Module 4 : Workplace Privacy and Ethics

Work place monitoring : Watching what you say and what you do in the worklace
: Monitoring of employees at work place can be done for number of reasons.
However, everyone has the right to some degree of privacy in the workplace and
the law does set some limits on monitoring activities.

Technology makes it possible for employers to monitor many aspects of their

employees jobs, especially on telephones, computer terminals, through email,
voice mail and when employess are online. Almost everything employees do on
the office computer can be monitored.

Monitoring must be done at in a way that is not oppressive to staff. Excessive

routine and unnecessarily intrusive monitoring unethical.

Need of Work place Monitoring :

Employee or customer safety : Most f the time the monitoring at work place is
done for the safety of the employees. To avoide attacks, robberies, violence,
workplace mishaps, and for other work place safety issues monitoring is essential.

Workplace liability and investigation : Potential legal liability resulting from

employes computer misuse or misconduct is often a motive for employee
monitoring. Incidents of harassment, safety and theft may trigger an investigation
in to such misconduct that may use monitoring or surveillance.

Network and system performance : most of the employees download, share and
use large audio and video files, internet surfing and and there are chances of virus
attack too which will further disable network . so to maintain the performane of
network monitoring is required

Employers right to know : Whether for productivity or for security reasons, an

employer can protect its economic interests by monitoring aspects of the work
environment. employers may also undertake monitoring to protect themselves
from potential legal liability.

Other needs: To establish facts are relevant to the business, to check that
procedures are being followed or to check standards, ex. Listening in to phone
calls to assess the quality of the work(BPO or call centres).

To prevent or detect crime.

To check whether the employees are using the internet for personal use.

To make sure that electronic systems are working effectively, i.e to prevent any
viruses entering the system.

Types of workplace monitoring :

Hardware monitoring

Software monitoring.

Types of Hardware monitoring : Audio surveillance, video surveillance, Magstripe

cards, infrared badges at work.

Audio surveillance : Monitoring employees telephone calls and other oral

communivations. Employers claim several reasons for conducting audio
surveillance . Ex. Employers suspect that employees are making ecessive personal
use of company telephones. An employer may suspect that an employee is
disclosing confidentail business secrets to a competitor. An employer may have a
business need to maintain records of telephone conversations with its customers.
Or an employer may simply want to monitor employees conversations with
customers for quality assurance purposes and training.

Video surveillance : (monitoring of employees by video cameras). An employer

may suspect that employees are engaging in criminal activity in the workplace, or
are misusing company property. Other employers may use video surveillance to
monitor employee work performance.

Magstripe cards : The magnetic strip of plastic film contains thousands of small
magnetic particles. This is now commonly integrated in to employees ID’s, to track
the employee’s movement.

Infrared badges at work : By wearing a lightweight badge whch emits infrared

signals containing location data, the individuals location is instantly available. The
location information is received by the system and is accessible to users through
telephone. By simply entering the person’s extension.

Software monitoring : Software monitoring, is still unregulated by the

governments and can be used without making the employees aware.

Types of software surveillance : Eletronic surveillance, Spyware, Screen, data and

idle time Monitoring.
Electronic surveillance : E-mails are considered to be company property if they
are sent using company’s computer system. Employers generally have the right to
monitor and view employee email, so long as they have a valid business purpose
for doing so. Many employers now have email systems that copy all e-mail
messages as they pass through the system to check for productivity, illegal use,
and other issues. Emails are frequently being used as evidence during trial to
prove employee misconduct or wrongdoing.

In addition, employers have the right to track the websites visited by their
employees, to block employees , to block employees from vising specific internet
sites, or to limit the amount of time an employee may spend on a specific
website.

Spyware : The term spyware is given to software that is installed without the
user’s permission and which covertly gathers and transinits data about the usage
of the machine.

Once installed, spyware starts monitoring the way the computer is used and feeds
back the information to the website operators which have often sponsored the
programme’s distribution.the employer’s want to understand precisely how an
employee travels through their site, which other sites are visited and for how long
.They also want to know which applications are installed on the user’s computer.
This can be gathered from the user’s e-mail address or the phone number
programmed in to the modem.

