Workplace Surveillance Minimisation Governance

2. Summary

Workplace Surveillance Minimisation Governance requires that organisations deploying AI agents for employee monitoring, productivity tracking, behaviour analysis, or any form of workplace surveillance limit the collection, processing, and retention of employee data to what is demonstrably lawful, necessary for a legitimate business purpose, and proportionate to the risk being addressed. AI agents have dramatically expanded the technical capacity for workplace surveillance — keystroke logging, screen capture, location tracking, communication sentiment analysis, facial expression monitoring, and continuous productivity scoring are now trivially deployable at scale. This dimension mandates that the availability of surveillance capability does not drive surveillance practice; instead, every monitoring function must pass a documented necessity and proportionality assessment before activation, during operation, and at periodic review, with enforceable minimisation controls that prevent scope creep, purpose drift, and disproportionate intrusion into employee privacy and dignity.

3. Example

Scenario A — Productivity Monitoring Escalation Without Proportionality Review: A professional services firm with 6,200 employees deploys an AI agent to track employee productivity during a transition to hybrid working. The initial scope is limited: the agent monitors login times and meeting attendance to identify employees who may need support adjusting to remote work. Over 14 months, without any formal review, the agent's capabilities are progressively expanded: screen capture every 5 minutes is added to "verify active work," keystroke frequency monitoring is added to "measure engagement," application usage tracking is added to "ensure appropriate tool use," and email sentiment analysis is added to "assess team morale." None of these expansions undergo a proportionality assessment. The screen capture function inadvertently captures personal medical information visible on an employee's screen during a telehealth consultation. An employee discovers the extent of monitoring when a manager references their application usage patterns in a performance review. The employee files a data protection complaint.

What went wrong: The initial monitoring scope was arguably proportionate — login times and meeting attendance for a limited support purpose. But progressive capability expansion occurred without proportionality review. Each individual addition seemed incremental; collectively, they constituted comprehensive surveillance. No governance mechanism prevented scope creep. The screen capture function collected sensitive health data that was never necessary for any business purpose. Consequence: Data protection authority investigation, EUR 280,000 fine for disproportionate processing under GDPR Article 5(1)(c), employee relations crisis requiring 8 months of works council negotiation, £420,000 in legal and consultancy costs, and loss of 12 senior employees who resigned citing privacy concerns.

Scenario B — Emotion Detection Deployed Without Lawful Basis: A customer service organisation with 3,400 employees deploys an AI agent that analyses call centre employees' tone of voice, facial expressions during video interactions, and typing patterns to generate real-time "emotional state" scores. The stated purpose is to identify employees experiencing stress so that managers can offer support. The system generates colour-coded dashboards showing each employee's emotional trajectory throughout the day. Managers begin using the emotional data in performance reviews, correlating "negative emotion scores" with poor customer satisfaction ratings. An employee with a diagnosed anxiety disorder receives a performance improvement plan citing persistent "negative emotional indicators." The employee's trade union representative challenges the lawful basis for biometric emotional data processing.

What went wrong: Emotion detection from biometric data (voice, facial expressions) constitutes processing of biometric data for identification purposes under GDPR Article 9 and is classified as prohibited practice under the EU AI Act Article 5(1)(f) when used to infer emotions in the workplace except where intended for medical or safety reasons. The stated support purpose was not the actual use — the data was used for performance management. No Data Protection Impact Assessment was conducted per AG-014. No lawful basis was established for biometric special category data processing. Consequence: EU AI Act prohibition finding, GDPR Article 83 fine of EUR 1.8 million for processing special category data without lawful basis, employment tribunal claim for disability discrimination resulting in £62,000 award, and mandatory destruction of all emotional data retrospectively.

Scenario C — Location Tracking Beyond Working Hours: A logistics company with 11,500 employees equips delivery drivers with AI-enabled tracking devices that monitor route efficiency, delivery times, and driving behaviour during working hours. The devices also track location continuously, including during lunch breaks, toilet stops, and — due to a configuration error that is not detected for 9 months — during off-duty hours when drivers take company vehicles home. The AI agent generates efficiency scores that penalise drivers for "unproductive stops" exceeding 8 minutes, which includes toilet breaks. A driver who is disciplined for excessive unproductive stops files a grievance, and the subsequent investigation reveals the 24-hour tracking and the toilet break penalisation. The transport workers' union publicises the findings.

