Jordan
I’m writing today’s introduction on my company laptop. I assume that if they wanted to, my employer could read it. That is the price I pay for them, giving me a computer to take home and work on and paying my phone bill. It is their equipment. I know that they have access to it. There is a world of difference, though, between making sure I’m not doing anything illegal or sketchy on my company hardware and installing a program that takes a picture of me using my laptops webcam every hour to make sure that I’m at my desk and working during business hours. And there’s another step entirely between that and installing a program that logs exactly which programs I am using for how long, which keys I hit, what I log into and giving me a secret productivity score. Those things feel like they’re over the line. To be clear, my company doesn’t do those things. At least I’m pretty sure they don’t, though, if they wanted to, they probably could. And I wouldn’t have much recourse except to either suck it up or quit. Welcome to the world of ‘tattleware’.
As millions of white collar workers were sent home in the early days of the pandemic, companies afraid of those workers napping in between meetings or doing the bare minimum, began looking for ways to keep tabs on their employees. And so what was once a niche market became a rapidly growing industry. Do workers have any rights in this situation? It’s hard to say because it hasn’t really been tested in court. Are there any limits to what employers can do using the equipment they give you? It’s too soon to tell. All we know right now is that this software is rapidly increasing in popularity and in sophistication. So sometime soon as the war between working from home and returning to the office continues, something is going to have to give.
I’m Jordan Heath-Rawlings, this is The Big Story. Sandy Milne is a freelance journalist, writer and reporter. He is based in Perth, Australia. He wrote about the rapid rise of ‘tattleware’ for The Guardian . Hello, Sandy.
Sandy
Hi.
Jordan
I was not familiar with this genre of software. I don’t know how many people are. What is ‘tattleware’? Is there a broad enough definition to encompass the spectrum of app software? Whatever it is.
Sandy
Yes. Broadly speaking, tattleware is remote monitoring software that you might have installed on an employees computer, mobile device, even personal devices like phones. Can range from key loggers to apps that take random snapshots of their screen, to those which monitor the frequency of keyboard and mouse usage to GPS tracking. So it’s effectively apps that monitor productivity when working from home.
Jordan
And we’re gonna get into exactly what some of these things do. But first, just in general, this is not a new category. It existed before the Pandemic, but how much was it being used back then, and where?
Sandy
So it can be a little bit difficult to tell the extent to which tattleware is used, as many of the studies run in the area are done by VPN companies. Years and years prior to the pandemic, we have the example of our Barclays a bank in the UK, turned out had been installing heat and motion sensors under their employees desks. So that sort of came to a head in August…
Jordan
What?
Sandy
Yeah. Came to a head in August 2017 when a number of employees found black boxes under their desks. And after a bit of poking and prodding, turned out that the bank had been using those devices to keep track of the amount of time employees were spending at their desks. Now, while the bank brushes that off as a means of assessing office space usage, they did end up pulling the tech after the media criticism and a probe from the Information Commissioner’s office. So it’s been around for a while, but only really come to a head in the wake of the pandemic.
Jordan
How has it come to a head and why?
Sandy
So we noticed that it was something of a niche market, pre-COVID. In March and April of 2020, as employers sort of scrambled to pull together work from home policies out of thin air, Google queries for remote monitoring jumped 212% year on year. Now that uptick’s increased and it’s actually continued throughout the pandemic. So by April this year, those searches have continued to surge by another 243%.
Jordan
Tell me about some of the kinds of software that are on the market and maybe the most popular ones, but maybe start with ‘Sneek’, which I just had no idea this kind of software existed, much less could be used so blatantly.
Sandy
Yeah, okay. So Sneek is one of the more interesting examples that we came across in our research. Sneek effectively leaves your webcam running 9-5 and every minute or so, the program will capture a live photo of you and your workmates via your company laptop webcams. Now those headshots are splayed across the wall of a digital conference waiting room that everyone can see. So in a sense, it’s meant to replicate the office. And that’s exactly what Sneek co-founder Del Currie told us.
But for David, who I spoke to for the original Guardian piece, he felt very differently, he felt that it was something of an invasion of Privacy. You know, clicking on a colleague’s face at any point in the day, unilaterally pulls them into a video call. If you’re lucky enough to catch someone goofing off picking their nose, doing any of the myriad sort of things that we do with human beings, you can forward the offending image on to a team chat via Sneeks integration with the messaging platform Slack. Now, as of March, when we all went work from home, that became something more of an invasion of Privacy. Not just David, but a lot of the folks that I spoke to felt that that particular technology was overbearing and a bit of a deal breaker.