Poorly written spyware programmes can , and often do , cause PC’s to crash and
networks to slow down. Sending this data back to the data base also takes time
and consumes network bandwidth, thus slowing down the websurfing and e-
mailing. This can cause to the employer’s money if they are paying for network
bandwidth according to total or peak usage.

Various information that can be reported by spyware are :

1) User key strokes : user’s single key press on key board is called key stroke.
The keystrokes can be used to get user’s passwords and other sensitive
data.
2) Copies of Email : the e- mails in the inbox and sent mail of a user can be
sent to the third party.
3) Copies of Instant Messages: Any type of chat and instant messages may
also be copied and sent to third party.

Screen, data and idle time monitoring :

This records video and static images detailing the contents , or screen capture,
of the entire or the content of the screen activity within a particular
programme or computer application. Monitoring tools may collect real time
video, accelerated or video or screen shots or may take video or still image
captures at regular intervals . they may collect images constantly or only
collect information while the user is interacting with the equipment(Ex;
capturing screens when the mouse or key board is active).

Data monitoring tracks the content of and changes to files stored on the lcal or
in user’s private network share. Idle time monitoring keeps track of time when
the employee is away from the computer or the computer is not being used.

Advantages of Workplace monitoring :

Cut Down mistakes : Monitoring employees gives employers the opportunity

to watch for mistakes and errors throughout the workday. When employers
see an employee making an error, they may immediately confront the
employee about it or bring it up during the employee’s performance review.
They may use evidence gathered by the monitoring system to help an
employee cutdown on his mistakes in the future by pointing out ways he an
improve.

Acknowledge strengths : employees want employers to acknowledge their

strengths, and monitoring system wnables to do so throughout each ay.A
monitoring system provides employers with detailed snapshots of how an
employee is going above and beyond the call of duty. Acknowledging
employee excellence captured by the monitoring system also lessens trust
issues employees may have with being monitored. if the employees
understand that the monitoring system is not being used solely to point out
weaknesses they may become more accepting of being monitored.

Employees safety : Employees mayunknowingly or knowingly commit safety

instructions, which may lead to serious injury. By monitoring the workplace,
employers have an eye in the sky to catch all safety issues, such as debris on
the floor or an employee operating a forklift without a helmet. Unlike
employee weaknesses caught on the monitoring system, employers must
immediately bring safety issues to the forefront.

Violations of policies : Dishonest employees, as well as employees who believe

the rules do not apply to them, may break company rules when management
is not around. By constantly monitoring employees, employers might catch
those who willingly violate company policy and immediately employ
disciplinary action.

Unbiased Performance Evaluation : it provides an unbiased metod of

performance evaluation and prevents the interference of managers feelings in
an employee review.electronically generated information offers uniform and
accurate feedback on past performance. Thus, the evaluation will be solely
based on the quantity and quality of an employee’s work rather than on
manager’s opinions.

Disadvantages of Workplace monitoring :

Monitoring Prevents Efficiency : while surveillance has its benefits, it also has
drawbacks that contribute to employee turnover and anxiety. Productivity can
be negatively affected if wrker observation becomes too intrusive. He consta
fear of being watched and reprimanded for their behaviour or work can cause
employees stress and hinder efficiency as a result. Excessive monitoring will
also lead to employee turnover.

Expense : employee monitoring programme requires additional staff members

to monitor the surveillance. There is also additional expense of the equipment
necessary to do surveillance. As the company expands so will the need for
more surveillance to keep up with new staff members and additional company
locations.

