A new system from AT&T introduces the era of low-cost Big Brother surveillance. Is this something CIOs should be interested in -- or afraid of?In our most recent InformationWeek Information Security Survey 2007, more than 1,100 technology and security managers in the United States were asked if they monitor their employees' activities. The most surprising result -- to me, at least -- is that more than a quarter, 27%, responded "we don't monitor employees." The most popular positive responses, somewhat less surprisingly, involve e-mail usage (51%) and Web site usage (40%). And another 25% responded that they monitor "time in office," which could be interpreted as the use of a simple system for clocking in and out of the office. Or it could mean the use of video surveillance.
Video surveillance in the workplace is a highly charged topic. Today the Seattle Post-Intelligencer ran an article about Boeing's widespread and aggressive practice of monitoring employees, including the use of video surveillance.
While the legal rights of employers regarding workplace surveillance are fairly well understood, the ethical implications are less clear, and troublesome to most employees. Of all the methods used to enhance security and productivity, video surveillance usually elicits the strongest negative feelings.
If more widespread use of video surveillance to monitor employees is a matter of cost, then consider that barrier lowered. This week AT&T announced a low-cost IP-based monitoring system that incorporates digital video, according to an article in The New York Times. The system is presented as a way for small businesses to monitor their premises for potential theft or insurance fraud, and a method for facilities management.
Under AT&T's Remote Monitor program, a business owner could install adjustable cameras, door sensors and other gadgets at up to five different company locations across the country.
Using a Java-enabled mobile device or a personal computer connected to the Internet, the owner would be able to view any of the images in real time, control room lighting and track equipment temperatures remotely. All the images are recorded on digital video, which can be viewed for up to 30 days.
It's not hard to make the leap to video surveillance of employees; indeed, the system is advertised for that purpose, according to the Times.
What does this have to do with CIOs? I think there are a couple of issues technology managers need consider:
First: Is this something that falls under the CIO's purview? It's an HR issue, and a productivity issue, but it does involve the use of technology, and the security implications are obvious. Anything that can help cut down on network intrusions and date theft is a good thing.
Second: Are CIOs ready for that kind of responsibility? Privacy is a potential time bomb that could well blow up in the CIO's face. If considering implementing such a system, a CIO needs to ensure the legal and ethical issues are discussed and worked out ahead of time, that upper management understands and agrees with the use of it, and employees are aware of the system and just what it means for them.