OPINION: When your boss sees everything - why Biden must act against spyware

by Albert Fox Cahn | @FoxCahn | Urban Justice Center
Sunday, 8 November 2020 18:49 GMT

A woman looks at her laptop on a balcony of an apartment block near the Excel Centre, London in the Docklands as the spread of the coronavirus disease (COVID-19) continues, London, Britain, March 24, 2020. REUTERS/Hannah McKay

Image Caption and Rights Information

* Any views expressed in this opinion piece are those of the author and not of Thomson Reuters Foundation.

As bosses reach for invasive tech tools to monitor remote workers, Biden's administration must act to protect rights

Albert Fox Cahn is the founder and executive director of the Surveillance Technology Oversight Project (S.T.O.P.) at the Urban Justice Center, a New York-based civil rights and privacy group and a fellow at the Engelberg Center for Innovation Law & Policy at N.Y.U. School of Law.

The phrase “work-life balance” has taken on an almost absurdist quality for those working from home during the pandemic. As more and more Americans live, work, and sleep in the same confined spaces, our offices have seeped into parts of our life that we once thought were walled off from employers. The pandemic dramatically accelerated existing tracking, bringing the boss’s  prying eyes to our homes, even our bedrooms.

This trend comes as many workers are already at their wits ends. Separated from friends and loved ones, taking on unprecedented challenges, like the stress of remote schooling, employees now have to prove their worth to an ever-watchful boss. And the shift is rapid. Just this year, the number of firms now using spyware to track employees has nearly doubled.

The Biden Administration must tackle this surveillance surge as part of any comprehensive COVID-19 plan. With the new administration likely to promote remote work as a larger part of our response to the pandemic, we need to protect workers’ right to privacy, especially in their own home.

Not all employer spyware is equally invasive. Tools like Hubstaff track a user’s every keystroke and mouse movement, tracking the URL of every website visited, and even taking screenshots of what employees are doing. Take too many breaks in your own bedroom, now the boss can find out.

But employer spyware doesn’t just track every facet of your day, it even automates the response. Programs like Time Doctor give a heads-up display for employee behavior, sending automated alerts when they “wander.” Spend too long crafting the perfect sentence or reaching a task for work, suddenly Time Doctor’s AI will give “a friendly reminder that they aren’t working on the task at hand.” But just how “friendly” do employees think it is to have every minute of their day micromanaged?

Another firm, Enaible, uses A.I. to track a range of worker behavior, ranking their productivity. After the algorithm learns about a worker’s “typical pattern of behavior” it gives them a score between 0 and 100. But how is that score reached, what factors are used? Thanks to the black box artificial intelligence driving this product, workers and managers often won’t know. Even worse, there’s no protection against A.I. bias, that might indirectly penalize workers for their race, gender, sexual orientation, or disabilities.

But productivity tracking technology is far from the most invasive form of employee monitoring. Some firms require employees to undergo constant GPS tracking, keeping a log of every place they go. Other systems gain access to an employee’s webcam, peering into the most intimate corners of their life. Imagine just how easily this power could be misused an abusive manager with a history of harassment.

Managing remote employees is genuinely difficult. But many of the tools that corporate giants have rushed to install are invasive and dehumanizing. Even worse, when these tools are forced on employees who are already facing the unpreceded stresses of 2020, the results may be counterproductive. Employees hemmed in on all sides by a closing net of tracking tools will not only feel growing resentment, they’ll likely be far less productive.

Of course, workplace surveillance long predates the upheaval of COVID-19. In traditional offices, most employers treated employees’ every action on company computers as a topic for review. And blue collar workers have long faced the types of surveillance that their knowledge economy colleagues are now experiencing. Still, the expansion of remote work is building a critical mass of opposition, laying the groundwork for real reforms.

American lawmakers have been slow to respond to this shift in workplace surveillance, but E.U. officials have been much more quick to act. Across the Atlantic, employees already had broad rights under the General Data Protection Regulation (GDPR) to understand how they were tracked by employers. But now many countries are going even further, drafting new protections specifically targeted at remote work.

For example, Spain has regulated remote work, providing that workers have, among others, the right to privacy and data protection. Specifically, the decree states that “the company may not demand the installation of programs or application on devices owned by the worker” and that companies “must establish criteria for the use of digital devices, respecting in all cases the minimum standards of privacy protection”. Elsewhere, Ireland is working on a guidance for remote working, building on its 2019 report and advice given on protecting personal data when working remotely.

Legislation in the U.S. has been far slower to arrive. What few privacy protections Americans have generally apply to consumers, not employees. California’s groundbreaking California Consumer Privacy Act (CCPA) largely ignores the dangers of workplace or remote work surveillance. And federal law has largely ignored the problem as well.

But there are some signs of hope. In recent days, Democratic Senators wrote to Amazon following reports that the tech giant had rolled out invasive new tracking tools. Beyond merely invading worker privacy, Amazon is accused of using this new technology to track and block unionizing efforts by staff, a potential violation of federal law. But simply responding to one tech company’s abuses don’t go nearly far enough.

For the Biden administration, this is an opportunity to direct administrative agencies to use existing labor and privacy powers to push back against invasive tracking. The Department Of Labor can no longer continue to give corporate America a free pass on privacy invasion.  At a time when more and more Americans are subjected to endless workplace tracking, the time has clearly come for the U.S. to catch up with the rest of the world and enact real privacy protections.