Recently, I discussed whether an Identity Management System can measure productivity by seeing when and how often an employee connects with the different systems. While all the data is present to build such metrics, it doesn’t provide a suitable measurement. Technical surveillance cannot guarantee workers’ productivity or help build a sustainable company.
I wouldn’t want to work in a workplace that spies on its employees. Join me in looking at why workplace surveillance software is doomed to fail and why we should eliminate this worst leftover of the pandemic.
No Trust in Surveillance
No matter how covert, surveillance will, in the end, be revealed. Given the prevalence of social media, there is no way current and future employees won’t be aware of it, especially once you discipline an employee based on monitoring results.
Consequently, all employees will assume they cannot trust their managers and that the system automatically assumes anyone’s guilt. The lack of trust, in turn, makes your employees miserable and prevents a healthy environment.
At the same time, it also prevents managers from trusting employees. The simple existence of the data makes its usage likely. Thus, managers have an incentive to question the truthfulness of every employee. Yet, even when the data confirms the story, there is an incentive for managers to find out whether the employee utilized a workaround like a mouse jiggler.
Consequently, the relationship shifts towards the cat-and-mouse game of surveillance and workaround—a game that is neither helpful for productivity nor for a respectful, trusting environment.
Data Protection Nightmare
Outside of the relationship between employer and employee, workplace surveillance presents its unique challenge to cybersecurity. Most jurisdictions count performance data as part of the human resource data. Employers’ use of surveillance data for performance analytics requires special protection. While so far untested, there is a good chance the California Privacy Rights Act and Europe’s General Data Protection Regulation will apply.
Consequently, surveillance data is a suitable attack vector for data exfiltration. It’s often insufficiently protected, but the damage to a company is significant. Both the employee’s external reputation and internal morale will suffer from the release.
Even without an exfiltration, suitably protecting surveillance data is often impossible. The tools running on desktops, laptops, and servers must interact with the employee’s system.
Screen and keyboard monitoring tools might present a good entryway into the system. No one in IT will have any motivation to keep them up to date. After all, you don’t want to enable anyone to spy on yourself or your coworkers.
Surveillance of the Wrong Benchmarks
Elon Musk once famously claimed that one should measure by the lines of code produced. Twitter users responded by showing that you can check whether a number is odd or even in five or a hundred thousand lines. Readability and performance are significantly better in the shorter example, yet the latter has the edge when measuring lines of code.
For many surveillance products, whether screen attention, typing speed, or mouse movements, the measured factors are highly unconnected to productivity, completion, or the connection you feel to the company. All they measure is some strange performance index.
The availability and success of mouse jiggers is another weird example. If I’m in the atrocity of a 100-person virtual company presentation, the likelihood that I’m holding my mouse is very close to zero. At most, I take paper notes on how it affects me and my work.
Likewise, I don’t move the mouse when reading a white paper or talking to a client. Yet, all of that would be unproductive time for surveillance software.
Unfortunately, it is tough to measure productivity. The only thing we can measure is activity. Yet, being active and effective are two very different things.
A Bit More Trust and Less Technology
Ultimately, the perceived gain of control over your employees is just a perception. With the number of workarounds to standard surveillance tools, management gains nothing from collecting additional data. Yet, the dangers to cybersecurity, morals, and trust are manifold. Thus, we should instead work on building trust and a positive company culture. Both will help a company thrive.