"In the US, if you get consent, it's considered adequate because the employee's given it. And I feel like in the EU and other jurisdictions, the feeling that you're required to give it because you're an employee... can mean that it's not adequate."
What it was about
Employee monitoring (productivity tracking, wearables, GPS, AI note-takers) is legal in most contexts, but compliance requires jurisdiction-specific analysis of notice, consent, and proportionality. That's a patchwork spanning at least 20 US state consumer privacy laws, a handful of dedicated employee-monitoring statutes, and distinct international frameworks (GDPR, PIPEDA, PIPL, LGPD, APPI) that generally treat employee consent as inherently suspect due to power imbalance.
By the numbers
20 consumer privacy laws currently in the US
Number of existing US state consumer privacy laws, expected to keep growing
90%
Approximate overlap between Brazil's LGPD analysis and applying the GDPR model directly
Key notes
Before deploying any employee monitoring tool, identify every jurisdiction where affected employees are located and check that state/country's specific requirements separately: there is no single US or global standard.
In California, notice alone is not enough under the CCPA; you must also disclose the specific business purpose for which the data is being collected.
In New York and Connecticut, employee monitoring requires both a written notice (given at hiring, in Connecticut's case with a signed acknowledgment) and a physical/conspicuous workplace posting; Delaware requires notice but no poster; Maine requires notice plus an annual re-notice.
The contrarian takeRather than recommending employers ban or restrict AI note-takers due to legal risk, the speakers argue banning them is a losing strategy long term ('it's going to become difficult or impossible to do that'). They instead advocate building strong active-consent policies around their continued, expanding use.
Take this back Monday
Do this for your team
Before rolling out any wearable or AI note-taker, map every state/country your remote employees sit in and check that jurisdiction's specific notice rules.
Say this in your next leadership meeting
Employee monitoring is legal almost everywhere, but the compliance patchwork is jurisdiction by jurisdiction — there's no single US or global standard we can rely on.
Watch out for
Assuming that providing notice of monitoring automatically satisfies legal requirements everywhere (it does not satisfy CCPA without a stated business purpose, or GDPR/LGPD without a proper lawful basis).
Treating a signed employee handbook acknowledgment as valid consent for monitoring in the EU, Brazil, or similar jurisdictions.
Storing wearable-generated health data (heart rate, biometric data) in the same personnel file as other HR records instead of a separate confidential file.