Big brother can't watch

Very interesting, an employee in the Netherlands was repeatedly told by his employer to turn on his camera, so he could be watched 9 hours a day. He refused, claiming he didn’t feel comfortable being watched, and, anyway, they were already monitoring his screen.

He received repeated emails from his employer telling him to turn on the camera. He refused, claiming it was an invasion of privacy.

Eventually he received an email terminating his employment, with the grounds being “refusal to work”.

He took the US employer to court for wrongful dismissal and the court found for him,

The Court of Zeeland West-Brabant determined [PDF] that not only was there no evidence of refusal to work, but instructing an employee to leave their camera on all day was a privacy violation.

In addition:

“Camera surveillance for nine hours a day is disproportionate and not allowed in the Netherlands,” declared the court, which decided there was no question that the employee was working as software installed on his computer monitored his output.

As to the position of the employer, that filming him for 9 hours a day was no different to being in a real office, the court pointed out that being in a real office, you are not filmed and with the webcam, the feed can be saved.

As to the argument that surveillance was no different than actual physical presence, the court established one important difference in the two scenarios: the processing and potential storage of data, which would be subject to the General Data Protection Regulation Implementation Act (GDPR).

Chetu was ordered to pay restitution of $48,660 – $2,600 in unpaid salary, $8,150 for wrongful termination, $9,245 in worker transition assistance, the equivalent of 23 days vacation pay, eight percent statutory holiday allowance, court fees, and late payment fees.

The monitoring of PCs is in EU generally not allowed, and certainly it is illegal to monitor the PC without the users permission - antivirus software & similar security software being the exception, as it is keeping the PC safe, not monitoring what the user is doing.

Likewise CCTV in the work environment can only take place with the employee’s permission, with some exceptions for high risk areas or for food hygiene purposes - some slaughter houses monitor the production lines for safety and hygiene reasons, for example, so that if a carcass falls from the conveyor, it isn’t hung back up, but disposed of properly. And it certainly can’t be used in private areas or areas open to the general public.

Interestingly, the company closed its Dutch business within a few days of firing the employee.

I remember back in the days that I installed web filtering software having to be careful if there were users outside the US. Yes, we could block access to specific sites, but in certain countries we couldn’t log that a user tried getting there. Whereas here in the US, attempting to access certain sites would be considered a firable offense. I even worked with one customer where it was the one offense that the unions wouldn’t fight.

Sounds like a company with awful management practices.

Is this the case with computers that are wholly owned by the employer? I suppose fall on the draconian side in that situation - I believe if the device is company property then it’s within the company’s right to record everything happening in that system (but not cam footage as that’s outside of the system). In my view it would be negligent of them not to record all activity on it. BYOD situations are different though, very gray area.

You can generally only use company devices, it is very tricky to get a private device due to Data protection. At most I’ve seen firewall software and antivirus software that stops the use of private websites (Facebook and Co.), but never had an employer that tracks what the user is doing.

But it covers company and private devices. It has to be clearly labelled and the employee has to agree.

The same problems with recording conversations, it is very tricky, you can record, but you have to announce before recording that you are doing it, and exactly what purposes it will be used for and any party can refuse it and the recording must be stopped.

The purpose is important here, if you say it is for training purposes, you cannot use it against a customer, for example, or use it in a court case, only for the specified purpose. That is why most companies don’t bother, for example, recording in Microsoft Teams is deactivated at the business level, users cannot enable it, because it throws up to many legal problems.

Canada is still finding its way on this, but this article was posted today about the Province of Ontario starting by requiring companies with at least 25 employees to come up with a written policy on how it monitors its employees.