Data subjects, digital surveillance, AI and the future of work by Phoebe V. Moore for the Panel for the Future of Science and Technology (STOA) and the Secretariat of the European Parliament is characterised as providing
an in-depth overview of the social, political and economic urgency in identifying what we call the ‘new surveillance workplace’. The report assesses the range of technologies that are being introduced to monitor, track and, ultimately, watch workers, and looks at the immense changes they imbue in several arenas. How are institutions responding to the widespread uptake of new tracking technologies in workplaces, from the office, to the contact centre, to the factory? What are the parameters to protect the privacy and other rights of workers, given the unprecedented and ever-pervasive functions of monitoring technologies?
The report evidences how and where new technologies are being implemented; looks at the impact that surveillance workspaces are having on the employment relationship and on workers themselves at the psychosocial level; and outlines the social, legal and institutional frameworks within which this is occurring, across the EU and beyond, ultimately arguing that more worker representation is necessary to protect the data rights of workers.
Moore comments
Workplace surveillance is an age-old practice, but it has become easier and more common, as new technologies enable more varied, pervasive and widespread monitoring practices, and have increased employers’ ability to monitor what seems like every aspect of workers’ lives. New technological innovations have increased both the number of monitoring devices available to employers as well as the efficiency of these instruments to extract, process and store personal information. Digital transformation, work design experimentation and new technologies are, indeed, overwhelming methods with intensified potential to process personal data in the workplace. While much of the activity appears as an exciting and brave new world of possibility, workers’ personal experiences of being tracked and monitored must be taken into account. Now, issues are emerging having to do with ownership of data, power dynamics of work-related surveillance, usage of data, human resource practices and workplace pressures in ways that cut across all socio-economic classes.
The first chapter of the present report ‘Surveillance and monitoring: The future of work in the digital era’, commissioned by the European Parliament’s Panel for the Future of Science and Technology (STOA), deals with surveillance studies, which originates in legal studies and criminology but is increasingly important in sociology of work and digitalisation research. The first chapter outlines some of the technologies applied in workplaces. The second chapter looks at the employment relationship, involving how workers and managers, and surrounding pressures transform when a third actor (the machine and/or computer), is introduced. This chapter also covers the ways that inter-collegial relations are impacted, as well as issues around work/life integration.
The third chapter looks at data protection and privacy regulatory frameworks and other instruments as they have developed over time, leading up to today’s General Data Protection Regulation (GDPR). Various historical moments have impacted how data and privacy protection has evolved. Concepts surrounding this legal historical trajectory have emerged, with some ambivalences at points around which philosophical and ethical foundations are at stake. Some of the tensions in legal concepts driving the debates in privacy and data protection for workers, and paradoxical circumstances within which they are seated, are then dealt with in chapter four, where the possibility for deriving inference from data can lead to discrimination and reputational damage; where the concept of worker ‘consent’ to data collection; and the implications for data collection from wellness and wellbeing initiatives in the workplace are increasingly under the microscope.
The fifth chapter outlines a series of country case studies, where applied labour and data protection and privacy policy are revealed. Many countries are reviewing data and privacy and labour laws because of new requirements emerging with the GDPR, which has also been extensively reviewed in the present report. Some legal cases have emerged whereby employers have been judged to breach data protection and privacy rules, such as Bărbulescu vs Romania. The sixth chapter, called ‘Worker cameos’, provides a series of worker narratives based on field interviews about their experiences of monitoring and tracking. In particular, content moderators and what the author calls ‘AI trainers’ are the highest surveilled and under the most psychosocial strain. Taking all of these findings into account, the seventh chapter provides a series of the author’s suggestions for first principles and policy options, where worker representation and co-determination through social partnerships with unions, and more commitments to collective governance, are put forward.
