Technoethics, or the ethics of technology use, is an increasingly popular conversation as new technology becomes interwoven and inseparable from our work and personal lives.
Many consumer technologies give users more choice (to a degree) in how much personal identifiable information (PII) to share. Consumers have the option to not use the technology or app.
But business-related technologies are different — and they are tied directly to performing required tasks. Organisations rely on communication tools and apps like Microsoft Teams, Zoom, Slack, and WhatsApp to drive collaboration. Should these be captured, stored and monitored?
Before we even get to this question, it’s important to know the laws and guidelines surrounding business-related communications data.
- It’s a legal and regulatory requirement
Organisations in regulated industries are required to collect certain types of employee data. Under rules including FCA Chapter 9 and MiFID II Article 16, financial services organisations must capture, archive, and monitor their employees’ business communications. Whether the communication was sent or received on free Wi-Fi, on personal devices, encrypted channels like WhatsApp, or through personal accounts, employers must have records of these messages if they were for the purpose of conducting business of the firm.
There’s no debate here. Failure to capture and retain digital communications data can incur heavy fines, termination of those in charge, and reputational harm.
However, it is also important to note that there are also laws regulating the collection and processing of personal identifiable information (PII). The European Union’s General Data Protection Regulation (GDPR) and country-specific data privacy regulations affect every organisation operating at the global level. They must be carefully reconciled by local privacy and regulatory experts to define retention policies in order to meet both sets of requirements and define the scope and scale of surveillance efforts.
- Beyond regulatory requirements, why should organisations monitor employees’ business communications?
An immense amount of data is sent through digital communication applications as employees collaborate or coordinate internally and externally. There’s opportunity to use this data to:
- Reduce employee misconduct and workplace policy infractions
- Reduce misuse of customer data
- Improve employee productivity
- Boost company morale and culture
Applying practises that monitor communications enables organisations to discover policy violations and vulnerabilities across multiple functions and business processes. Legal, HR, infosec, audit and investigative teams are all engaged in spotting red flags that range from loss of intellectual property, security exposures and privacy violations, to a variety of workplace policy infractions.
- Is it ethical to monitor employee communications beyond regulatory requirements?
In the recent Annual Banking Operational Risk Management Summit, this was one of the most asked questions. But like many ethical questions, the answer depends on additional questions:
- What’s the business requirement fulfilled by collecting data?
- How will the data be used?
- What happens with the data after it’s captured or used?
- How can potential misuses of that data be identified and rectified?
There is a simple starting point to address these questions: anonymise collected data. This way, it’s less about monitoring and analysing individuals and more about understanding how information value and risk are being harnessed and managed by the organisation.
This is where artificial intelligence really shines. Rather than having human eyes looking through communication data, AI and machine-learning technology can automatically:
- Strip PII from collected data
- Flag malicious language in context
- Cull through thousands of daily messages
- Identify misconduct with fewer false positives
No one likes the idea that every letter of their communications is being scrutinised and analysed — but that shouldn’t be the point of monitoring employee business communications.
So, is it ethical to monitor employee communications? Like many ethical thought experiments, the answer to this question is that it all comes down to intent.
Featured report: Putting tech to work in surveillance – Get the Report.
Smarsh® is the recognized global leader in electronic communications archiving solutions for regulated organizations. The Smarsh Connected Suite provides innovative capture, archiving, e-discovery, and supervision solutions across the industry’s widest breadth of communication channels.
Scalable for organizations of all sizes, the Smarsh platform provides customers with compliance built on confidence. It enables them to strategically future-proof as new communication channels are adopted, and to realize more insight and value from the data in their archive. Customers strengthen their compliance and e-discovery initiatives and benefit from the productive use of email, social media, mobile/text messaging, instant messaging and collaboration, web, and voice channels.
Smarsh serves a global client base that spans the top banks in North America and Europe, along with leading brokerage firms, insurers, and registered investment advisors. Smarsh also enables federal and state government agencies to meet their public records and e-discovery requirements. For more information, visit www.smarsh.com.
At LS Consultancy, we provide a cost-effective and timely copy advice and copy development services to make sure all your advertising and campaigns are compliant, clear and suitable for their purpose.
Why Not Download our FREE Brochures! Click here.
Call Us Today on 020 8087 2377 or send us an email.
You can see our Google reviews here.
We’re looking for guest writers with business know-how and experience to create outstanding articles to feature on our website. Sound like you? Then find out more…