails are monitored. This is a reflection of mistrust of management”.

An FBU rep reported that the union is “pretty sure” emails and telephone calls have been monitored, especially during a recent industrial dispute, whilst acknowledging this would be difficult to prove.

Responses to our survey also reflect a fear amongst reps that covert surveillance is likely to be stepped up if there is a threat of industrial action. Any agreement or policy should include a separate section covering the privacy of trade union communications within the organisation. A guide to email and internet use by the union for professional workers Prospect states:

“It is important to ensure that management does not monitor emails sent or received in the course of trade union activities. Official policy should include a guarantee of privacy in respect of such emails, although representatives and members should always be cautious about using email for potentially sensitive information.”

Electronic communication policy checklist

The following checklist is adapted from union for professionals Prospect’s guide to the use of email and the internet at work.

Application

The policy should:

• be subject to consultation with trade unions before it is introduced;

• apply to all workers, including temporary and agency workers and contractors;

• be widely distributed and circulated to all workers;

• be incorporated into any staff handbook and contracts of employment; and

• provide for regular review in consultation with trade unions.

Use

The policy should:

• not be unduly punitive;

• make it clear what is acceptable use;

• allow for personal use by workers on a reasonable basis;

• identify restricted areas of the system;

• provide information about email etiquette to avoid offence;

• make clear whether loading or downloading software is prohibited;

• clearly identify potential disciplinary offences;

• cross refer to the disciplinary procedure to ensure that procedures are fairly applied; and

• agree the use of computer facilities for the union.

Equal opportunities

The policy should:

• forbid the use of facilities for accessing or circulating racist, sexist or other offensive material such as obscene or pornographic material; and

• make harassment or bullying by email a disciplinary offence.

Monitoring

The policy should:

• exclude any routine monitoring of email or internet use;

• advise workers that the employer does not guarantee absolute privacy;

• state whether emails will be accessed in the worker’s absence;

• provide for unions to be consulted before monitoring happens;

• require any monitoring which is undertaken to be open and known to users;

• obtain the consent of employees before monitoring;

• ensure that all forms of surveillance and monitoring are proportionate;

• make no provision for monitoring of union communications; and

• entitle employees to privacy through access to phones and email for personal use which will not be subject to monitoring.

The policy should also cover the use of social media sites, setting out clearly what will and will not be tolerated both in and out of working hours, and making it clear that the employer’s equal opportunities and anti-bullying policy applies equally to comments on social media sites, texts or twitter where they involve work.

The Acas guide to internet and email policies can be downloaded from the Acas website at: www.acas.org.uk/CHttpHandler.ashx?id=313&p=0.

An international perspective

A 2006 report by Andrew Bibby for Uni global union: You’re being followed: electronic monitoring and surveillance in the workplace, free to download at: www.andrewbibby.com/pdf/Surveillance-en.pdf, highlights international comparisons of levels of workplace monitoring and surveillance and contains examples of a number of good collective agreements negotiated by unions outside the UK. For example, a national agreement between the social partners agreed in Belgium in 2002 states:

“Monitoring of online use by employees is limited. In terms of the internet, employers can collect data on the length of web connections but not identify the site visits by individuals. For email, the volume and number of emails can be recorded, provided these are not linked to individuals.”

Also in Belgium, the use of workplace cameras has been the subject of a national collective agreement since 1998, covering the whole of the private sector which stipulates that: “Permanent surveillance is strictly controlled and is authorised only in cases where it is designed to protect workers’ safety or company property. Covert video surveillance is banned, except where there is considerable evidence of criminal activity. Cameras can only be introduced after consultation with trade unions and workers affected must be informed in advance. The object of video surveillance must be clearly set out”.

In Austria, works council approval is needed before permanent video monitoring can be undertaken.

In Denmark, Danish union DFF has concluded an agreement with security firm Securitas, restricting the purposes for which video footage can be used, including protection against the use of footage for disciplinary purposes. Staff must be informed of monitoring during recruitment.

In Germany, the introduction of monitoring and surveillance technology would require the approval of the works council, made up of workers elected by the employees to represent their interests at workplace level. Where works council approval is withheld, the matter must be decided by arbitration or a decision by the labour court. A plan to install security cameras by Deutsche Post in its main sorting office employing 650 staff, with the cameras operating up to 50 hours a week, was judged excessive by a federal German court.

In Canada, the Canadian Union of Postal Workers has negotiated a collective agreement with Canada Post that states: “At no time may such [watch and detection] systems be used as a means to evaluate the performance of employees and to gather evidence in support of disciplinary measures unless such disciplinary measures result from the commission of a criminal act”.

The report contains other good examples of negotiated collective agreements reached in this field.

Perhaps unsurprisingly, the evidence collected by the Uni global union suggests that in the developed economies, employee monitoring is at its most pervasive in countries with the weakest collective bargaining and the lowest job security, such as the United States.