What went wrong: The monitoring system was not configured with minimisation controls to limit tracking to working hours and legitimate work activities. The 24-hour tracking exceeded the lawful scope even where the initial working-hours tracking was justified. The "unproductive stop" metric penalised biological necessities, violating the proportionality principle. No mechanism detected that the tracking scope exceeded the documented purpose. Consequence: ICO enforcement notice, £175,000 GDPR fine, national media coverage damaging employer brand, industrial action by union members across 4 depots lasting 3 days with estimated revenue loss of £2.3 million, and complete redesign of the monitoring system at £340,000 cost.

4. Requirement Statement

Scope: This dimension applies to any organisation that deploys AI agents, automated systems, or algorithmic tools to monitor, track, measure, score, analyse, or surveil employees, contractors, or other workers in the course of their employment or engagement. The scope covers all forms of workplace surveillance conducted through or assisted by AI systems, including but not limited to: productivity tracking (time, output, activity metrics), communication monitoring (email, chat, voice), location tracking (GPS, badge, device), risk analysis (keystroke dynamics, application usage, browsing patterns), biometric monitoring (facial recognition, voice analysis, emotion detection), video and screen surveillance (camera feeds, screen capture, screenshot intervals), and performance scoring derived from monitored data. The scope includes surveillance of employees working on employer premises, remotely, in hybrid arrangements, or in the field. It applies regardless of whether the surveillance data is processed in real time or retrospectively, and regardless of whether the data is used for individual-level decisions or aggregate analytics only. Organisations using third-party platforms that incorporate surveillance capabilities are accountable for ensuring those capabilities are configured and operated in compliance with this dimension.

4.1. A conforming system MUST conduct and document a necessity and proportionality assessment before activating any AI-assisted employee monitoring capability, specifying the legitimate business purpose, the data to be collected, the processing to be performed, the retention period, and the justification for why the monitoring is necessary and proportionate to achieve the stated purpose.

4.2. A conforming system MUST classify all employee monitoring data according to AG-014 sensitivity categories and apply data handling controls per AG-015, with biometric data, health-related data, and location data outside working hours classified at the highest sensitivity level.

4.3. A conforming system MUST implement technical controls that enforce the documented monitoring scope, preventing collection of data types, data subjects, time periods, or locations not authorised in the necessity and proportionality assessment.

4.4. A conforming system MUST provide employees with clear, comprehensible notice of all AI-assisted monitoring to which they are subject, including the types of data collected, the purposes for which it is processed, who has access to the data, the retention period, and their rights under applicable data protection law, before monitoring commences.

4.5. A conforming system MUST conduct periodic reviews of all active monitoring capabilities — at minimum annually and additionally whenever the monitoring scope, purpose, or technology changes — to verify that each capability remains necessary, proportionate, and within its documented scope.

4.6. A conforming system MUST implement data retention controls per AG-016 that automatically delete or anonymise monitoring data when the documented retention period expires, with no manual override that permits indefinite retention without re-authorisation.

4.7. A conforming system MUST maintain access controls ensuring that employee monitoring data is accessible only to individuals with a documented business need, and that access is logged and auditable per AG-515.

4.8. A conforming system MUST prohibit the use of AI-assisted monitoring data for purposes not specified in the original necessity and proportionality assessment without conducting a new assessment for the proposed purpose and, where required by law, obtaining fresh employee consent or establishing a new lawful basis.

4.9. A conforming system SHOULD implement data minimisation at the point of collection — collecting the minimum data necessary for the stated purpose rather than collecting comprehensive data and filtering at the processing stage. Where screen capture is necessary, capturing application names and active window titles is preferable to full-screen screenshots. Where location tracking is necessary, zone-level accuracy may be sufficient rather than precise GPS coordinates.

4.10. A conforming system SHOULD consult employee representatives, works councils, or trade unions before deploying or materially expanding AI-assisted monitoring, documenting the consultation process and its outcomes.

4.11. A conforming system SHOULD implement anomaly detection that identifies monitoring scope creep — gradual expansion of data collection, processing, or access beyond the documented scope — and alerts governance oversight when detected.