Moore argues
Workplace surveillance over time has occurred within a series of historical phases, where work design, labour markets, and industry trends have differed and business, social and labour processes have taken particular forms. Surveillance of workers can be both analogue and technological, and operates at a series of tangible and psychosocial levels. ... In the report on this nearly year-long project, we look at how insights in technological development have evolved within a sociological and business operations framework, and identify how technologies are being implemented to manage worker performance, productivity, wellness and other activities, in order to analyse and predict the social impact and future of work, within regulatory parameters. Workplace surveillance in the European Union is predominantly outlined, but as early, government-commissioned North American research into workplace surveillance was also very perceptive in foresight, some historical discussion of the United States’ early activity as well as some insights from Norway and Nigeria, are included.
Workplace surveillance is not separate from the larger structures and systems of labour relations, management styles, workplace design, legal and ethical social trends and today, are explicitly part of the accelerating trends in digitalised surveillance in many spheres of everyday life. Therefore, we address all of these categories of analysis, alongside identifying where and how digitalised surveillance has and is occurring in workplaces or perhaps better said, workspaces, called as such because the concept of ‘place’ has to be interrogated and critiqued, precisely because work is carried out in an increasingly virtual spaces globally, and with the onset of Covid 19 working conditions, increasingly, in homes.
In 2017, a Motion for a European Parliament Resolution with recommendations to the Commission on Civil Law Rules on Robotics clearly stated that:
...assessments of economic shifts and the impact on employment as a result of robotics and machine learning need to be assessed; whereas, despite the undeniable advantages afforded by robotics, its implementation may entail a transformation of the labour market and a need to reflect on the future of education, employment, and social policies accordingly. (European Parliament 2017)
This Recommendation predicted that the use of machine learning and robotics will not ‘automatically lead to job replacement’, but indicates that lower skilled jobs are going to be more vulnerable to automation. Furthermore, the Recommendation cautions the likelihood of labour market transformations and changes to many spheres of life, including as above, ‘education, employment and social policies’ (ibid.). In this light, the current report builds on some of these earlier recommendations to the European Parliament, because it is now more important than ever to address the lagging discussions on ethics, social responsibility, social justice and importantly, the role of unions and worker representative groups in the continuous development and integration of technologies and digitalization into workplaces. The report is written with a human rights focus, seeing data privacy and protection as a fundamental human right.
Automation, robotics and artificial intelligence (AI) are part and parcel to the discussion of monitoring and surveillance of work,where a bindingfeatureforhow these processes emerge is the collection, storage, processing and usage of large data sets that are collected in more and more spheres of people’s everyday lives and in particular, workplaces. A report prepared for the United Kingdom’s Information Commissioner’s Office (ICO) declared that ‘we live in a surveillance society. It is pointless to talk about surveillance in the future tense... everyday life is suffused with surveillance encounters, not merely from dawn to dusk but 24/7’ (Ball and Wood 2006). More than one decade later, this statement could not be more relevant. From cameras at self-operated grocery store check-outs in New York, to facial recognition sensors at a local gym in London, to recorded calls with a call centre employee of banks who themselves may be based in India or Bangladesh, surveillance is an activity that is no longer only seemingly conducted by law officers on the streets watching out for robbers wearing balaclavas. People are watched in almost every corner of society, and sometimes people are even asked to watch one another, in what Julie E. Cohen calls a participatory surveillance (Cohen 2015). Gary T. Marx earlier referred to forms of participatory surveillance as a kind of ‘new surveillance’ in 1988, just as computers were becoming integrated into everyday life and seemingly integrating a new type of soft surveillance (Marx 1988). In 1982, Craig Brod had already warned of the dangers of over-use of computers at work and talked about the hazards of technostress resulting from the uptake of new technologies in everyday lives (Brod 1982).
Cohen, an established figure in the research arena of surveillance, looked at the issues surrounding privacy and systems of surveillance. Cohen argues that privacy, as a concept informing practices, has a bad reputation, whereit has been touted as an old-fashioned concept and a delayto progress. Cohen counters these systemic assumptions and says that privacy should be a form of protection for the liberal self (2013: 1905) and important for the democratic process. Indeed, trading privacy for supposed progress reduces the scope for self-making and informed, reflective citizenship and a range of other values that are foundational to consumer society.
