Overview[]
"Workforce monitoring activities are governed by a variety of data protection, data privacy, communications secrecy, and employment laws. Some jurisdictions may permit organizations to engage in a broad range of workforce monitoring activities, without requiring organizations to undertake substantial compliance efforts. However, other jurisdictions may restrict the scope of monitoring, perhaps requiring organizations to collect and process only metadata unless there are reasonable suspicions of serious misconduct. And some jurisdictions may require organizations to consult with workforce representatives, obtain consent from workforce members, or notify government authorities of monitoring activities."[1]
"The tools to address workforce threats may involve, among other things:
- Monitoring temporal metadata (e.g., logon, logoff, session length)
- Monitoring use of privileged access, such as to administrative accounts
- Monitoring use of applications
- Monitoring email communications
- Monitoring employer-provided devices
- Monitoring Internet browsing
- Capturing on-screen activities
- Keylogging
- Monitoring behavior on social media and other channels
- Monitoring employee-owned devices."[2]
References[]
- ↑ Managing Workforce Cyber Risk in a Global Landscape: A Legal Review, at 1.
- ↑ Id. at 2.