Your employer can likely see more of your digital life than you realize. From email monitoring to keystroke logging, workplace surveillance has expanded dramatically in recent years. Here's what you need to know about your privacy rights at work and how to protect your personal information.
What Can Your Employer Monitor?
If you're using company-owned devices or networks, your employer has broad legal authority to monitor your activity. Under the Electronic Communications Privacy Act (ECPA), employers can generally monitor:
- Email — both sent and received on company email accounts
- Internet browsing — every website you visit on the company network
- Computer activity — files accessed, applications used, and screen activity
- Keystrokes — everything you type, including passwords entered on work devices
- Phone calls — calls made on company phones (with some restrictions on personal calls)
- Location — GPS tracking on company vehicles and mobile devices
- Video surveillance — security cameras in common work areas
The Bottom Line
If you're using a company device or company network, assume everything you do is being monitored and recorded. This includes personal browsing, personal email access, and private messages sent through company systems.
What Employers Cannot Monitor
There are limits to workplace surveillance:
- Private spaces — monitoring is prohibited in restrooms, locker rooms, and changing areas where employees have a reasonable expectation of privacy
- Personal devices on personal networks — your employer generally cannot monitor your personal phone or laptop when you're not on the company network
- Protected activities — under the National Labor Relations Act, employers cannot use monitoring to interfere with your right to discuss wages or working conditions with colleagues
- Personal calls — federal law generally prohibits employers from intentionally listening to private, personal conversations
State-Level Protections
Some states provide additional workplace privacy protections:
- California — two-party consent laws require employers to notify and get consent before monitoring or recording conversations
- New York — as of 2022, employers must provide written notice of electronic monitoring practices
- Connecticut — employers must notify employees of the types of electronic monitoring that may occur
- Delaware — requires written notice before monitoring email, internet, or phone usage
Check your state's specific laws, as protections vary widely.
Practical Steps to Protect Your Privacy
Separate Personal and Work Digital Lives
The single most effective step is to create a clear boundary between your personal and professional digital activities:
- Never use work devices for personal tasks — don't check personal email, browse social media, or do online banking on your work laptop
- Don't use work email for personal accounts — if you sign up for services using your work email, your employer can see those communications
- Use your personal phone on your personal data plan for anything private — don't connect it to the company Wi-Fi
- Keep personal files off work devices — no personal photos, documents, or downloads on company hardware
Secure Your Personal Devices
- Use a VPN on personal devices when connecting to public or untrusted networks
- Set up a strong lock screen on your personal phone — use biometric authentication plus a strong PIN
- Turn off Bluetooth and Wi-Fi auto-connect to prevent your personal devices from joining the company network automatically
Be Careful With BYOD Programs
If your company has a Bring Your Own Device (BYOD) policy, read the terms carefully:
- Many BYOD agreements give the employer the right to remotely wipe the device, including your personal data
- Mobile Device Management (MDM) software installed on your phone may give your employer access to your location, apps, and browsing history
- If possible, use a separate device for work — a dedicated work phone is a small price to pay for privacy
Review Your Employee Handbook
Most employers outline their monitoring policies in the employee handbook or IT acceptable use policy. Read these documents carefully so you know exactly what's being tracked and what rights you have. If no policy exists, ask your IT department or HR for clarification.
Protect Your Personal Information at Work
- Don't share more than required — your employer needs your tax information and emergency contacts, but not your personal social media passwords or medical details beyond what's legally required
- Be cautious with workplace social events — team-building surveys, personality quizzes, and "getting to know you" activities can collect surprisingly personal information
- Watch out for workplace wellness programs — these may collect health data, biometric information, or lifestyle details
- Shred physical documents — don't leave personal documents in shared printers, recycling bins, or on your desk
Remote Work Privacy Considerations
Working from home introduces additional privacy challenges:
- Employee monitoring software can capture screenshots, track mouse movements, and log active/idle time
- Video calls may inadvertently reveal your home environment, personal belongings, or family members
- Use virtual backgrounds on video calls and ensure your camera angle only shows what you want to share
- If using a company VPN from home, your home internet traffic may be routed through and visible to your employer's network
Protect Your Data Beyond the Workplace
Your personal information isn't just at risk at work. Data brokers collect and sell your home address, phone number, and other personal details that anyone — including employers, coworkers, and clients — can find with a simple search. PrivacyOn monitors over 100 data broker sites and automatically removes your information, helping you maintain privacy both in and out of the workplace.