Ontario has taken the lead in terms of enhancing employer transparency in the workplace by introducing legislation requiring employers with 25 or more employees (as of January 1, 2022) to have an electronic monitoring policy. Bill 88, the Working for Workers Act 2022 became law in April and requires employers to be transparent about how they monitor their employees’ use of devices such as computers, cell phones and GPSs.
While the deadline to prepare the policy was October 11, 2022, it is better late than never to get an electronic monitoring policy in place. Once drafted, the policy must be presented to employees within 30 days.
I don’t even know if or what we’re monitoring
The introduction of this new bill has been an eye-opener for many employers who were previously unaware of it or how electronic monitoring was taking place in their workplace. A helpful tip to get you started is to consult your IT department or IT provider and ask them to create a list of the hardware and software that could be monitoring your employees. This may unearth some overkill monitoring and data collection – passive and unintentional, or otherwise.
What can employers monitor?
Employers can use monitoring programs that track the websites that employees visit (even when in private browsing mode), apps they’re using, inter-office chat groups, work email, work calendars, social media activity, as well as the amount of time spent doing each of these. Hardware such as GPS installed in company vehicles are also likely to be electronically monitoring employees.
The reality is that most employers are busy running their businesses and are not bothered with especially intrusive electronic monitoring measures, like reviewing data from programs that count an employee’s keystrokes in a day.
However, if needed, employers are permitted to monitor to confirm an employee’s work and whereabouts, and whether they may be doing something that violates company policy or requires further investigation.
The new legislation does not increase employee privacy rights. Rather, it creates an employer obligation of transparency: employers must now outline what electronic monitoring will occur and how the information may be used.
Policy requirements
As always, to reduce the risk of constructive dismissal or privacy-related claims, employers need to ensure that their monitoring is reasonable under the circumstances and necessary for employment-related purposes (e.g., workplace safety and security, protection of confidential and proprietary information, attendance and performance management, etc.). To meet the transparency requirements of the policy, the ‘what, how and why’ of electronic monitoring practices must be set out in the electronic monitoring policy.
At a minimum, an electronic monitoring policy must set out:
- whether the employer monitors employees’ electronic devices;
- how and in what circumstances the employer may monitor employees;
- the purposes for which information obtained through electronic monitoring will be used by the employer; and
- the date the employer prepared the policy and, if updated, the date of any policy changes.
Without identifying your clear purpose in collecting the data, you may run into some legal difficulties should you try to rely on the data for reasons other than what is stated in your policy. If, for example, you are collecting data for the sole purpose of discipline, say so. Otherwise, you risk not being able to rely on what you learn from the data when you need to actually discipline your employee.
Finding a balance
Employers are required to identify every way they are electronically monitoring employees and how they might use the data collected. Therefore, they should think carefully about keeping programs around that are overdoing it when it comes to the sort of data and monitoring the program is doing.
If employers take a purposeful and practical approach and limit their monitoring to only what is necessary and reasonable (and effective), it is more likely to be accepted by employees. Be very clear about how the collected data will be used. If, for example, the program is only essential for legitimate business reasons and there are no plans on using it for reasons that are very scary to employees (i.e. discipline and termination), be sure to say so – this will help in keeping workers calmer and happier.
Assuming that the loss of employee privacy is proportionate to the benefit gained, and there was no less intrusive method of gathering the information, then all should be fine.
Drafting the policy
After compiling a list of how employees are being electronically monitored, turn your attention to drafting the policy. For example, if company cars have GPS systems that are electronically monitoring employees, the policy should state, at a minimum, the following:
1. The company is electronically monitoring;
2. GPS trackers installed in company cars are tracking employee movements throughout the day; and
3. The data collected from the GPS systems is being used to ensure employee safety and compliance with company policies and procedures.
Finally, don’t forget to date the policy and note the date of any updates to the policy. This policy is all about transparency so listing only some of the ways or a few examples of how employees are being electronically monitored won’t cut it.
A key goal of any properly implemented and reasonable electronic monitoring policy should be to deter unauthorized workplace conduct, not to create a gotcha moment. Aren’t we all on our best behaviour if we know we might be watched?
Tiffany Thomas is a lawyer at SpringLaw, a virtual law firm practicing exclusively in the areas of employment, labour and human rights law. Tiffany works with both employers and employees to resolve their workplace issues. She can be reached at tthomas@springlaw.ca. www.springlaw.ca