New Act controls workplace surveillance

By Narelle Smythe.

Key Points:
Under the new Act, employers may not engage in "camera surveillance", "computer surveillance" or "surveillance" of employees. There are important exceptions with respect to the employer clearly, and in advance, notifying employees of what it is doing and any related policies of the employer.

The New South Wales Workplace Surveillance Act 2005 was passed on 23 June 2005. It will commence on proclamation. Regulations are currently being drafted and it is expected that it will commence shortly after finalisation of those regulations.

The Act restricts and regulates employers in relation to surveillance that can be carried out on their employees in the workplace.

Among other things, the Act:

• prohibits surveillance by employers of employees using camera, computer and tracking devices at work without:
  • notifying employees of that surveillance; or
  • having sought authorisation of that surveillance by a Covert Surveillance Authority ("CSA").

A CSA can only be issued for the purpose of investigating unlawful activities of employees and not to monitor employee performance.

• prohibits employers from blocking an employee's workplace internet and email access unless:
  • that blocking is in accordance with the employer's internet and email policy and this policy has previously been communicated to the employee; and
  • the employer immediately notifies that employee that his/her workplace internet and email access has been blocked.
• restricts the use and disclosure of surveillance records to relevant purposes only.

Types of surveillance

The Act applies only to the following definitions of surveillance:

• Camera surveillance - the monitoring or recording, by electronic means, of visual images of the employee (eg. by closed-circuit television);
• Computer surveillance - the monitoring or recording by means of software or other equipment of the information input or output, or other use, of a computer used by the employee (including but not limited to, the sending and receipt of emails and the accessing of internet websites), and;
• Tracking surveillance - the monitoring or recording of the geographical location or movement of the employee by means of an electronic device (such as tracking the employee or the vehicle driven by the employee by means of a Global Positioning System device).

Notified surveillance

Part 2 of the Act requires employers to notify employees of surveillance that will be carried out while the employee is at work (i.e. at the workplace, or any other place while working).

Surveillance of an employee is notified surveillance, and therefore allowed, if:

• the employee has been notified in writing of the intended surveillance at least 14 days (or less as agreed by the employee) before the intended surveillance (section 10);
• in the case of camera surveillance, the cameras are clearly visible and there are signs notifying people that they may be under surveillance (section 11);
• in the case of computer surveillance, the surveillance is carried out in accordance with a policy of the employer and the employee has been notified in advance of that policy (section 12). Section 17 prohibits the blocking of emails sent to or by an employee and website access by an employee unless the employer is acting in accordance with the employer's email and internet access policy. The email and internet policy must be communicated to the employee prior to any blocking of that email or website. Employees must be immediately notified that an email has been blocked except in the case of spam or menacing, harassing or offensive emails. An employer's email and internet access policy must not authorise blocking of emails or websites merely because the content of those emails or websites relates to industrial matters (such as stop-work meetings);
• in the case of tracking surveillance, the employee is given notice in advance of the surveillance by means of a notice clearly visible on the vehicle or thing being tracked (section 13); or
• the employee (or a substantial number of employees) has agreed to the surveillance for a purpose other than the surveillance of employees and the surveillance is carried out in accordance with that agreement (section 14).

As with the existing Workplace Video Surveillance Act 1998 (NSW), which the Act will repeal, the Act prohibits surveillance of any change room, toilet facility or shower or other bathing facility at work. It also prohibits employers from undertaking surveillance using a surveillance device, such as a camera or video while the employee is not at work. However this prohibition does not extend to use of computer equipment form the employee's home when that equipment has been provided by the employer.

Section 18 restricts the use and disclosure of notified surveillance records to those relating to:

• a legitimate purpose of the employment;
• requirements by a law enforcement agency for use in connection with an offence;
• the taking of civil or criminal proceedings; or
• averting an imminent threat of violence or damage to property, if it is reasonably believed to be necessary.

Covert surveillance

Part 4 of the Act will prohibit covert surveillance (which is anything that is not notified surveillance) by an employer of their employees at work, except as authorised by a CSA. Covert surveillance may only be carried out for the purpose of establishing whether or not an employee is involved in any unlawful activity at work.

Under section 22, an employer can defend a breach to the covert surveillance prohibition by proving that:

• the covert surveillance of an employee was carried out solely for the purpose of ensuring security of the workplace or persons in it. The employer is required to notify employees in writing that that intended surveillance is for security reasons;
• that there was a real and significant likelihood of the security being jeopardised if covert surveillance was not carried out; and
• the employer notified (other) employees in writing of the intended surveillance for that purpose before it was carried out.

In order to conduct covert surveillance in their workplace, an employer must first obtain a CSA from a Magistrate under section 23. Any application to a Magistrate for a CSA is subject to 8 mandatory criteria including:

• The grounds the employer has for suspecting unlawful activity;
• Whether the employer has taken other steps to detect the unlawful activity;
• The names of the employees or the class of employees who will be the subject of the covert surveillance;
• A description of the premises;
• A statement outlining what type of surveillance will be undertaken, whether it be camera, computer or tracking;
• Dates and times when the surveillance is proposed to be conducted;
• A statement whether any previous applications for surveillance authorities have been made and the results of those applications;
• If an employer's representative is making the application, verification of the employer's authority for that representative to act on behalf of the employer.

In considering an application for covert surveillance, a Magistrate must:

• be convinced that the grounds justifying its issue are reasonable and have regard to the seriousness of the unlawful activity.
• consider whether the surveillance would unduly intrude on the privacy of the employee concerned, or any other employees, particularly in locations in which employees are not directly engaged in work such as recreation rooms or meal rooms or on the privacy of other persons.

If a Magistrate refuses an application by an employer to issue, vary or cancel a CSA, the applicant can apply to the Industrial Relations Commission within 30 days of that Magistrate's decision. Similarly an employee can apply to the Commission to vary or cancel a CSA (section 41).

Reporting and disclosure requirements for covert surveillance

Under section 35 of the Act an employer must provide a report to the issuing Magistrate within 30 days of the expiry of the CSA specifying, among other things, the name of the employee who was the subject of the surveillance, the period of surveillance, details of the type of surveillance, details of any surveillance record and any reason why an employee who was the subject of the surveillance should not be informed of the surveillance.

Disclosure of covert surveillance records may be made for relevant purposes only; such as disclosure to a law enforcement agency for investigation of an offence or in disciplinary or legal proceedings against the employee (section 37).

The Act also regulates the storage of covert surveillance records by employers, employers' representatives and licensed security operators. Further, the Act provides for fines of up to $2200 per breach of the record storage provision (section 36).

Director's liabilities

Importantly, the Act contains a deeming provision with regard to an individual who is a director of a corporation or a person who is concerned in the management of a corporation.

If a director of a corporation, or a person concerned in the management of a corporation, knowingly authorises or permits a contravention of the legislation, then that person is capable of being prosecuted in his or her capacity as an individual.

Conclusion

Employers will need to implement policies and procedures relating to how surveillance of employees is conducted in the workplace, particularly email and internet policies. The importance of a comprehensive email and internet access policy being formulated by the employer cannot be underestimated, particularly in light of the prohibitions relating to the blocking of emails or internet access. Employers must ensure that employees are aware of and understand the policy so it is important the policy is easy to understand and is made readily available. Formal training in the application of the policy may be required.

The Bill explicitly prohibits the blocking of emails, whether sent or received, or the access to a website in relation to an employees rights to union representation. Employers will need to ensure that employees' access to their union via electronic means is not hindered in any way.

For further information, please contact Narelle Smythe.