We have received a number of queries from members recently in relation to the use of electronic surveillance and monitoring. This includes queries about the use of ‘covert’ surveillance. This particular activity may lead to serious consequences for breaches of both the Privacy Act and the Surveillance Devices Act. The following article is taken from the ‘Department of Commerce’ (WA) Fact Sheet which may be of assistance in clarifying an employer’s rights in this area. Members should also be advised that surveillance laws vary markedly from State to State.
The Surveillance Devices Act 1998 (WA) (SD Act) regulates the use of listening devices, optical surveillance devices and tracking devices.
The SD Act may apply to workplaces where surveillance devices such as security cameras, closed circuit TV (CCTV), telephone monitoring and GPS systems are being used.
It is generally an offence to use, install or maintain:
- listening devices to record or listen to a private conversation;
- optical surveillance devices to record visually or observe a private activity; or
- tracking devices to determine the geographical location of a person.
The SD Act defines a private activity as: “any activity carried on in circumstances that may reasonably be taken to indicate that any of the parties to the activity desires it to be observed only by themselves, but does not include an activity carried on in any circumstances in which the parties to the activity ought reasonably to expect that the activity may be observed”.
Recording a private activity such as the surveillance of change rooms or toilets within a workplace may be an offence. A private conversation has a similar definition under the SD Act.
Recording a private conversation in the workplace could be considered an offence, for example where disciplinary action is being discussed between an employer and employee and it is being recorded without the consent of the parties involved. The parties ought reasonably to expect that the conversation would not be recorded or listened to by a third party.
Security cameras, CCTV and telephone monitoring The SD Act does not prevent employers from using surveillance devices in the workplace, as long as they are not being used to record private conversations or private activities. Employers who do use electronic surveillance to monitor staff should ensure that they have the express or implied consent of their employees. It is recommended that employers consider using signs to notify employees and patrons where security cameras are in use to ensure they do not breach the SD Act.
Email and internet monitoring
Electronic media, such as email and the internet, form part of most workplaces. Employers should determine what constitutes reasonable use of these media and the rights and responsibilities of employees.
Creating clear and reasonable policies on the use and monitoring of electronic mail and the internet, can protect both employers and employees. Employers should ensure that employees are aware of and understand policies, and of the consequences of non-compliance.
The Office of the Australian Information Commissioner provides information and advice on federal privacy laws for small business, guidelines and a checklist to assist a small business determine if it is covered by the Privacy Act 1988.
The privacy of staff email and web browsing and social networking activities is of considerable concern in many workplaces.
While staff may be using government or corporate equipment and networks, they may consider that their emails and web browsing activities are private. Although access controls and security features of a network may give the user an illusion of privacy, most email is insecure, is hard to destroy, and web server logs can record information on sites that staff visit. Access logs and information is stored through routine maintenance and management of networks and systems
Think about these questions:
- You suspect an employee is stealing from you. Can you use camera surveillance to prove it?
- You have a policy on network usage during work hours. You are, however, losing productive time each day from, you suspect, staff surfing the internet, checking out Facebook, downloading music from iTunes or watching YouTube clips. Are you able to, or should you, ban all use of such sites, or can you monitor and manage their use?
- An employee alleges she has been assaulted and bullied by a fellow employee. You have CCTV footage from the area of the alleged assault or bullying incident. What use can you make of it?
- You suspect an employee is sending confidential information off site and is getting ready to start work with a competitor. What data can you use when seeking to restrain the employee?
- An employee alleges harassment by another employee after hours on Facebook. Can you access the complainant’s Facebook ‘wall’ to obtain evidence of the alleged harassment?
As for the situations above:
- If the surveillance is covert, you will need legal authority from the Courts and you will need to establish sufficient grounds for your suspicions. Alternatively, you can rely on the evidence you have and tackle the matter in the way any issue of serious misconduct is dealt with, covert surveillance without authorisation is illegal and subject to penalties;
- A total ban may be an overreaction, as long as your HR policies on use and misuse of the network and right of control are fully set out and understood by your employees you may exercise your authority and control in this area and discipline staff according to your policy;
- You can use the evidence for legitimate business purposes providing the employees were aware the camera was monitoring the area and had been informed of its positioning;
- Dependent on existing policy and clear confidentiality and intellectual properly restraints you would be entitled to call in data experts to retrieve information such as access to intranet sites, documents, use of printers, floor access and the like to validate any suspicions you may have. You need to ensure your HR policies and employment contracts have adequate mechanisms in them upon which you can rely. This would not be a breach of the SD Act given this is arguably not ‘surveillance’ as that word is commonly understood;
- As for Facebook and social media, if employees put words and comments out there for consumption (public or just for ‘friends of friends’) then that material could potentially be used, as evidence to support an investigation of allegations concerning a breach of your HR policy on harassment and bullying or breach of an express term of the employment contract if the comments have the potential to cause damage to the employer. You do not need surveillance in these circumstances, again ensure your policies extend to afterhours conduct and the likely consequences that may result form any breach.
Once again the importance of clear and comprehensive internal Policy – compliant with the requirements of the applicable Acts – is critical in managing this area responsibly and avoiding breaches which may be illegal.
Clear signage in the workplace advising of the use of electronic surveillance and monitoring is strongly recommended as well as clear and open communication as to applicable workplace processes.
Call us to discuss any queries you may have in relation to your work practices in this area.
Workwise Advisory Services are Registered Industrial Agents and licensed under Section 112A of the Industrial Relations Act 1989 to provide advice in relation to employment and workplace matters. Any advice and/or information provided by Workwise does not constitute ‘legal opinion’. Clients wishing to access legal opinion and protection under legal privilege should access the services of a legal practitioner. Such services are available through Workwise’s strategic partnership arrangements and attract additional fees and charges prescribed by the legal practice.