4.12. A conforming system MAY implement employee-accessible dashboards showing what monitoring data is collected about them, how it is used, and who has accessed it, providing transparency that supports trust and enables employees to exercise their data subject rights.

5. Rationale

Workplace surveillance is not new — employers have monitored employees since the origins of employment. What is new is the scale, granularity, and analytical power that AI brings to monitoring. A human supervisor observing a team of 20 employees has limited attention and imperfect recall. An AI surveillance agent monitoring 20,000 employees can simultaneously track every keystroke, every screen change, every communication, every location movement, every facial expression — continuously, perfectly, and permanently. This asymmetry between surveillance capability and human privacy expectations creates a governance imperative: without active minimisation controls, the default trajectory is maximum surveillance, because the marginal cost of adding another monitoring dimension to an AI system approaches zero.

The legal framework for workplace surveillance is dense and jurisdiction-specific, but converges on several principles. The GDPR requires that personal data processing be lawful, fair, transparent, purpose-limited, data-minimised, and time-limited (Article 5). The EU AI Act prohibits certain forms of workplace surveillance outright — specifically, emotion recognition in the workplace except for medical or safety reasons (Article 5(1)(f)). The European Court of Human Rights has held that workplace surveillance engages Article 8 rights (respect for private life) even on employer premises (Barbulescu v Romania, 2017). The ECHR Grand Chamber established that employers must balance: the employee's reasonable expectation of privacy, the purpose and extent of monitoring, whether less intrusive means were available, the consequences of monitoring for the employee, and whether adequate safeguards were in place. National employment laws add further requirements: German works council co-determination for monitoring systems (Betriebsverfassungsgesetz Section 87(1)(6)), French CNIL guidance on proportionate employee monitoring, and UK ICO Employment Practices Code.

The risk analysis for disproportionate surveillance encompasses three categories. First, legal and regulatory risk: data protection fines, employment tribunal claims, and regulatory enforcement actions. The fines in Scenario A (EUR 280,000), Scenario B (EUR 1.8 million), and Scenario C (£175,000) illustrate the governed exposure. Second, workforce risk: employee disengagement, attrition, and industrial action. Research consistently demonstrates that perceived surveillance reduces job satisfaction, intrinsic motivation, and organisational trust. The senior employee departures in Scenario A and the industrial action in Scenario C illustrate this risk. Third, ethical and reputational risk: public exposure of disproportionate surveillance damages employer brand and corporate reputation. In an era where talent competition is intense, being known as a surveillance-heavy employer directly impairs recruitment capability.

The minimisation principle is not anti-monitoring — it is pro-governance. Legitimate monitoring for legitimate purposes (safety, security, legal compliance, performance management) is lawful and often necessary. The governance requirement is that each monitoring capability must earn its place through a documented necessity and proportionality assessment, operate within defined boundaries, and be subject to periodic review. This prevents the scope creep illustrated in Scenario A, the unlawful biometric processing in Scenario B, and the boundary violations in Scenario C.

The detective control type of AG-510 reflects its primary function: detecting when surveillance capabilities exceed their authorised scope. While the necessity and proportionality assessment is preventive, the ongoing monitoring of monitoring — the meta-governance function — is detective, identifying scope creep, purpose drift, and boundary violations after they begin but before they cause significant harm.

6. Implementation Guidance

Workplace Surveillance Minimisation Governance requires organisations to establish a governance framework that treats every monitoring capability as a controlled intervention requiring justification, boundary definition, and ongoing review — not as a default consequence of deploying technology. The framework must address the full lifecycle: pre-deployment assessment, deployment configuration, operational monitoring, periodic review, and decommissioning.

