Employee Monitoring Rules

Employers can monitor employees but must comply with UK GDPR, the Human Rights Act 1998 (Article 8 right to privacy), and the Regulation of Investigatory Powers Act 2000. Monitoring must be proportionate, transparent, and based on a legitimate aim.

Last updated: February 2025

What the Law Says

The ICO Employment Practices Code provides guidance on lawful monitoring. UK GDPR requires a lawful basis and transparency. The Regulation of Investigatory Powers Act 2000 and Telecommunications (Lawful Business Practice) Regulations 2000 permit monitoring of business communications where employees are informed. Covert monitoring is only justified for detecting crime.

Your Obligations as an Employer

  • Conduct a DPIA before implementing any monitoring system
  • Inform employees about the nature and extent of monitoring
  • Ensure monitoring is proportionate to the legitimate aim
  • Review monitoring practices regularly and minimise data collection

What to Include in Contracts

Include a clear monitoring clause explaining what is monitored (email, internet, CCTV, location), the purpose, how data is stored and for how long, and reference to the full monitoring policy and employee privacy notice.

View related contract template

Common Mistakes

  • Implementing monitoring without informing employees
  • Not conducting a DPIA before deploying monitoring tools
  • Monitoring personal communications without justification

FAQ

Can employers monitor employees working from home?

Yes, but the same rules apply. Monitoring must be proportionate, employees must be informed, and a DPIA should be conducted. Keystroke logging and webcam monitoring are highly intrusive and require strong justification. Screen capture at intervals is less intrusive but still requires transparency.

Is CCTV monitoring of employees lawful?

CCTV in the workplace is lawful if employees are clearly informed, signs are displayed, there is a legitimate purpose (security, health and safety), cameras are not in private areas (toilets, changing rooms), and footage retention is limited. Audio recording requires additional justification.

Related Topics

Data Protection for Employees

Social Media Policy Legal Framework

Right to Disconnect

Stay compliant with UK employment law

AccountsOS generates compliant contracts and keeps you updated on your obligations. From £10/month.

Get Started Free

This is guidance for UK employers, not legal advice. For complex employment law matters, consult a qualified employment solicitor or ACAS.

View all employment law topics