Tamsin Lawrence, associate director at Australian Business Lawyers & Advisors spoke to HRD about compliance with workplace surveillance and privacy laws
As hybrid work blurs the line between private spaces and the workplace—and as AI and advanced monitoring technologies increase the ability to monitor employees—the use of surveillance is becoming a growing issue.
Tamsin Lawrence, associate director at Australian Business Lawyers & Advisors (ABLA), told HRD questions are being asked about whether employers are complying with Australian laws, particularly if they are using products developed in the US, where surveillance laws are very different.
Lawrence, who will speak on the topic at the upcoming HRFutureFest Australia in Melbourne on October 29, said there were state laws, such as the Victorian Surveillance Devices Workplace Privacy Act, as well as the Federal Privacy Act, that covered workplace surveillence.
Register to attend HRFutureFest Australia
She said employers also need to be aware of a new offence—serious invasion of privacy—which has a broader application for employers than the existing Privacy Act.
“That’s definitely another space where employers need to be educating themselves, particularly now with a lot of employees working from home. There is an increased risk that they (employers) might actually be breaching both Victorian law and federal law,” she said.
“There’s a question about whether conversations that happen in the workplace are private. Is that a private conversation I’m having in a car that’s a company car, or is that a workplace conversation?
“It’s an interesting issue, particularly as we then move into the home. Is your workspace where you’re working from home an office workplace environment? Or is that a home when your kids might walk into the room, or your partner might walk into the room?
Lawrence said employers need to ensure they are meeting legislative requirements for notifying employees about surveillance, including recording both visual and audio.
“I think the other key thing is making sure you have a clear and legitimate purpose for which you’re gathering that information,” she said.
“Obviously, there are many legitimate reasons for which a business might want to monitor—that could be safety, it could be resource allocation, it could even be fraud detection—but you want to be really clear about what is the purpose for which you’re gathering that information.
“I think where people have become unstuck is where they’ve perhaps said, ‘We’re just testing something out,’ or ‘We’re just doing it broad scale, across everyone,’ but not actually thinking, is there a safety risk for every employee?
“Alongside that, I think they also need to think about: Do I have any consultation obligations with employees when I make these changes? Do I have any transparency and communication that I should be engaging in with respect to my employees?"
Lawrence said employers also need to consider the psychosocial risk of monitoring employees and whether monitoring is a risk to their wellbeing.
She said large-scale data breaches also highlight the need for employers to think about where they are storing information and whether the data is being kept for a legitimate purpose.
“Or are they keeping it for some other reason, like performance management down the track, for which they haven’t actually disclosed or been transparent about?” she said.
"Don’t just pick up forms of monitoring and surveillance without giving some genuine thought to what purpose you are using it for, making sure you’re doing it in a safe and reliable manner, making sure you’re being transparent, and potentially even putting in place a policy."