So, effective privacy regulation must render both public and private systems of surveillance meaningfully transparent and accountable, where privacy is defined in the dynamic sense: ‘an interest in breathing room to engage in socially situated processes of boundary management’ (Cohen 2012: 149, cited in Cohen 213: 1926-1927). Privacy incursions harm individuals, but not only individuals. Freedom from surveillance, Cohen argues, whether public or private, is foundational to the practice of informed and reflective citizenship. These ideas are important when looking at workers and their right to privacy. A reasonable expectation of privacy is likely when the actions of the employer suggest that privacy is a condition of work. Internationally there are variations in law and culture in terms of privacy, especially differences between the European Union and the USA. In Europe, privacy has tended to be seen as somewhat more fundamental, something that should not be forfeited, whilst in the US privacy can be viewed as a commodity (Smith and Tabak 2009).
There was a lot of discussion about business culture after Scientific Management, during the Human Relations and Systems Rationalism periods. Alder (2001) reviewed a range of organisational culture types, asking which ones are more/less amenable for electronic performance monitoring (EPM) integration. Right at the end of the latter period, Deal and Kennedy outlined four cultural types in 1982, which they argue are oriented around risk-taking and frequency of feedback within the organisation: ‘1) tough-guy macho, 2) work hard/play hard, 3) bet your company, and 4) process’ (1982, cited in Alder 2001). Petrock, Alder notes, also outlines a typology of four organisational cultures: 1) clan culture 2) adhocracy, 3) hierarchy, and 4) market cultures (1990), but these types are limiting because there are no associated ways to measure or identify them, offered. Alder believes these delineations are incomplete and not fit for purpose. Wallach, however, came up with the best typology, Alder states, noting the signifiers within three types: ‘bureaucratic, innovative and supportive’ (Wallach 1983, cited in Ibid.). A bureaucratic culture is identified with hierarchy, regulation and procedure and is the organisational culture type that is most responsive and accepting of technological tracking. Alder (2001) argues that workers will respond differently to EPM in different organisational cultures. Therefore, Alder indicates that a management body that wants to implement EPM must think about the culture of their organisation to assess to what extent resistance to it will emerge, and how to accommodate this. These days, however, the culture-based arguments are less and less relevant, as metrics and data appear to hold the promise to make irrelevant specificities in qualitative differences and as data rights become increasingly mainstreamed across the consumer and worker spheres.
This report, overall, aims to highlight what kinds of technologies are being integrated to monitor, track and therefore, surveil workers; to identify how technologies are being implemented; to understand the impact that having new technologies in workplaces impacts the employment relationship; to throw light on the social, organisational, legal and institutional frameworks within which this is occurring; and reveal the institutional, legal and union responses. Finally, the goal of this report is to provide a set of first principles and policy options to provide EU member and associated states with guidance on protection the privacy and rights of worker data subjects.
Leading up to the General Data Protection Regulation (GDPR), the EU’s Data Protection Working Party (Art. 29 WP) stressed that ‘workers do not abandon their right to privacy and data protection every morning at the doors of the workplace’ (2002: 4). Some degree of gathering and processing of personal data is a normal and in fact, a vital part of almost any employment relationship (Ball 2010). Some workers’ personal data is necessary to complete contracts i.e. to pay workers and record absences, and much of it is both reasonable and justifiable for use by management. However, that is not to say that any and all forms of surveillance and data processing should be so considered.
Indeed, employers’ surveillance practices must often be reviewed in light of concerns for the privacy or simply for the human dignity of the worker (Jeffrey 2002; Levin 2009), and this report sets out to do just this. The present author has already situated this trend within the contemporary pressures of global political economy pressures (Moore 2018c) and looked at the psychosocial violence and safety and health risks that workers face with the introduction of digitalised tracking and monitoring (Moore 2019, 2018b). Welfare state retrenchment and austerity policies alongside these technologicalinterventionshavecoalescedintothe‘politicaleconomyofanxiety’(Moore2018a:43) for workers, where self-quantification and wellness discourses and frames thrive, but structural economic change is not occurring fast enough with relevant protections and social partnerships with unions and other worker representative groups. Now, we set out the aims and intentions for the project which form each chapter.