Recommended patterns:

• Surveillance register with capability-level governance. Maintain a formal register of every AI-assisted monitoring capability deployed across the organisation. Each entry in the register documents: the capability name and description, the business sponsor, the necessity and proportionality assessment with approval record, the data types collected, the data subjects in scope, the temporal scope (working hours only, specific shifts, continuous), the geographic scope, the retention period, the access control list, the review schedule, and the current status (active, suspended, under review, decommissioned). The register is the authoritative record — any monitoring capability not in the register is unauthorised. The register is reviewed quarterly by the data protection officer and annually by senior leadership.
• Technical scope enforcement through configuration controls. Implement monitoring boundaries as technical controls, not policy controls. If monitoring is authorised for working hours only, the system must be technically incapable of collecting data outside working hours — not merely instructed not to. If screen capture is limited to application names, the system must be technically incapable of capturing full screenshots. Configuration controls must require authorised approval to modify, with all modifications logged. This prevents the configuration error in Scenario C where 24-hour tracking was enabled without detection.
• Purpose binding with technical enforcement. Tag all monitoring data with its authorised purpose at the point of collection. Implement access controls that restrict data use to the authorised purpose. If productivity data is collected for "identifying employees needing support," technical controls must prevent that data from being accessed for "performance disciplinary proceedings" without a new proportionality assessment and re-tagging. This prevents the purpose drift in Scenario B where emotional data collected for "support" was used for performance management.
• Graduated monitoring with proportionality tiers. Define monitoring intensity tiers aligned to role risk categories. Low-risk roles (office-based knowledge workers with no fiduciary or safety responsibilities) receive minimal monitoring: login/logout times and aggregate output metrics only. Medium-risk roles (customer-facing, financial processing) receive targeted monitoring: specific workflow compliance checks and quality sampling. High-risk roles (safety-critical, high-value financial authority) receive enhanced monitoring: detailed activity tracking within documented boundaries. The tier assignment is documented in the necessity and proportionality assessment.
• Automated retention enforcement with no silent extension. Implement automated data lifecycle management that deletes or anonymises monitoring data when the documented retention period expires. The system must not permit silent retention extension — if data is to be retained beyond the original period (e.g., for an ongoing investigation), a documented re-authorisation is required, the employee is notified (unless notification would prejudice the investigation, with legal advice), and the extended retention period is recorded in the surveillance register.

Anti-patterns to avoid:

• Deploy-first, assess-later. Activating monitoring capabilities before conducting the necessity and proportionality assessment. The assessment must precede deployment because once data is collected, the privacy harm has occurred — deleting data after collection does not undo the intrusion.
• Blanket monitoring with no role differentiation. Applying the same monitoring intensity to all employees regardless of role, risk, or necessity. A graduate trainee in a non-customer-facing support role does not require the same monitoring as a senior trader with discretionary authority over client funds. Blanket monitoring fails the proportionality test because it monitors many employees more intensively than necessary.
• Consent as sole lawful basis. Relying on employee consent as the lawful basis for monitoring in employment relationships. Data protection authorities across the EU have repeatedly held that employee consent is rarely freely given due to the power imbalance in the employment relationship. Legitimate interest (Article 6(1)(f)) with a documented balancing test, or legal obligation (Article 6(1)(c)), are more robust bases where the monitoring is genuinely necessary.
• Invisible monitoring. Deploying monitoring without employee notification, intending to observe "natural" behaviour. Covert monitoring is lawful only in extremely limited circumstances (suspected criminal activity, with legal advice, for a defined and limited period). Routine covert monitoring violates the transparency principle and destroys organisational trust.
• Monitoring data lakes. Collecting all available monitoring data into a centralised data lake "in case it might be useful," deferring the question of what data is actually needed. Data lakes containing comprehensive surveillance data are a legal, security, and ethical liability. Minimisation at collection, not at processing, is required.
• Metric pathology. Using monitoring metrics that penalise normal human behaviour — toilet breaks counted as "unproductive time" (Scenario C), eye movement away from screen counted as "inattention," or declining to participate in optional social events counted as "low engagement." Monitoring metrics must be assessed for pathological edge cases before deployment.

Industry Considerations

Financial Services. Financial services firms face a genuine tension between regulatory requirements for surveillance (trade surveillance, communications recording, conduct monitoring) and employee privacy rights. MiFID II and MAR require firms to record and retain certain communications and monitor for market abuse. These regulatory requirements provide a strong lawful basis for targeted monitoring but do not authorise blanket surveillance. Firms must carefully delineate regulatory-required monitoring (which has strong justification) from discretionary monitoring (which requires independent proportionality assessment). The surveillance register should clearly mark each capability as "regulatory-mandated" or "discretionary" with different governance workflows for each.

