![[Basket]](images/basket.png){kind=small}
Your order![[cover image]](images/issue/BK202404.jpg)
LRD guides and handbook April 2024
Data protection and monitoring An LRD guide to privacy at work
Understanding how we are being monitored, and what is being done with our personal information, constitutes an important part of a union rep’s role in the 21st century. Monitoring in the workplace has become more commonplace, less visible and more intrusive. And while monitoring workers is not itself unlawful, there are nevertheless restrictions — and employers must comply with the legal rules for monitoring if they are to stay within the law. This trade union guide arms reps and their members with the information they need to make sure employers don’t overstep legal boundaries and that any use of surveillance technology does not go beyond the limits of the law. It: explains the legal framework — the law on data protection and other laws relevant to monitoring at work; examines how the law applies to monitoring in practice; and highlights the use of AI systems to keep tabs on workers and the additional considerations this entails. It suggests reps could approach employers to carry out an audit of all their monitoring activities, with a useful checklist appendix for this purpose.
Introduction
Introduction [page 2] (742 words)
Advances in digital technology, including developments in artificial intelligence (AI) have increased the amount of data collected and shared about ...
Subscribers only
Chapter 1
1. The legal framework [page 4] (55 words)
There is no legislation that explicitly covers monitoring at work. Instead, there are areas of law that provide some regulation of monitoring ...
Open access
Data protection [page 4] (514 words)
Only personal data is protected [page 5] (644 words)
The Information Commissioner [page 7] (381 words)
Data protection by design and default [page 8] (149 words)
The data protection principles [page 8] (238 words)
Lawful basis to process data [page 9] (1,497 words)
Change of basis for processing [page 13] (249 words)
Rights of individuals [page 14] (235 words)
Information to be provided by employer [page 14] (341 words)
The right to access personal data [page 15] (999 words)
The right to object [page 17] (77 words)
The Data Protection Impact Assessment (DPIA) [page 18] (318 words)
Penalties for breach of data protection law [page 18] (227 words)
Human rights [page 19] (1,814 words)
Mutual trust and confidence [page 23] (374 words)
Covert recording of meetings [page 23] (465 words)
Health and Safety [page 24] (453 words)
Equality [page 26] (194 words)
Chapter 2
2. Artificial intelligence (AI) [page 27] (452 words)
The use of AI (artificial intelligence) is already widespread in the workplace. The Information Commissioner’s Office (ICO — see page 7) defines ... Subscribers only
How is AI used in workplace monitoring? [page 28] (249 words)
Need for new law [page 28] (543 words)
What protection does the current law provide? [page 30] (602 words)
What additional steps does the employer have to take? [page 30] (212 words)
Bias [page 32] (131 words)
Chapter 3
3. Monitoring in practice [page 33] (40 words)
The previous chapters have outlined the law and highlighted additional considerations when employers carry out monitoring that uses AI. In this ... Open access
Scope [page 33] (256 words)
When is monitoring lawful? [page 33] (356 words)
Which lawful basis? [page 34] (952 words)
Capturing special category data [page 37] (690 words)
Telling workers [page 38] (133 words)
What can employers do with the information they collect? [page 38] (139 words)
Can workers send private e-mails and messages at work? [page 39] (462 words)
Can employers monitor phone calls? [page 40] (195 words)
When can employers use CCTV and video surveillance? [page 40] (610 words)
Covert monitoring [page 42] (645 words)
Filming other than for surveillance [page 43] (334 words)
Refusal to provide information [page 44] (354 words)
Further information
Appendix 1: Checklist for reps [page 45] (371 words)
The recent focus on AI may present an opportunity for reps to ask employers to carry out an audit of all their monitoring activities. ... Subscribers only
Appendix 2: Legitimate interests assessment [page 46] (356 words)
“Legitimate interests” is the most common lawful basis for an employer to rely on when processing workers’ data. The ICO has developed a ... Subscribers only