Devious employees : An employee surveillance system can sometimes drop

employers in to a false sense of security. When they have active monitoring,
they automatically assume that they have all of the necessary angles covered.
Employees who want to defeat the monitoring system can find methods that
employers may have missed when they installed the system. workplace
monitoring also give employers the feeling that their company and employees
are more secure.
 Individual goals over organisational goals : Monitoring can discourage workers
from working towards team and organisational goals or from helping co-
workers to achieve organisational goals. When workers are monitored on an
individual basis they are given individual goals. Using data gathered through
monitoring to drive employees to achieve these individual goals rather than
team goals destroy the spirit of community among workers. Thus monitoring
can encourage competition among workers rather than a team effort to
achieve common goals

Computer crimes : Computer Crime- the act of using a computer to commit an

illegal act Authorized and unauthorized computer access
Examples
Stealing time on company computers, Breaking into government Web sites,
Stealing credit card information, Stealing or compromising data, Gaining
unauthorized computer access, Violating data belonging to banks, intercepting
communications, Threatening to damage computer systems, Disseminating viruses.
Hacking and Cracking
Hacker – one who gains unauthorized computer access, but without doing
damage. Cracker – one who breaks into computer systems for the purpose of
doing damage.
Types of computer crime
– Data diddling: modifying data
– Salami slicing: skimming small amounts of money
– Phreaking: making free long distance calls
– Cloning: cellular phone fraud using scanners
– Carding: stealing credit card numbers online
– Piggybacking: stealing credit card numbers by spying
– Social engineering: tricking employees to gain access
– Dumpster diving: finding private info in garbage cans
– Spoofing: stealing passwords through a false login page

Computer viruses and destructive code

– Virus – a destructive program that disrupts the normal functioning of
computer systems
– Types:
– Worm: usually does not destroy files; copies itself
– Trojan horses: Activates without being detected; does not copy itself
 – Logic or time bombs: A type of Trojan horse that stays dormant for a
period of time before activating

Computer Security – precautions taken to keep computers and the information they
contain safe from unauthorized access

Encryption – the process of encoding messages before they enter the network or
airwaves, then decoding them at the receiving end of the transfer

• How encryption works

– Symmetric secret key system
• Both sender and recipient use the same key
• Key management can be a problem
– Public key technology
• A private key and a public key
– Certificate authority
• To implement public-key encryption on a busy Web site,
requires a more sophisticated solution. A third party, called
certificate authority, is used.
• A trusted middleman verifies that a Web site is a trusted site
(provides public keys to trusted partners)
• Secure socket layers (SSL), developed by Netscape, is a
popular public-key encryption method
Virus prevention

– Install antivirus software

– Make backups

– Avoid unknown sources of shareware

– Delete e-mails from unknown sources

Work place plagiarism : if employee uses the words, phrases, images or

written ideas of another and present them as his/her own , it is considered
as plagiarism, and depending on the circumstances and severity can be
actionable offence.

Most of the time the employees who palgiarise do not necessarily know
they are doing anything wrong. In some instances, they might no know how
to appropriately conduct research or cite sources. If this is the case, it is
 important for the management to understand the circumstances so
appropriate training can be put in place.

Types of workplace plagiarism :

 Using others images: web and graphic designers often use images to
enhance the aesthetics of marketing collateral and branding tools,
such as websites, brochures, and logos. If a designer uses graphics
created by another designer or pictures taken by a photographer
without permission, it is plagiarism. One can use images and graphics
that others are created with written permission .
 Taking Credit for an idea : In a workplace employees take ideas off of
their co-workers, if an employee shares a work related idea with
another employee, and that employee takes the idea to management
or to a fellow employee and passes it off as his own is a plagiarism.
 Failing to list a Source : if an employee is using the information which
he has not discovered on his own, it is important to cite the sourse,
failing to cite the sourse, is called as plagiarism. If an employee is
wring a piece inline, he /she should mention the soure and link back
to the original web page.
 Stealing blog content : companies that use other companies website
contents are plagiarising if the content is exact or matches very
closely.
 Reproducing an E-book : consultants, coaches, and marketing experts
create electronic books to provide advice to potential clients, build
their credibility and earn additional money. If a company redesigns
the cover of another author’s e-book but keeps the same content, it
is plagiarism.

Effects of work place plagiarism :

Personal integrity : plagiariam can damage the reputation and credibility and
have a severe nehgative impact on an employee’s career.