Technology and Remote Work. Technology companies with large remote workforces face particular surveillance temptation — the physical absence of employees creates managerial anxiety that monitoring technology promises to resolve. However, keystroke logging, screen capture, and continuous webcam monitoring of remote workers have generated significant legal challenges and employee backlash. Organisations should implement outcome-based performance measurement rather than input-based surveillance, reducing the perceived need for monitoring.

Logistics and Field Operations. Vehicle tracking, route monitoring, and delivery time measurement are often operationally necessary for logistics companies. The governance challenge is boundary setting: monitoring must be limited to working hours and work-related activities. Toilet break monitoring, as in Scenario C, crosses the proportionality boundary. Organisations should define "legitimate operational metric" criteria that exclude biological necessities and brief personal stops from penalised categories.

Healthcare. Healthcare organisations monitoring clinical staff must navigate the intersection of patient safety requirements, professional autonomy expectations, and privacy rights. Monitoring of clinical decision-making may be justified for patient safety but must be implemented with clinical professional body input and must not undermine clinical judgement or create defensive practice.

Maturity Model

Basic Implementation — A surveillance register documents all active AI-assisted monitoring capabilities. Each capability has a completed necessity and proportionality assessment. Employees receive clear notice of all monitoring before it commences. Data classification per AG-014 is applied to all monitoring data. Retention periods are documented and manually enforced. Access controls restrict monitoring data to individuals with documented business need. Annual review of all active capabilities is conducted. The organisation meets all MUST requirements.

Intermediate Implementation — All basic capabilities plus: technical scope enforcement prevents data collection outside authorised boundaries. Purpose binding with technical enforcement prevents data use beyond the authorised purpose. Automated retention enforcement deletes or anonymises data at period expiry. Graduated monitoring with proportionality tiers differentiates monitoring intensity by role risk. Scope creep detection identifies unauthorised expansion of monitoring capabilities. Employee representatives are consulted on new or expanded monitoring deployments. Quarterly surveillance register review by the data protection officer.

Advanced Implementation — All intermediate capabilities plus: employee-accessible transparency dashboards show individuals what data is collected about them and how it is used. Real-time proportionality monitoring assesses whether monitoring intensity remains proportionate to evolving risk. Independent audit of the surveillance register and proportionality assessments is conducted annually. Cross-jurisdictional monitoring compliance is automated, applying the correct legal requirements based on employee location. The organisation publishes a workplace monitoring transparency report. Monitoring data is subject to privacy-enhancing technologies (differential privacy, aggregation, k-anonymity) where individual-level data is not required for the stated purpose.

7. Evidence Requirements

Required artefacts:

• Surveillance register. The complete register of all AI-assisted monitoring capabilities, with all documented fields: capability description, business sponsor, necessity and proportionality assessment, data types, data subjects, temporal and geographic scope, retention period, access control list, review schedule, and current status.
• Necessity and proportionality assessments. The full assessment for each monitoring capability, including the stated legitimate purpose, the justification for necessity (why the purpose cannot be achieved without monitoring), the proportionality analysis (why the monitoring is the least intrusive means adequate to the purpose), and the approval record with approver identities and dates.
• Employee notification records. Evidence that employees were notified of all applicable monitoring before it commenced, including the notification content, delivery method, delivery date, and acknowledgement records where obtained.
• Data retention compliance records. Evidence that monitoring data is deleted or anonymised at the documented retention period expiry, including automated deletion logs, exception records where retention was extended with re-authorisation, and periodic verification that no data is retained beyond authorised periods.
• Access logs for monitoring data. Audit trails showing who accessed employee monitoring data, when, for what purpose, and whether the access was within the documented authorisation scope.
• Periodic review records. Documentation of annual (or more frequent) reviews of each monitoring capability, including the review outcome (continued, modified, suspended, decommissioned), the reviewer's assessment of continued necessity and proportionality, and any scope modifications.

Retention requirements:

• Surveillance register and proportionality assessments: retained for the lifetime of the monitoring capability plus 5 years after decommissioning.
• Employee notification records: retained for the duration of employment plus 6 years (aligned with employment tribunal limitation periods in most jurisdictions).
• Access logs and retention compliance records: minimum 3 years, or the period required by the most stringent applicable regulation, whichever is longer.

