Secret video and audio recordings a legal minefield for employers

Thanks to smartphones and wearable technology such as Google Glass recording illegal or inappropriate conversations and behaviour in the office couldn't be easier. If your company has a BYOD policy this could spell disaster

It's never been easier to secretly record co- workers, supervisors and executives -- in corporate meetings casual conversations, office parties, even cubicles and bathrooms,. Nearly everyone carries a highly sophisticated, powerful recording device (a smartphone) in his or her hip pocket these days.

With Google Glass and other wearables woven discretely into clothing coming out soon, anyone can become a super spy like James Bond (or maybe someone with less noble intentions). There's no question secret video and audio recordings will explode in the workplace. (They already do out on the public streets of Boston.)

This trend spells disaster for companies, especially those that encourage the use of personal mobile devices at work under formal BYOD policies. Imagine the fallout -- legal and otherwise -- of a workforce secretly recording the comings and goings of corporate life.

Employees can prove managers treated them unfairly in performance reviews, swipe audio in a confidential conference call, record obnoxious behaviour, and become a whistle blower for illegal or immoral activity.

Record now, ask questions later

It's already happening; we're in a record-first culture. A quick scan of the news or a search on will turn up all sorts of videos showcasing bad behaviour. Sadly, most people will record a street mugging rather than try to prevent it.

In the workplace, a boss berating an employee seems to be especially good fodder, as in this leaked audio of AOL CEO Tim Armstrong shockingly firing an employee in front of a thousand co-workers.

"If there's an issue, everybody's first instinct is to whip out their phone," says attorney Paul Starkman at law firm Pedersen & Houpt.

While companies can try to prevent secret recordings by either citing the law or drafting strict employee policies, there are no guarantees. Simply put, it's a legal quagmire for both employer and employee.

For starters, audio-only and video-with-audio recordings fall under eavesdropping laws, while video-without-audio recordings fall under invasion of privacy laws. Each state also differs on how it handles secret audio recordings. In Illinois, for instance, both parties must consent; it's a felony to surreptitiously record someone else.

Consent, though, leads to murkier water. If someone holds up a smartphone and appears to be video recording in an open and obvious way, and the person being recorded looks into the smartphone and doesn't object, this could be considered implicit consent.

On the other hand, it's unclear when Google Glass is recording (although Google Glass on someone's face is hard to miss, so you could argue the implied consent theory there as well).

"It really gets complicated," says Starkman.

Even an employee policy clearly stating that video and audio recording is not allowed on premises and during work hours won't keep a company safe from lawsuits. Consider the case of Whole Foods: United Food and Commercial Workers, Local 919 filed a complaint against Whole Foods Market last summer concerning an employee policy that prohibited recording of conversations. Here's the policy:

While an administrative law judge at the National Labor Relations Board recently supported Whole Foods, the matter was anything but clear-cut. The purpose of the policy was instrumental in the administrative law judge's decision, which means a company runs a risk by implementing a no-recording policy without justification for it.

Confusion abounds in court cases

There's still a lot of confusion even after an employee gets caught breaking the law.

Let's say an employee secretly records a manager doing something unlawful or unfair and decides to bring it to light. The illegally obtained evidence is likely still admissible in court. Starkman says he has not seen a court exclude a recording specifically because it violated the eavesdropping laws.

Sure, the employee may be criminally liable, and the company can refer the employee for prosecution -- but this isn't a sure thing, either.

"There may be some blowback, but you've got to be careful about that, too," Starkman says. "If the company has seen employees record something surreptitiously and didn't do anything about it, and now it's prosecuting the whistleblower, this could be seen as retaliation."

Secret recordings in the workplace are a slippery slope that's only going to get worse. Throw in Google Glass, wearable technology, ubiquitous smartphones, a culture that loves to hit the record button, a legal system trying to catch up, and what have you got?

"A real rabbit hole," Starkman says.

Join the CSO newsletter!

Error: Please check your email address.

Tags Consumerization of IT | BYODeavesdroppingvideo recordinglawaudio recordingIT managementBYOD policiesprivacyyoutubeconsumerization of ITBYODGooglesecuritylegal

More about AOLGoogleWhole Foods Market

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tom Kaneshige

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place