Skip to content
LegalVision UK

Monitoring Employees Working From Home in the UK

By Aamna Mughal
Trainee Solicitor

Updated on
Reading time: 5 minutes

Meets editorial guidelines

This article meets our strict editorial principles. Our lawyers, experienced writers and legally trained editorial team put every effort into ensuring the information published on our website is accurate. We encourage you to seek independent legal advice. Learn more.

Follow us on LinkedIn | Share on Reddit

Summary

  • Monitoring employees working from home is lawful in the UK if you have a lawful basis under UK GDPR, are transparent with staff and use the least intrusive method.
  • The ICO’s 2023 guidance confirms home workers have a higher expectation of privacy, and a Data Protection Impact Assessment is expected before most monitoring activities.
  • Employers risk grievances, constructive dismissal claims and ICO enforcement if monitoring is covert, excessive, or applied unequally across staff with protected characteristics.
  • This guide explains monitoring employees working from home for employers and business owners in the UK.
  • LegalVision’s business lawyers specialise in advising clients on employee monitoring and data protection compliance.

Tips for Businesses

Set a written monitoring policy, name the lawful basis under UK GDPR, and tell staff what you monitor and why. Complete a DPIA before introducing keystroke logging, email review or screenshots. Apply monitoring equally. Review the policy annually and remove anything you no longer need.

Summarise with:
ChatGPT logo ChatGPT Perplexity logo Perplexity

Open now
On this page

Monitoring employees working from home is lawful in the UK, but it sits under strict rules in the UK GDPR, the Data Protection Act 2018 and the ICO’s 2023 workplace monitoring guidance. The ICO states that home workers have a higher expectation of privacy than office workers, so employers must use the least intrusive method, identify a lawful basis and be transparent. Covert monitoring is rarely justifiable. For most home monitoring activities, including keystroke logging, email review and screenshots, the ICO expects employers to complete a Data Protection Impact Assessment. Article 8 of the Human Rights Act 1998 also applies, protecting respect for private and family life.

Monitoring Employees Working From Home

There are numerous ways you may decide to monitor your employees from home. For example, through:

  • monitoring telephone calls;
  • logging their keystrokes;
  • monitoring their use of the internet;
  • taking screenshots; or
  • looking at their emails.

You are legally allowed to monitor your staff when working from home. However, there are rules about this which you should note. You should also understand that it could be unfair to dismiss an employee after monitoring them working where they were not aware you were doing so.

There may also be instances where your legal responsibility involves monitoring your employees when working from home. As an employer, a Court can hold you legally responsible for the actions of your staff. Such actions include comments they make leading to instances of defamation or discrimination. This is known as vicarious liability. 

Continue reading this article below the form
Need legal advice?
Call 0808 196 8584 for urgent assistance.
Otherwise, complete this form, and we will contact you within one business day.

Other Considerations

There are several points to consider when monitoring employees working from home. Some of these are detailed below.

Telling Staff You Are Monitoring Them

Generally, you are legally required to tell your staff if you monitor them while working from home. Keeping this from your staff members could result in employees raising a grievance and potentially put you in breach of your data protection obligations. If the situation escalates, an employee might claim constructive dismissal, which is when they feel forced to leave their role. Also, not telling your staff you are monitoring them whilst working from home could damage trust between you and your employees.

If you do not want to alert your staff that you are monitoring them, you should have a good reason for this decision. For example, you might suspect criminal activity. This also applies when monitoring staff through their telephone calls. When monitoring staff through telephone calls, there are specific circumstances where their consent is not required. 

Additionally, you may not need your employees’ consent to monitor their work from home if you:

  • think they are doing something they are not permitted to do;
  • are doing so in the interest of national security;
  • ensure you meet standards in terms of telecommunications equipment;
  • are required to monitor transactions for your business; or
  • need to conduct quality control to abide by regulations or business continuity.

Right to Privacy

Your staff has a right to a reasonable degree of privacy when working from home. Importantly, you need to bear this in mind when considering how you monitor their work from home. For example, if your employees feel that your monitoring methods are too invasive, they may have a grievance with you. Equally, they may do so where you cannot give a valid reason for your monitoring activity.

As an employer, you need to balance the necessity of you monitoring your employees at home and the effect on your employees’ privacy. For example, installing a laptop camera in your employees’ devices could intrude on their family’s lives.

Monitoring Your Staff Equally 

If you monitor your staff working from home, you must also ensure that you do so equally. Therefore, you should not choose to monitor some staff but not others simply because they have a protected characteristic. There are nine characteristics that have legal protection from discrimination, including race, sex, and disability.

Key Statistics

  1. 60% of UK workers believe they have been subject to surveillance or monitoring at work
  2. 28% of UK organisations use task management software, time tracking software or check work saved in cloud folders to monitor staff
  3. 66% of workers are concerned that workplace surveillance could be used in a discriminatory way if left unregulated

Sources

  • Trades Union Congress (TUC), workplace surveillance research, 2022.
  • Chartered Institute of Personnel and Development (CIPD), Technology, the workplace and people management report, 2022.
  • Trades Union Congress (TUC), I’ll Be Watching You report, 2018.