Access requirements:

• The surveillance register and proportionality assessments must be producible to regulators, data protection authorities, or auditors within 48 hours of request.
• Individual employee monitoring records must be producible to the affected employee within 30 days of a data subject access request, in compliance with applicable data protection law.

8. Test Specification

Test 8.1: Necessity and Proportionality Assessment Completeness

• Stimulus: Select 5 active monitoring capabilities from the surveillance register. Request the necessity and proportionality assessment for each.
• Expected behaviour: Each assessment contains: the stated legitimate business purpose, the necessity justification, the proportionality analysis including consideration of less intrusive alternatives, the data types authorised, the temporal and geographic scope, the retention period, and the approval record with approver identities and dates.
• Pass criteria: All 5 assessments are complete with no missing elements. Each assessment demonstrates genuine engagement with the proportionality analysis (not a templated rubber-stamp). At least one assessment documents consideration and rejection of a less intrusive alternative.
• Fail criteria: Any assessment is missing, incomplete, or lacks a genuine proportionality analysis. Any active monitoring capability has no assessment on record.

Test 8.2: Technical Scope Enforcement

• Stimulus: For a monitoring capability authorised only during working hours (e.g., 08:00-18:00), attempt to trigger data collection at 22:00 on a weekday and at 14:00 on a non-working day. For a capability authorised to collect application names only (not screen content), attempt to retrieve full-screen screenshot data.
• Expected behaviour: The system technically prevents data collection outside the authorised temporal scope. The system technically prevents collection of data types beyond the authorised scope. Attempts are logged as scope violation attempts.
• Pass criteria: No data is collected outside the authorised temporal scope. No unauthorised data types are collected. Violation attempts are logged and, where anomaly detection is implemented, trigger alerts.
• Fail criteria: Any data is collected outside the authorised scope, or violation attempts are not logged.

Test 8.3: Employee Notification Verification

• Stimulus: Select 10 employees across different roles and jurisdictions. For each, request evidence that they were notified of all AI-assisted monitoring to which they are subject. Cross-reference the notification content against the surveillance register to verify completeness.
• Expected behaviour: Each employee has received notification covering all monitoring capabilities applicable to them. The notification content accurately describes the data collected, the purpose, the retention period, access details, and their rights.
• Pass criteria: All 10 employees have documented notification records. Notification content matches the surveillance register entries for each employee's applicable monitoring capabilities. No monitoring capability applies to an employee who was not notified.
• Fail criteria: Any employee lacks notification records, or any notification omits a monitoring capability to which the employee is subject, or notification content contradicts the surveillance register.

Test 8.4: Purpose Binding Enforcement

• Stimulus: Attempt to use monitoring data collected for purpose A (e.g., "team workload balancing") for purpose B (e.g., "individual performance disciplinary action") without conducting a new proportionality assessment. This may be tested by requesting a data export tagged for purpose A and attempting to load it into a system configured for purpose B.
• Expected behaviour: The system prevents the data from being used for the unauthorised purpose. An alert is generated for the attempted purpose deviation. The access attempt is logged.
• Pass criteria: The purpose deviation is technically prevented or flagged before the data is used for the unauthorised purpose. The attempt is logged and alerted.
• Fail criteria: Monitoring data is successfully used for an unauthorised purpose without intervention, or the attempt is not logged.

Test 8.5: Automated Retention Enforcement

• Stimulus: Identify monitoring data that has passed its documented retention period. Verify that the data has been deleted or anonymised. Additionally, attempt to extend the retention period for a data set without completing a re-authorisation process.
• Expected behaviour: Data past its retention period has been deleted or anonymised. The retention extension attempt without re-authorisation is rejected by the system.
• Pass criteria: No monitoring data is retained beyond its documented retention period without a documented re-authorisation. The system rejects retention extensions that lack re-authorisation. Deletion or anonymisation is verified through data store inspection (not merely through deletion logs).
• Fail criteria: Any monitoring data is found to exist beyond its retention period without re-authorisation, or the system permits retention extension without re-authorisation.