That’s something of an extreme example of tattleware. In reality, it sort of runs the gammut. So a common feature for these tattleware or bossware programs, is screen recordings. Pretty much all of them will offer that, either randomized or initiated by the employer. Pretty much all of them will also offer productivity settings to capture how much workers are using particular apps, programs. Then again, you get those companies that take things a step further. So InterGuard and Teramind , both of which are fairly popular options, offer key-logging options. So they record each and every stroke on a keyboard. Whether that’s answering work emails, logging into Internet banking, chatting with friends on social media.
Then you’ve got FlexiSpy , which offers call tapping, Spytech , which is known for mobile device access, and NetVizor , which has a remote takeover feature. Select few companies that I came across my research, like StaffCop and Clever Control , which offers a silent Webcam microphone activation, which seems to be one of the creepiest we came across in our research.
Jordan
How often do companies inform regular level employees like David and the people you spoke to that these programs are activated and are being used?
Sandy
So from what we’ve seen, that definitely seems to be common practice. That’s a good thing, because employees are wholly more receptive to these sorts of programs when they’re informed in advance. But then again, you know, we did come across cases where these programs are being implemented where employees weren’t notified in advance. Now some of these companies sort of distinguish themselves on the basis that they can be installed silently. And after the fact.
Jordan
I realize that laws for this sort of stuff would differ from Australia or to the UK or in the United States and Canada and other countries. But what about the ethics behind it? I’m sure that in your research you talk to people who, you know, it’s one thing when you’re doing this at somebody’s designated workstation, it’s another thing when you’re grabbing a picture of my house.
Sandy
Yeah, in terms of the ethics, most of the researchers I’ve spoken to have sort of worked on the assumption that, you know, a lot of white collar workers around the world have long taken it for granted that their emails are monitored on the job. Whilst, maybe, you know, workers at Amazon warehouses, offices, shops, you know, they’re sort of inured to the idea of being monitored by CCTV.
Where that becomes overbearing is where it steps into the home. And that was sort of the consensus that we found amongst researchers was that it has to be proportionate to the sort of work that’s going on. So certain security professionals, by example, are required to disclose their outside investments, business activities, to ensure there’s no conflicts. For brokers, bankers, salespersons, traders, they’ve had their phone calls monitored since way back. Now, that’s a very different situation if you work in marketing and all of a sudden you’re working from home.
Jordan
What kind of problems does it create, or could it create, when an employer is using this kind of software to monitor something as simple and as perhaps unrelated to actual productivity, as what time an employee is sitting down to do work, how long they’re sitting for, how many times they get up and that kind of stuff?
Sandy
Yeah. So that’s one of the trickiest things that we sort of came across in our research, which was that most of these tools don’t differentiate between the nine to five and the five to nine. A lot of them will, for example, collect personal data, like private messages and passwords if they’re key logging. Now, at the moment, there’s no sort of methods by which that can be prevented. Regulators haven’t caught up. There’s no legislation to protect you in those circumstances, and there’s no private right of action. So that would be one interesting step forward to see taken.
Jordan
Do employees have any rights on their side in this to refuse it? Or if the employer makes it a condition of the job, that’s it, take it or leave it?
Sandy
Yeah. So for you guys, specifically in Canada, and there was a case in Alberta where a school custodian was fired for refusing to download an app which included GPS tracking from a UK based company called Blip . Alberta sort of sits apart from the rest of Canada. In Ontario and the majority of the country you’re governed by the Personal Information Protection and Electronic Documents Act, there’s special sort of regulations in Alberta that permit those things. PIPEDA, as it’s called academically, basically sets out ten principles that companies have to abide by. So those are accountability, identifying purposes, consent, limiting collection, limiting use, disclosure, retention, accuracy, safeguards, openness, individual access, and challenging compliance.
So, basically speaking, there’s no sort of cut and dryer protections that are laid out in law in Canada, the United States, the UK, or even Australia, to protect employees in these circumstances, other than a rough sort of idea of proportionality. And so far, the case law doesn’t seem to show any judicial inclination towards protecting employees in these circumstances. As yet.
Jordan
What are the companies gaining from this? Do we have any research that even shows if this works to increase productivity?
Sandy
Yeah. So the jury is kind of split down the middle when it comes to this. I spoke to Elizabeth Lyons, who’s a researcher at UCSD. She found that basically people doing data collection work outside of an office environment were more productive when there were made aware that they’re being monitored compared to their employees who weren’t told they’re being tracked. In a sense, if you want to work from home, the knowledge that your work’s being tracked, a bit like a fitness tracker in a way, can be good for, you know, seeking promotion. But it’s a very, very thin line to tread.