Data Protection

Finally, when monitoring your staff working from home, you need to be aware of data protection laws. Indeed, monitoring your staff at home will require you to process their data. Likewise, you can only process data with a specific, explicit and legitimate purpose for doing so. Examples of a legitimate purpose could be to:

  • ensure the personal data your employees use is secure;
  • enable you to carry out your legal obligations; or
  • check your employees are carrying out their obligations stated within their employment contracts.

Where data protection law allows you to carry out monitoring, you should still be wary that your staff might consider monitoring in breach of their employment contracts.

Suggested Additional Content: Data Protection Impact Assessments for Home Monitoring

Under the ICO’s 2023 workplace monitoring guidance, you must complete a Data Protection Impact Assessment before introducing most forms of home monitoring. This includes monitoring employee emails and messages, keystroke logging, biometric data processing, performance monitoring that could cause financial loss, and profiling that affects access to services.

A DPIA forces you to record three things. First, why is the monitoring necessary? Second, whether a less intrusive option would achieve the same aim. Third, the risks to your employees and how you will reduce them.

The ICO expects you to consult staff or their representatives during the planning stage. You should also document any decision not to adopt a less intrusive method.

If high risks remain after mitigation, you must consult the ICO before you start monitoring. Skipping the DPIA is itself a UK GDPR breach and can attract enforcement action, regardless of whether the monitoring is otherwise justified.

Key Takeaways

You are legally allowed to monitor your employees working from home. However, you must be aware of the rules and considerations when monitoring your employees working from home. For example, when monitoring their phone calls, you require their consent. An exception is if they meet specific criteria, like if you suspect criminal activity. You should also consider your employees’ right to privacy and data protection laws when processing personal data through your monitoring.

If you need help with understanding monitoring employees working from home, our experienced employment lawyers can assist in our LegalVision membership. You will have unlimited access to lawyers to answer your questions and draft and review your documents for a low monthly fee. So call us today on 0808 196 8584 or visit our membership page.

Frequently Asked Questions

Is it legal to monitor employees working from home?

It is legal to monitor your employees working from home. However, there are rules surrounding this and many considerations to go through when doing so.

Do I need to carry out a DPIA before monitoring staff at home?

Yes, in most cases. The ICO expects a Data Protection Impact Assessment before email and message monitoring, keystroke logging, biometric processing, or performance monitoring that could cause financial loss. A DPIA records why the monitoring is necessary, what alternatives exist and how risks will be reduced.

What is the difference between lawful and unlawful staff monitoring?

Lawful monitoring is proportionate, has a clear purpose, relies on a UK GDPR lawful basis, and is communicated to staff through a written policy or privacy notice. Unlawful monitoring is excessive, covert without strong justification, applied unequally, or carried out without a policy informing employees in advance.

Should monitoring be set out in a staff privacy notice?

Yes. A Staff Privacy Notice is the most effective way to meet the UK GDPR transparency requirement. It should explain the types of monitoring, the purpose, the lawful basis, who can access the data, retention periods, and whether the data is shared with third parties.

Register for our free webinars

AI at Work: Privacy Risks That Could Expose Your Business

Online
AI tools bring new privacy, regulatory, and IP risks. Learn what to watch for and how to manage them.
Register Now

Sexual Harassment: What Every Business Needs to Know Now

Online
Join our free webinar to understand new sexual harassment laws, your obligations as an employer, and how to protect your business.
Register Now

2026 Legal Changes: What In-House Counsel Need to Act on Now

Online
Learn how 2026 UK legal reforms may affect in-house legal teams, from employment and governance to data and consumer law.
Register Now

Director Duties 101: What Every Director Needs to Know

Online
Understand your duties as a company director and how they apply to key decisions when growing a startup. Register for free today
Register Now
See more webinars >

Aamna Mughal

Trainee Solicitor | View profile

Aamna is a trainee solicitor at LegalVision within the Corporate and Commercial team.

Qualifications:  Bachelor of Laws (Hons), Manchester Metropolitan University.

Read all articles by Aamna

About LegalVision

LegalVision is an innovative commercial law firm that provides businesses with affordable, unlimited and ongoing legal assistance through our membership. We operate in Australia, the United Kingdom and New Zealand.

Learn more

Related articles

How to Carry Out a Disciplinary or Grievance Investigation in the Workplace in the UK

Legal Considerations When Working From Home in England and Wales

What Do I Need to Know About Job Sharing in the UK?

Understanding Your Confidentiality Obligations in the Workplace

LegalVision is an award-winning business law firm

  • Award

    2025 Future of Legal Services Innovation Finalist - Legal Innovation Awards

  • Award

    2024 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2024 Law Firm of the Year Finalist - Modern Law Private Client Awards

  • Award

    2023 Economic Innovator of the Year Finalist - The Spectator

  • Award

    2023 Law Company of the Year Finalist - The Lawyer Awards