Test 8.6: Periodic Review Execution

• Stimulus: Request review records for all monitoring capabilities that have been active for more than 12 months. Verify that each has undergone at least one periodic review within the last 12 months.
• Expected behaviour: Every capability active for more than 12 months has a documented periodic review. The review reassesses necessity and proportionality in light of current conditions. At least one review across the portfolio has resulted in a scope modification or decommissioning (indicating genuine review rather than blanket reconfirmation).
• Pass criteria: 100% of eligible capabilities have documented periodic reviews within the required timeframe. Review records demonstrate substantive reassessment (not merely "confirmed, no change" with no analysis).
• Fail criteria: Any eligible capability lacks a periodic review within the required timeframe, or all reviews consist of boilerplate reconfirmation with no evidence of substantive reassessment.

Test 8.7: Access Control and Audit Trail Verification

• Stimulus: Request the access control list for 3 monitoring data repositories. For each, verify that access is limited to individuals with a documented business need. Request the audit trail for the last 90 days and verify completeness.
• Expected behaviour: Access control lists are current and limited to authorised individuals. Audit trails record every access event with the accessor's identity, timestamp, data accessed, and stated purpose. No unauthorised access events are present.
• Pass criteria: All access control lists contain only individuals with documented business need. Audit trails are complete for the 90-day period with no gaps. Every access event is attributable to a specific individual and purpose.
• Fail criteria: Any access control list includes individuals without documented business need, or audit trails contain gaps, or any access event cannot be attributed to a specific individual.

Conformance Scoring

• Score 0: No surveillance minimisation governance exists. AI-assisted monitoring capabilities are deployed without necessity and proportionality assessment, employees are not notified, no scope controls are implemented, and monitoring data is retained indefinitely with unrestricted access.
• Score 1: A surveillance register exists and necessity and proportionality assessments are conducted for new monitoring capabilities. Employees are notified of monitoring. However, technical scope enforcement is absent (boundaries are policy-based only), purpose binding is not enforced, retention is manually managed, and periodic reviews are not conducted consistently.
• Score 2: Technical scope enforcement prevents data collection outside authorised boundaries. Purpose binding prevents unauthorised data reuse. Automated retention enforcement deletes or anonymises data at period expiry. Access controls are role-based with full audit trails. Periodic reviews are conducted on schedule with substantive reassessment. Employee representatives are consulted on new deployments. All MUST requirements are met and technically enforced.
• Score 3: All Score 2 capabilities plus: employee-accessible transparency dashboards provide individual visibility into monitoring data. Scope creep detection automatically identifies unauthorised expansion. Independent annual audit of the surveillance programme is conducted. Cross-jurisdictional compliance is automated. Privacy-enhancing technologies are applied where individual-level data is unnecessary. The organisation demonstrates continuous reduction in monitoring intensity as risk understanding improves.

9. Regulatory Mapping

Regulation	Provision	Relationship Type
EU AI Act	Article 5(1)(f) (Prohibited Practices — Emotion Recognition in Workplace)	Direct requirement
EU AI Act	Article 26(7) (Obligations of Deployers — Informing Workers)	Direct requirement
EU Employment Directive	Directive 89/391/EEC (Framework Directive on Safety and Health), Directive 2002/14/EC (Information and Consultation)	Supports compliance
SOX	Section 404 (Internal Controls Over Financial Reporting)	Supports compliance
FCA SYSC	6.1.1R (Systems and Controls), 10A (Recording of Telephone Conversations and Electronic Communications)	Direct requirement
NIST AI RMF	GOVERN 1.2, MAP 2.3, MANAGE 2.2	Supports compliance
ISO 42001	Clause 6.1 (Actions to Address Risks), Annex B.7.4 (Data Quality)	Supports compliance
DORA	Article 9 (ICT Risk Management Framework)	Supports compliance

EU AI Act — Article 5(1)(f) and Article 26(7)

Article 5(1)(f) prohibits AI systems that infer emotions of natural persons in the workplace, except where the use is intended for medical or safety reasons. This is not a proportionality-qualified requirement — it is a prohibition. Emotion recognition in the workplace through AI analysis of facial expressions, voice tone, physiological signals, or behavioural patterns is unlawful unless it meets the narrow medical/safety exception. AG-510 requires that necessity and proportionality assessments explicitly assess whether any monitoring capability constitutes emotion recognition and, if so, whether it falls within the exception. Article 26(7) requires deployers of high-risk AI systems to inform workers' representatives and affected workers that they will be subject to the use of the system. This directly maps to AG-510's employee notification requirement (4.4).

