Call free on
1300 575 394
Get a quote

Can you monitor employees' emails and phone calls?

Understand the legal obligations required with enforcing workplace electronic surveillance
Return to previous page
Can you monitor employees

Can you monitor employees' emails and phone calls?

17 October 2019

In light of the banking Royal Commission, there is a need for all businesses to have full visibility over procedures, team member behaviour and electronic communication. There is, at best, an apparent misunderstanding of the legal obligations required to introduce and enforce workplace electronic surveillance, or worse still, a lack of awareness of the need for this important safeguard.

Monitoring and supervising should include having visibility over the digital footprint of their employees. Businesses would be well advised to have policies in place enabling them to have oversight of their employees’ email communications.

Deb McQuinn, F3P brand ambassador and principal of Strategic Resources Network, says it's essential to have a clear and consistent policy in this area. She says she often sees employment contracts without a specific clause on surveillance, and no complementary HR policy to address the gap.

‘If implementing this policy post the employment contract, there is a specific process which must be followed and practices who get it wrong can and are, landing in hot water by breaching their employees’ privacy’, she says.

Can you monitor employees' computer and email use?

‘The short answer is yes. Your computers, business emails and ‘work’ mobile phones are your property and you have the right to review the content at any time, provided this is in accordance with your policy and your employees are aware of and have agreed to the monitoring,’ Deb advises.

Should you face an unfortunate event whereby you need to terminate a team member due to inappropriate email and/or internet usage, with a potential unfair dismissal action looming if you get it wrong, you want to ensure you have ‘your house in order’.

So, what does the workplace surveillance law say?

State and territory legislation that regulates the use of electronic surveillance or monitoring of employees differs between jurisdictions and is normally device-specific.

In a workplace context, legislation exists in New South Wales (the Workplace Surveillance Act 2005 [NSW]) and the Australian Capital Territory (the Workplace Privacy Act 2011 [ACT]) which regulates the privacy of email and internet communications at work.

Both statutes restrict employers from blocking employees’ emails and internet access at work. This means employers cannot block access to emails or internet sites because content relates to industrial matters.
Generally, ‘industrial matters’ means matters or things affecting or relating to work done or to be done in any industry, or the privileges, rights, duties or obligations of employers or employees in any industry. This would include workplace surveillance.

Listening and surveillance statutes

Listening and surveillance devices legislation operates in each state and territory. It usually prohibits the use of a listening device to listen to or record private conversations to which the user is not a party without the consent of all parties.

Surveillance and monitoring devices used in the workplace that may be covered by such state or territory legislation include:

  • video cameras
  • global tracking systems (GPS)
  • listening devices
  • telephone
  • computer, and
  • biometrics, eg. fingerprints, iris pattern, DNA, handwriting, etc.

Rules around telephone monitoring

There is also federal legislation that regulates the monitoring of telephone communications in the workplace, including mobile phones. The Telecommunications (Interception and Access) Act 1979 [Cth] prohibits listening to or recording communications passing over a telecommunications system without the consent or knowledge of the parties to the communication.
How to implement a workplace surveillance policy

If you’re looking to implement a policy, the following practical tips will assist:
  • Emphasise that the policy is for employees' own protection. They cannot control what external parties send them.
  • Emphasise that computers, the email network and bandwidth are the firm’s property at all times.
  • Provide examples of how misuse may affect others' work and the firm, and explain the liability issues.

If an employee attempts to access a blocked site, it is possible to install messages that pop up to explain the policy to the employee again and possibly provide links to further information about it.

A policy should allow 'reasonable personal use' by employees. For example, allowing internet banking is usually OK and may assist productivity, if it reduces the employee's need to leave the workplace.

Ensure the policy complies with relevant workplace surveillance and privacy legislation and allow 14 working days grace for questions prior to implementation.

‘I recommend all my clients have a robust policy in place and conduct refresher training every year. It provides the team an opportunity to ask questions and stay committed to appropriate behaviour and privacy, in a safe environment. Sometimes what is expected of them and why is not obvious and the message needs to be reinforced’ Deb says.

By Catherine Ngo


Sign up to get the latest news and updates

Like what you’re hearing?

With plans available from just $58 per week, now is an excellent time to join Workplace Assured.