The aim of the first chapter of the report is to review the concept of surveillance, where workplace electronic performance monitoring and privacy questions are increasingly important. The Taylorist employment model of mental vs manual work in a set hierarchy is increasingly a thing of the past, and while tools for measure were used in Taylor’s workshops, the kinds of technology now available on the market have fed into significant differences to a new world of work. Parallel to this change, the pursuits for surveillance have entered more intimate and everyday spaces than before. The known categories of the ‘watched’ and the ‘watcher’ are transformed. ’New surveillance workplaces’ or what we also refer to as ‘workspaces’, indeed, feature these new characteristics. The first chapter therefore looks at a range of new technologies which are contributing to the recent trends in an uptake of electronic monitoring and tracking at work, backed with existing empirical evidence and primary and secondary literature.
In the second chapter, the report’s aim is to look at changes to a once presumed standard employment relationship, where managers and corporate and organisational hierarchies were explicit and clearly known. Now, management and operations processes are being digitalised, and workplaces are moving in to a myriad of domains. As a result of the changes to a more standard type of employment relationship and work environment, uncertainty or other psychosocial discomfort can emerge, where workers may feel their managers no longer trust them; or workers experience the issue of function creep, where data is used for other purposes than it was first collected for. Or competition between workers is intensified when performance data is viewable such as on the walls in call centre workplaces or on shared dashboards in gamified wellness programmes. The second chapter outlines the observable and documented as well as probable changes to the employment relationship which new technologies imbue. The third chapter turns to the policy and regulatory frameworks and instruments surrounding privacy and data protection and technological tracking, starting with the Data Protection Directive.
The most important points in data protection and worker issue based policy are covered in the leadup to the GDPR. Interestingly, the International Labour Office’s Code of Practice around workers’ data, published as early as the 1990s, made similar interventions and recommendations that are now enforceable in the GDPR today. This chapter outlines this process and picks up on some of the most important and insightful developments to provide a foundation for the first principles and policy options outlined in later chapters of the report. The aim of the fourth chapter is to identify some of the tensions in legal principles about which the present author has been concerned, where e.g. inviolability does not seem to cohere with the concept of power of command; or where inferences from data and the link to workers’ reputations must be problematised. This chapter also looks at the concept of ‘consent’, which tends to be de-prioritised in discussions of the employment relationship (where consent is normally discussed in relation to a consumer, in the context of the GDPR) due to its already existing unequal nature. We argue that there are possibilities to rethink the definition of consent, nonetheless, and to perhaps look at a way to update the unidirectional conceptualization of this type of relationship.
The fifth chapter then provides a series of country case studies provided in part by a series of legal scholars from across the EU, and Norway and Nigeria, where contributors have outlined information about which technologies are characteristic in specific countries; identified which legal mechanisms are being used including aspects of labour law, to ultimately protect workers’ privacy and data; looked at the ways local cases are working to integrate the GDPR as per Art. 88; and begins to put the focus on the role of worker representatives who, we ultimately recommend, should be considered meaningful social partners in dialogue with employers and with co-determination rights (see policy options).
In the sixth chapter, we present a series of ‘Worker Cameos’ which are based on semi-structured interviews carried out with a series of workers to identify where EPM and tracking are occurring and to investigate and identify workers’ experience of this. Workers in many sectors and spheres, from dentists, to bankers, to content moderators, are being tracked. All workers interviewed feel that their work has intensified, expectations are higher, performance management is increasingly granular, and stress and anxiety are at an all-time high, as tracking and monitoring technologies become increasingly good at surveillance.
The report concludes with a set of first principles and policy options for European Parliament policymakers, prioritising the role of trade unions and other worker representative groups. These Principles and Options are designed to mitigate against the worst impacts of digitalised tracking, monitoring and surveillance in the world of work.