Reuters has reported that the ICO is probing Barclays Plc. At the heart of the probe is a system used by the bank to track staff at work. Barclays uses a solution from Sapience Analytics to monitor how much time staff actually spend at their desk.
On its website, Sapience Analytics states: “By providing automated work pattern reporting, real-time analytics and advanced IT asset management tools, Sapience delivers unprecedented visibility into how people work, with actionable insights to better manage cost and performance across teams and organizations, and guide in-office and remote workforce deployment strategies.”
In February, the BBC reported that the bank was to scrap the system altogether. However, it seems that it was inaccurate. Instead, the bank says it changed from tracking individual workers to using anonymised data. What is not clear is what it would get from anonymised data that would enable it to improve productivity.
Privacy vs employee health
On the face of it, this is an open and shut case of privacy. But there is a much deeper element to it. The ICO is looking at this case solely from a privacy angle. An ICO spokesman told Reuters: “People expect that they can keep their personal lives private and that they are also entitled to a degree of privacy in the workplace.
“If organisations wish to monitor their employees, they should be clear about its purpose and that it brings real benefits. Organisations also need to make employees aware of the nature, extent and reasons for any monitoring.”
But, employers also have a responsibility to monitor the health and wellbeing of their staff. Nobody would argue that employees have a right to take adequate rest and limit their working hours. In September 2019, the European Court of Justice (ECJ) ruled on both these issues. It ruled that the only way an employer could ensure staff take breaks and don’t overwork is to monitor them.
Its judgement put pressure on the UK to update the UK Working Time Regulations (WTR). Responsibility for enforcing this is down to the Health & Safety Executive (HSE). Importantly, Barclays has not said its monitoring is about health and safety. However, it would not be a big jump for it to claim that the anonymised data allows it to see working patterns across its employees. That would allow it to bring in new procedures to protect staff.
How does this affect working from home?
For staff working from home at the moment, the situation is more complicated. In June, Sectigo published its 2020 Work From Home report. It focused on IT professionals and showed that productivity was up. For most employers, that was a great finding.
In July, however, another report, this time from SellCell, also gave a positive view on productivity. However, it did show that the majority of respondents are constantly distracted by social media platforms. It will have left employers with mixed feeling.
Many employees like working from home. Importantly, this is not because they think they can do less, but because it gives them more flexibility. It means that they can schedule their day around both work and family life. For some workers, flexibility is easy to achieve and fits their work. For others, especially those who are dealing with customer calls, there is still a need to keep to office hours.
The challenge of mental health is something that everyone has become more aware of during the pandemic. Stopping employees overworking is part of dealing with that, but how should employers deal with it? The ECJ says monitor them more. Privacy advocates say the opposite. This investigation into Barclays is highly unlikely to provide any guidance on this at all.
Enterprise Times: What does this mean?
The probe should act as a warning to many organisations. Work from home has become the norm for a lot of employees. Employers, who have generally been distrustful of widespread remote working, have deployed tracking software to ensure employees are not slacking off. Some will look to the ECJ ruling and claim that they are doing it for the benefit of their staff. The challenge will be proving that.
What is really needed is a coherent judgement from the ICO and the HSE. Employers and employees need to know where the line is. When is this taking care of staff and when is this just creepy?
Lessons from an experienced remote working organisation