HS Visio Reporter Veera Luoma-aho has reported on this interesting, but concerning trend in her articles on the increasingly common practice of remote-work surveillance. The article entitled “Valvonnan alaiset” ("Under surveillance", for HS subscribers only) and its follow-up article entitled “Vapauden rakastajat ja luottamuksensa menettäneet” ("Freedom lovers and those who lost their trust", for HS subscribers only) note that, fortunately, the practice remains uncommon in Finland. This is also the impression of the Academic Engineers and Architects in Finland TEK, but as the article cautions, there is good reason to stay alert so that the trend does not gain a foothold here.
The algorithmic surveillance of specialists can consist of monitoring mouse movements or tracking keystrokes, taking random screenshots of employees’ screens, analysing the data measured by sensors on an employer-provided phone or using the employee’s webcam to record them.
Algorithmic decision-making related to employees is an even broader phenomenon, including automated recruitment and dismissal decisions and monitoring the data of employer-provided fitness trackers to see how active employees are in their free time.
Just like all technology, algorithmic surveillance and decision-making can be used to do good or to do harm. They could help make sure that everyone has a reasonable workload, that employees receive more and higher-quality feedback on their work, or that the organization would recognize skills and knowledge so that employees could work to their strengths. Few would have any objections to this. That being said, algorithmic surveillance and decision-making are rarely used for these purposes, but their aim is to control and micromanage employees.
Employee rights in the EU in terms of algorithmic surveillance and decision-making at work are fortunately quite extensive, even if the issue is not widely recognized. Algorithmic surveillance and decision-making basically involve the use of data collected about an employee, which in turn means that the EU’s General Data Protection Regulation, more commonly known as the GDPR, can be applied to such cases.