Legal consequences : depending o the type of plagiarism committed, there

could be severe legal consequences particularly if copyright violations take
place.
Company reputation : Pagiarism hurts the company reputation.

Fairness to colleagues : plagiarism is not just about repurposing content from a

source outside the company. If an employee attempts to take credit for a
collegue’ s idea or concept , this too represents a form of Plagiarism.

Convenience and Death of Privacy

Information, as everyone knows, is power. Both collecting and collating

personal information are means of acquiring power, usually at the expense of
the data subject. Whether this is desirable depends upon who the viewer and
subject are and who is weighing the balance.

Privacy-destroying technologies can be divided into two categories: those that

facilitate the acquisition of raw data and those that allow one to process and
collate that data in interesting ways. Although both real and useful, the
distinction can be overstated because improvements in information processing
also make new forms of data collection possible. Cheap computation makes it
easy to collect and process data on the keystrokes per minute of clerks,
secretaries, and even executives. It also makes it possible to monitor their web
browsing habits. Cheap data storage and computation also makes it possible to
mine the flood of new data, creating new information by the clever organization
of existing data.
Breach of employee privacy :
During recruitment process : As part of the hiring process employers should
require all applicants to complete an application form. The application should
elicit information relating to past employment, references, education, licenses,
and criminal convictions. Taking advantage of their higher position in
organisation and the vulnerability of job seekers, a lot of other questions are
also asked by HRM personnel from prospective employees which breach their
privacy such as requiring them to disclose confidential information about the
past employer, or wanting to know about the candidates financial status, the
question is whether asking such questions to candidate is relevant to the job .
During performance tracking : in case of new age industries like BPO’s call
monitoring , desktop tracking, and other electronic monitoring mechanisms are
widely used to track on job performance. These activities clearly restrict any
possible misuse of organisational resources, but also give the possibility of
tracking personal conversations and messages of employees, which leads to
breach of privacy.
During electronic surveillance : Surveillance of employees using a broad range
of electronic tools by the employer is increasingly becoming a menace to
privacy. What seperates traditional from the new age monitoring is that ‘earlier
people usually knew when the boss was there, electronic monitoring can be
there all the time’.
Privacy issues of Computerised Employee Records : With increasing number of
employee records stored in computers, it is a worrisome factor that unauthorised
persons could access employee information of a confedential nature such as
home addresses, salary data, performance appraisals, drug test results etc.
Guidelines to Defend Employee Privacy :
Adopting a clear policy : Inform workers that they will be monitored and under
what circumstances. The safest course is to ask employees to sign a consent
form , as part of their first day paperwork, acknowledging that they onderstand
and agree to the company’s monitoring policies.
Monitoring only for legitimate Reasons : Company will be on safest legal
ground and waste less time and money, if it monitors only for sound, business
related reasons.
Being reasonable : employees will not perform their wrk if they are in constant
fear of eavesdropping. It is reasonable to prohibit workers from spending hours
on the phone but it is unreasonable to prohibit brief personal calls.
Preventing electronic Harassment : some employees see technological
advances, particularly e-mail, as just one more way to harass their co-workers.
Such things can be avoided by adopting a strict policy against harassment and
enforcing it by monitoring, if employer has good reason to believe a particular
employee is breaking the rules.
Daily recording of Files : daily record files of traffic aimed at identifying and
recording all the connections or attempts to connect to an automated
information system are a measure of security, which must neither be accessible
by unauthorised third parties, nor used for purposes other than those that justify
their processing. In any case, users must be informed of the implementation of
daily record systems and of the duration of storage of any traffic data allowing
the workstation or the connected user to be identified.
Appointment of an in house privacy controller : when their manpower and their
type of organisation justify and allow it, organs or administrations could, in
concert with the employee’s representative organisms, appoint a representative
for data protection and the use of new technologies in the company. This
representative could more particularly be in charge of security aspects, right of
access and personal data protection in the workplace. As an interface between
the manager of the company or the head ofthe administration, thepersonnel
representative organs, and the employees of the private or public sector, this
representative could become the in house privacy controller.