skip to main content
Back to all blog posts

Posted in: Data Security/Privacy

Apr 14, 2016

Privacy in the Workplace in the Digital Age

By Meghan A. Cowan

The use of security cameras to monitor employees in the workplace (and how this impacts an employee's reasonable expectation of privacy) has been a topic of litigation in the labour and employment context for decades in Canada.

Now, with the prevalence of computers, laptops and personal hand-held devices in every workplace, the amount of digital information generated by employees - and an employer's ability to monitor that information - has expanded greatly. Examples of third-party surveillance programs that take screenshots, record keystrokes, and monitor emails and online searches are well known. While employees have an expectation of a degree of privacy in their use of company-owned devices and software, employers still have the right to ensure that company devices and software are used properly and in a way that complies with the law and the company's expectations.

The best tool for employers to use is an acceptable use policy. This type of policy sets out clear expectations for all parties and permits employers to be able to enforce the proper use of technology in the workplace. Good acceptable use policies will clearly indicate what level of privacy an employee can expect, what behaviour is prohibited and what the consequences are for non-compliance. If the acceptable use policy is reasonably drafted and takes these factors into account, it will have a greater chance of being upheld by the courts.

Related Categories

Related Blogs

Posted in: Data Security/Privacy | Data Protection

Insights TheSpotlight
Notifying Consumers of Data Breaches: New Regulations By Stephen Crawford Apr 24, 2018 The federal government has introduced new regulations setting out what information must be disclosed to consumers and to the Privacy Commissioner after a data breach. These regulations will take effect on November 1, 2018.

Posted in: Data Protection | Privacy | Data Security/Privacy

Insights TheSpotlight
New Notification Requirements for Data Breaches By Stephen Crawford Apr 13, 2018 As of November 1, 2018, if your organization suffers a data breach, new reporting requirements will be in place that may require you to notify consumers and the Privacy Commissioner of the breach – or else face a fine of up to $100,000.

Posted in: Data Security/Privacy

Insights TheSpotlight
Phishing Risk Deemed Sufficient in Alberta to Trigger “Real Risk Of Significant Harm” Threshold By Steve J. Tenai Mar 13, 2018 Since 2010, Alberta’s Personal Information Protection Act (“PIPA”) requires private sector organizations to notify the Office of the Information and Privacy Commissioner (“OIPC”) of a breach of personal information where a “reasonable person would con...