The workplace has become a surveillance state

Office buildings have become like web browsers – they’re full of tracking technology, a trend documented in a report out this week by Cracked Labs.

The study, titled “Tracking Indoor Location, Movement and Desk Occupancy in the Workplace,” looks at how motion sensing and wireless network technology in buildings is being used to monitor the movement and behavior of office workers and visitors.

“As offices, buildings and other corporate facilities become networked environments, there is a growing desire among employers to exploit data gathered from their existing digital infrastructure or additional sensors for various purposes,” the report says. “Whether intentionally or as a byproduct, this includes personal data about employees, their movements and behaviors.”

The case study is part of a series titled “Surveillance and Digital Control at Work” that’s overseen by Cracked Labs, an Austria-based non-profit. Produced with support from AlgorithmWatch, Jeremias Prassl (Oxford), UNI Europa and Global Privacy Alliance, and labor rights organization Austrian Arbeiterkammer, the series explores how companies are using personal data in Europe.

The use of tracking and analytics technology in the workplace has become a matter of concern in the US as well as Europe, prompting regulators like the US Federal Trade Commission to issue guidance in an effort to deter unlawful practices.

When it comes to surveillance and tracking, companies are collecting increasing amounts of personal information from workers.

In remarks [PDF] presented at Harvard Law School in February, Benjamin Wiseman, associate director of the FTC’s Division of Privacy and Identity Protection, observed, “When it comes to surveillance and tracking, companies are collecting increasing amounts of personal information from workers. This includes collection of statistics on workers’ activities, such as the number of messages workers send or receive as well as the frequency and length of meetings.”

While much of this data collection is done through the software applications on employee computers and mobile devices, it’s also done through office space monitoring systems from vendors like Cisco, Juniper, Spacewell, and Locatee, according to Cracked Labs.

Cisco, the report explains, uses Wi-Fi access points and other wireless networking infrastructure to track the location of employees, customers, devices and other objects. It does so, in Switchzilla’s own words, to “gain insights into how people and things move throughout their physical spaces” and “understand the behavior and location of people (visitors, employees) and things (assets, sensors).” The biz calls its cloud-based location tracking system Cisco Spaces.

Beyond providing insights into how individuals move within corporate environments, the technology allows “behavioral profiling based on location data.” This includes the ability to categorize people into location personas (e.g. “restaurant visitor,” “retail area visitor,” “VIP loyal member,” “returning guest,” “employee,” etc.) and the ability to conduct proximity monitoring.

The report noted that Cisco addresses some potential concerns in its privacy data sheet for Spaces and claims that its system is compliant with Europe’s General Data Protection Regulation (GDPR).

Cisco did not immediately respond to a request for comment.

The application of office space monitoring systems has prompted protests in some instances. The Cracked Labs report notes that in 2022, students at US-based Northeastern University objected to the installation of motion sensors from German smart device vendor EnOcean under the desks of graduate student workers.

Students and faculty sent a letter to Northeastern’s President Joseph Aoun asking for the removal of the sensors because “they serve no scientific purpose,” “they are intimidating,” “they change our behaviors,” they were installed without consent, and “being surveilled is creepy and unnecessary,” among other objections.

Wolfie Christl, author of the report, in an email to The Register:

Christl acknowledges that some of the use cases promoted by vendors and cited in the study have the potential to be beneficial.

“But employees should not accept any kind of indoor location tracking as long as there are no reliable safeguards that prevent employers from misusing the data for problematic purposes,” he said. “In Germany and Austria, an employer would need to negotiate the introduction of such a system with employees, who would have a right to audit how the employer uses the data.

“Generally, the GDPR and labor law might make it difficult or impossible for employers to legally use indoor location tracking in several European countries. The US urgently needs appropriate laws that protect employees from disproportionate surveillance in the workplace.” ®

READ MORE HERE