Big Brother Isn't Just Watching: Workplace Surveillance Can Track Your Every Move
How can an employer make sure its remote workers aren’t slacking off? In the case of talent management company Crossover, the answer is to take photos of them every 10 minutes through their webcam.
The pictures are taken by Crossover’s productivity tool, WorkSmart, and combine with screenshots of their workstations along with other data – including app use and keystrokes – to come up with a “focus score” and an “intensity score” that can be used to assess the value of freelancers.
Today’s workplace surveillance software is a digital panopticon that began with email and phone monitoring but now includes keeping track of web-browsing patterns, text messages, screenshots, keystrokes, social media posts, private messaging apps like WhatsApp and even face-to-face interactions with co-workers.
“If you are a parent and you have a teenage son or daughter coming home late and not doing their homework you might wonder what they are doing. It’s the same as employees,” said Brad Miller, CEO of Awareness Technologies, which sells a package of employee monitoring tools under the brand Interguard.
Crossover’s Sanjeev Patni insists that workers get over the initial self-consciousness after a few days and accept the need for such monitoring as they do CCTV in shopping malls.
“The response is ‘OK, I’m being monitored, but if the company is paying for my time how does it matter if it’s recording what I’m doing? It’s only for my betterment,’” he said.
Such “betterment” apparently isn’t necessary for managers: they can pick and choose when to turn their cameras on.
The majority of surveillance tech providers focus their attention on the financial sector, where companies are legally required to track staff communications to prevent insider trading. But they are increasingly selling their tech to a broader range of companies to monitor staff productivity, data leaks and Human Resources violations, like sexual harassment and inappropriate behavior.
Wiretap specializes in monitoring workplace chat forums such as Facebook Workplace, Slack and Yammer to identify, among other issues, “intentional and unintentional harassment, threats, intimidation”.
Last year an employee at an IT services company sent a private chat message to a friend at work worried that he had just shared his sexual identity with his manager in a meeting and fearing he’d face career reprisal. Wiretap detected the employee’s concern and alerted a senior company exec who was then able to intervene, talk to the manager and defuse the situation.
“Having the visibility allows you to step in productively,” said Greg Moran, COO of Wiretap. “Even if it’s not a serious offense you can see the early indications of someone heading down a path.”
To monitor productivity, software can measure proxies such as the number of emails being sent, websites visited, documents and apps opened and keystrokes. Over time it can build a picture of typical user behaviour and then alert when someone deviates.
“If it’s normal for you to send out 10 emails, type 5,000 keystrokes and be active on a computer for three hours a day, if all of a sudden you are only active for one hour or typing 1,000 keystrokes, there seems to be a dip in productivity,” said Miller.
“Or if you usually touch 10 documents a day and print two and suddenly you are touching 500 and printing 200 that may mean you’re stealing documents in preparation of leaving the company.”
Other companies, such as Teramind, seek to measure distraction by looking at how much a person is switching between applications.
“If a paralegal is writing a document and every few seconds is switching to Hipchat, Outlook and Word then there’s an issue that can be resolved by addressing it with the employee,” said Teramind’s CEO, Isaac Kohen.
A common but flawed technique is keyword detection, drawing from a list of predefined terms including swear words and slang associated with shady behavior. This approach tends to kick up a lot of false positives and is easy to circumvent by anyone intent on beating the system.
That wasn’t the case when an All State Insurance franchise did a live demonstration of Interguard’s software to other dealers. The technology started scanning the network and almost immediately found an email with the words “client list” and “rÃ©sumÃ©”. The demonstrator opened the email in front of a room full of peers to discover his best employee was plotting to move to another company.
Companies like Digital Reasoning search for more subtle indicators of possible wrongdoing, such as context switching. This is where one person suggests moving the discussion to encrypted apps like WhatsApp or Signal or even taking the conversation offline, indicating that the subject matter is too risky for the corporate network.
“Now people know a lot of these systems monitoring communications are becoming more sophisticated, they are saying, ‘Hey let’s move over to the other app’ or ‘Let’s meet downstairs for coffee’. These are small clues that have surfaced in prosecutions,” said Digital Reasoning’s chief product officer, Marten den Haring.
Even WhatsApp isn’t safe from Qumram’s monitoring software, which is placed on employees’ devices – with their consent – to capture everything they do, including the messages they send to customers using WhatsApp.
“It truly is Big Brother watching you,” said Qumram’s Patrick Barnett.
The spying technique that most companies avoid, despite Crossover’s enthusiasm, is accessing employees’ webcams. (Although you should probably tape over yours like Mark Zuckerberg does if you are worried about it.)
“We’ve had requests for that from a government agency but we declined,” said Teramind’s Kohen. “It’s crossing a line.”
American companies generally aren’t required by law to disclose how they monitor employees using company-issued devices, although they tend to include a catch-all clause in employment contracts declaring such monitoring.
“You can look at everything [in the US],” said Al Gidari, director of privacy at the Stanford Centre for Internet and Society, adding that new surveillance software is so intrusive because it’s “more pervasive, continuous and searchable”.
Even if you’re not an employee you may still be subject to surveillance, thanks to technology used to screen potential job candidates. Santa Monica-based Fama provides social media screening to employers to check for any problematic content.
CEO Ben Mones said Fama was only interested in content that’s relevant to businesses, which includes “references to bigotry, misogyny and violence” as well as drug and alcohol references. The software, he said, can “tell the difference between smoking weed in the backyard and weeding the backyard”.
When pushed on how the company differentiates bigotry versus, for example, a black person using the N-word, the response is a little fuzzy.
“It’s a super-nuanced topic,” Mones said, adding that some of the thinly veiled signs of racism, like references to Confederate flags or statues, wouldn’t come up.
“Employers aren’t looking at references like that to make a hiring decision,” he said.
And connecting the dots between a person’s work life and personal life can lead to uncomfortable territory. One insider at a large consulting firm told the Guardian the company was looking into whether it could prevent fraud among bankers by looking at their Facebook pages. One scenario would be a trader who had just changed their relationship status from married to divorce, the expense of which “could put that person under pressure to commit fraud or steal”.
The insider had reservations about the effectiveness of such a system.
“If I were divorced, would I be more likely to steal? I don’t think so. It makes assumptions,” he said, adding, “The more data and technology you have without an underlying theory of how people’s minds work then the easier it is to jump to conclusions and put people in the crosshairs who don’t deserve to be.”