The Minority Report for the business world

Most employees will not be surprised to learn that their employers are keeping records of websites they visit at work or scanning their email for obscenities.But some companies are now going beyond this low-tech monitoring and deploying a new generation of tools based on psychological analysis.

These products automatically scan employees’ messages ?for signs of dissatisfaction ?with the company. They apply linguistic analysis to digital communications to assess ?the likelihood of an employee becoming a risk to the organisation, perhaps by stealing confidential information. The aim is to identify the problem before it occurs, giving employers time to prevent the risk from crystallising.

For example, a dramatic increase in the number of messages a worker sends to colleagues with ‘negative’ language might be cause for closer examination. Sometimes, even a subtle shift towards referring to management as ‘they’ or ‘them’ can trigger a warning.

The system can be used both enterprise-wide, to scan all email traffic, or focus on specific groups of high-risk employees. When ?it identifies a potential concern, human intervention is needed to review the results and consider how to act.

The new technology promises a lot, and it has been successfully deployed in the US in high-risk environments like technology manufacturing, where theft of confidential information poses an existential risk to the business. However, it has only recently been launched in the UK market, and any company rolling it out would have to be satisfied that doing so is legal.

The obvious hurdle comes ?with the UK’s data protection legislation, which is significantly more restrictive than the ?US equivalent. Employers establishing a new monitoring programme will want to ?ensure compliance and avoid ?the eye-catching fines that the Information Commissioner’s Office has imposed for recent breaches.

The first step to compliance ?will be meeting the requirement to notify employees they are being monitored (the first data protection principle in schedule ?1 of the Data Protection Act 1998). For new employees, it should be easy to make sure your data protection notice describes your exotic monitoring plans.

However, the time you ?are most likely to decide to use this technology is when you ?have grounds to suspect or ?worry about a particular team. ?Of course, even with the tool’s apparently telepathic abilities to read the true meaning behind employees’ words, the last thing you want to do is tip off staff ?that you are examining their email traffic by sending them a note explaining an interesting new way you are using their ?personal data.

There are other legal challenges to navigate, ?too, such as compliance with ?the Telecommunications Regulations 2000 and the Regulation of Investigatory Powers Act 2000. So, while the prospect of using technology to predict when an employee could turn rogue before they know it themselves might be enticing, moulding the new technology ?to fit within old legislation is likely ?to be as difficult as ever. Given the similarities, it seems surprising that data protection compliance never really came up for Tom Cruise in Minority Report.

Raoul Parekh is an associate at ?GQ Employment Law @GQEmploymentLaw www.gqemploymentlaw.com