So when I spoke to Lyons, she also said that in other studies they’ve looked at, the workers were saying, well, if the idea of this is to micromanage me from afar, then I’m basically going to do just what’s required of me. And nothing beyond that. There are definitely benefits to this. And even as someone writing a piece on this, I can understand the employer’s perspective, but it does so far seem to be the dinosaur companies that are sort of clinging to this as a way of micromanaging their employees.
Jordan
Right. And do we know what happens if, maybe not a company as an entity, but someone within that company would try to abuse this? Have there been any cases of that? Do we know how easy that is?
Sandy
So there haven’t been any cases of that per sé, but it’s only a matter of time because depending on what sort of tattleware program you’re using, everything’s open. You know, if you’re using key logging software like NetVizor, social media logins, social media messages, internet banking passwords, that’s kind of all on the table. So it will be definitely an interesting space to watch in the future.
Jordan
If I’m an employee at a company, and I wonder if they’re tracking me. Is there an easy way that I can check? Is there any way that I can figure out whether or not any of these things have been put on my company laptop?
Sandy
No. And that’s the difficult thing. Definitely one of the most difficult aspects of it. Maybe if you’re an IT worker and you’re really specialized in this sort of space, you might have an inclination. But most of these programs are designed to be inserted into your computer from afar without you being able to pick up on it. So, yeah, the best advice is that if you’re using a company laptop, assume one of these programs is installed on it.
Jordan
What’s next for these programs? I assume they’ve gotten more sophisticated as demand for them has increased.
Sandy
Yeah. So Ironically enough, tracking productivity over the work from home experiment, a lot of these programs have found that productivity has increased. That’s one of the reasons why you hear that moving forward, most companies will be sticking with a hybrid work model, if not full time remote. That kind of ties into the great resignation of employees from firms that won’t budge. So sounds like productivity monitoring is here to stay. But it will be interesting to see, for example, in the US, how it fits with the Occupational Safety and Health Act or the American With Disabilities Act. You know, it’s not a new space per se, but it’s only recently scaled up to the size that it is.
Jordan
Are we getting close to the point where we’ll see a precedent set in court on these things? To your point, nobody’s actually gone to court for abusing this stuff yet. It’s gonna happen some day.
Sandy
Yes. So because it’s such a recent sort of development, there hasn’t really been the space for challenges to it per se. But there has been signs of pushback. In April 2020, right after the pandemic sort of set in, Zoom introduced that attention tracking setting, which would alert call hosts when a participant was focused away from the meeting for more than 30 seconds. And that’s where you saw the first sort of big, large scale pushback on that. Zoom quickly backtracked in December of that year.
You know, Microsoft released a productivity score, which was its own sort of brand of tattleware, which rated individuals on criteria that included email use, network connectivity, things like that. And would identify particular workers by name. Once again, after outcry, Microsoft quickly sort of bowed to the general consensus. I think it’s going to be interesting going forward, how people respond to the large scale implementation of these programs. It will be interesting to see how it affects employees employment decisions, particularly in a tight labor market, such as you’re seeing in North America at the moment.
Jordan
And I guess until we get court cases deciding, the kind of public shaming we’re talking about here from employees and the outcry of people reading pieces like yours, is kind of the best weapon to prevent this from proliferating.
Sandy
Yeah, I like to think so. So I think now that you’re seeing large conglomerates like Amazon, for example, saying that they will track keyboard mouse movements of their customer service employees, I think that you are starting to see this play out on a scale large enough that court cases might come forward. In May, I think it was the state of Washington issued a citation against Amazon, fined the tech giant seven grand for health and safety violations at its Dupont, Washington warehouse based on, you know, those stories that you hear in the media about tracking employees, bathroom breaks and things like that, and that level of micromanagement. I think once you do it on a scale large enough as it’s taken place at the moment, it’s only a matter of time before it really makes its way through to the courts.
Jordan
Sandy, thank you for all your work on this. And thanks for taking the time to talk to us today.
Sandy
Yeah, thanks so much.
Jordan
Sandy Milne writing on Tattleware in The Guardian.
That was The Big Story. If you would like more head to thebigstorypodcast.ca you can find all of our episodes there. You can also talk to us on Twitter @TheBigStoryFPN or via email at TheBigStoryPodcast@rci.rogers.com [click here!]. If you’re on a podcast player right now, remember to rate us, remember to review us or like us or follow us or subscribe to us or whatever else they tell you to do. And please, if you’re talking to a friend about podcasts, mention this one. That is the best promotion no budget can buy. Stefanie Phillips is the lead producer of The Big Story. Ryan Clarke and Joseph Fish are our associate producers. I’m Jordan Heath-Rawlings, have a great and safe weekend and we’ll talk Monday.
Back to top of page
