Balancing personal privacy and corporate protection is a complicated issue without a great solution. Corporations need to monitor employee activities, but they have to do it without infringing privacy rights. Though methods vary between companies, the counterintuitive truth is that managers may have to be more transparent with their motives in order to accomplish the oversight they want.
An Unavoidable Conversation
Though workplace surveillance is an inherently secretive pursuit, recent events have dragged the concept out of the shadows and turned it into a primary talking point in offices around the world.
These issues first came to a head as companies began formulating mobile device management policies to govern the escalating use of employee-owned smartphones and tablets for business tasks.
It only took a few malware injections and data breaches triggered by lax mobile security practices for CIOs to realize their all-inclusive approach to device procurement carried certain risks.
Yet when they announced that they’d like to deploy corporate-controlled monitoring software on employee-owned iPhones, there was an immediate pushback.
What right does my company have to track my location outside business hours? What’s to stop an IT administrator from snooping on my personal text messages and photo library? These were just a few of the perplexing questions asked of business managers and legal consultants.
The “Big Brother” fears were only exacerbated when former National Security Agency contractor Edward Snowden unleashed an eye opening account of the vast surveillance technologies available to government bodies and leading telecommunications carriers.
Ironically enough, the relative ease with which Snowden was able to leak classified information raised pointed questions as to how effectively the NSA monitors its own privileged administrators.
Delaying or obscuring discussion of these is a disservice to both managers and frontline workers. Only by communicating concerns, obligations, and expectations in an open forum can companies move forward with an effective, justifiable policy framework that employees actually comply with.
First and foremost, management must communicate the motives behind strengthening or expanding internal oversight. Employees understand the importance of risk management for both individual and corporate protection, and today’s high-tech solutions are only an extension of long-held practices.
If workers are assured that measures are being made to safeguard intellectual property and avoid compliance complications, it should feel like less of an imposition on their personal privacy.
Employees can and should push back during these discussions though, as the concerns they air may not have been previously identified and accounted for in initial plans.
Finally, plans cannot be crystallized until the legality of protective policies has been verified. Statutes surrounding background screening procedures, email monitoring, and social media liability are continuously evolving, and a comprehensive review of local, state, federal and industry-specific codes is likely to turn up more than a few surprising liberties and limitations for uninitiated managers and workers.
Understand your IBM i security risks. Request a free Security Scan today.