Skip to content
Harrison Pensa LLP
Hand holding a key card to unlock elevator access.

16 August, 2022

Plan now for electronic monitoring of workers

The Ontario Government has published a guide to its expectations for electronic monitoring policies. While these are not regulations and don’t have the force of law, it is an indications of how the law might be enforced and a good guideline to follow when drafting the required policy. The following blog was originally published on August 3, 2022.


A new Ontario law requires employers with 25 or more employees to have policies on electronic monitoring in place by October 11, 2022.

Section 41.1.1 was added to the Employment Standards Act by the Working for Workers Act, 2022.

What is required?

It requires a policy on electronic monitoring of employees that includes:

  1. Whether the employer electronically monitors employees and if so,i. a description of how and in what circumstances the employer may electronically monitor employees, andii. the purposes for which information obtained through electronic monitoring may be used by the employer.
  2. The date the policy was prepared and the date that any changes were made to the policy.
  3. Such other information as may be prescribed.

Copies of the policy must be provided to all employees within 30 days after October 11, after the policy is changed, or when hiring a new employee. So far there have been no regulations to expand or explain the details. October isn’t that far away, there may or may not be regs, and regs may or may not change anything. It is not prudent to wait for regs to start thinking about this.

What is electronic monitoring?

Electronic monitoring is not defined. It would include:

  • Monitoring of an employee’s use of any tech, such as work computers, document management, workflow, or other software, and email.
  • Monitoring of employee-owned devices such as mobile phones used for business purposes, or equipment used when working from home.
  • Tracking of vehicles driven by employees and machinery operated by employees – such as GPS devices and dash cams.
  • Tracking premises door lock use.
  • Use of security cameras.

While the legislation is about disclosure, not privacy, it would be reasonable to interpret it using privacy concepts. Any information that the employer tracks electronically that can be tied back to an individual would probably be covered under the concept of monitoring.

A new policy may not be enough

At first blush, it would seem that a simple new policy that discloses this information would be sufficient. The approach would be to consider all ways that an employer monitors and tracks and when and why, and put that in a policy. An employer’s IT department is probably the first place to turn to figure that out.

That is a good starting point, but it is not that simple.

An employer might already have something relevant to monitoring in their internal privacy or HR policies. It may have (and ought to have) a Technology or Computer Use policy that mentions surveillance of work tools and sets out that the use of those comes with “no reasonable expectation of privacy”. (If an employee is found to have been doing something they shouldn’t, you don’t want them to be able to complain that you invaded their privacy to determine that.)

An employer might already have a camera or monitoring policy that was created for privacy reasons.

At the very least, it is important that the electronic monitoring policy is consistent with these other policies. They may have to be amended.

If electronic monitoring details are already mentioned in an existing policy, employers should look to see if the policy complies with the new requirements. Then employers should decide whether it is best to pull out the electronic monitoring details into a standalone policy or leave them as part of the existing policy. In either case, it should be expressly called “Electronic Monitoring Policy” so employees and the Ministry of Labour can easily identify it as such.

One consideration around whether it should be standalone is the obligation to provide it to employees. While all policies regarding employees should be shared with employees, it might be easier to conform to the disclosure requirement if it was standalone. You don’t want a complaint that it has been buried in some other policy and thus the disclosure was not effectively made.

David Canton is a business lawyer and trademark agent at Harrison Pensa with a practice focusing on technology, privacy law, technology companies and intellectual property. Connect with David on LinkedIn and Twitter.

Image credit: ©zilvergolf – stock.adobe.com

A headshot of David Canton.
About the author

David Canton

Consultant
  • Business Law & Financial Services,
  • Data Protection,
  • e-Commerce,
  • Information Technology,
  • Intellectual Property,
  • SaaS,
  • Software Licenses,
  • Technology and Privacy Law
Meet David

Get connected

Sign up for our newsletter to stay up to date with current events, news and articles

Newsletter Sign-Up (Posts)

CASL
This field is for validation purposes and should be left unchanged.
Loading...