GDPR — Articles 5, 6, 9, 35

GDPR Article 5(1)(c) (data minimisation) is the foundational principle underpinning AG-510. Article 6 requires a lawful basis for processing — in the employment context, this is typically legitimate interest (6(1)(f)) requiring a documented balancing test, not employee consent. Article 9 imposes additional restrictions on biometric data processing. Article 35 requires a Data Protection Impact Assessment for high-risk processing, which includes systematic monitoring of employees. AG-510's necessity and proportionality assessment framework implements these requirements as an operational governance process.

EU Employment Directives

The Framework Directive on Safety and Health (89/391/EEC) provides a basis for certain monitoring related to occupational safety but also requires that measures are proportionate and respect worker dignity. The Information and Consultation Directive (2002/14/EC) requires that workers are informed and consulted on decisions likely to lead to substantial changes in work organisation — deployment of AI surveillance systems clearly qualifies. National implementations add further requirements, particularly the German Works Constitution Act Section 87(1)(6) requiring works council consent for technical monitoring equipment.

FCA SYSC — 10A (Recording of Communications)

FCA-regulated firms are required under SYSC 10A to record certain telephone conversations and electronic communications related to financial transactions. This creates a regulatory mandate for specific, targeted monitoring. However, the mandate is limited in scope — it does not authorise blanket monitoring of all employee communications. AG-510 helps firms delineate between mandatory regulatory monitoring (strong lawful basis, specific scope) and discretionary monitoring (requires independent proportionality assessment). Firms must ensure that SYSC 10A compliance monitoring does not become a justification for broader surveillance that exceeds the regulatory requirement.

NIST AI RMF

GOVERN 1.2 calls for policies and procedures that address AI risks consistent with organisational values including fairness and privacy. MAP 2.3 requires identification of impacts on civil liberties and human rights — workplace surveillance directly engages privacy and dignity rights. MANAGE 2.2 requires that mechanisms are in place to respond to identified risks, including disproportionate surveillance. AG-510's surveillance register and periodic review framework implement these functions.

10. Failure Severity

Field	Value
Severity Rating	High
Blast Radius	Organisation-wide for employees subject to disproportionate monitoring — potentially the entire workforce. The blast radius extends beyond the organisation to industry-level employer reputation effects, regulatory precedent setting, and labour relations across the sector

Consequence chain: An AI-assisted monitoring capability is deployed or expanded beyond its proportionate scope. The immediate technical failure is collection or processing of employee data that is not necessary, not proportionate, or not authorised — data that should not exist. The data protection failure compounds over time: every hour of disproportionate monitoring produces additional unlawful data. The workforce harm begins when employees become aware of the monitoring — either through notification (where the organisation is transparent about disproportionate monitoring, which itself demonstrates governance failure) or through discovery (as in Scenario A and Scenario C, which compounds the harm with a transparency violation). Employee trust erodes, manifesting as reduced engagement, increased attrition (particularly of high-performing employees with strong alternative options), and potential industrial action. The regulatory chain is severe: GDPR fines for disproportionate processing (up to EUR 20 million or 4% of global turnover), EU AI Act fines for prohibited practices such as emotion recognition (up to EUR 35 million or 7% of global turnover), employment tribunal claims for breach of the implied term of mutual trust and confidence, and potential criminal sanctions in jurisdictions where unlawful surveillance constitutes a criminal offence. The reputational chain extends beyond the individual organisation: media coverage of workplace surveillance failures creates industry-wide effects, accelerating regulatory scrutiny across the sector and raising employee expectations at competing organisations. The financial consequence of a major surveillance failure — combining fines, legal costs, remediation, employee attrition, recruitment premium, and operational disruption — typically ranges from £1 million to £15 million for a mid-size employer, with potentially larger exposure for organisations operating across multiple jurisdictions.

Cross-references: AG-014 (Data Classification Governance), AG-015 (PII & Sensitive Data Handling), AG-016 (Data Retention & Right to Erasure), AG-511 (Performance Scoring Fairness Governance), AG-515 (HR Sensitive Data Compartmentalisation Governance), AG-516 (Whistleblower Retaliation Prevention Governance), AG-376 (Connector Data Return Minimisation Governance), AG-411 (Video and Screen Evidence Governance).