Surreptitious workplace recording becoming a growing organizational threat

Jan. 17, 2014
The threat is both from insiders and potential corporate espionage

Someone secretly records in your workplace. It could be an employee, a visitor, or an unknown with espionage or voyeurism in mind. Their tool could be a smartphone app, a recorder in a USB stick[i], or an audio-video recorder hidden in a fake key fob, pen or wristwatch.

This is bad news for you and your company. You won’t realize it has happened until a lawsuit begins or your competitive advantage evaporates. Embarrassment and expense follow. Surreptitious workplace recording is a serious issue on both a business and personal level. You can protect yourself and your organization, but first let’s review some motivations you are facing:

Industrial Espionage – Defined as the theft of trade secrets by the removal, copying or recording of confidential or valuable information.[ii]

HR Issues One-third of employees who visit the U.S. Equal Employment Opportunity Commission (EEOC) office to file discrimination complaints bring secretly made recordings.[iii] Katrina Patrick, a lawyer who represents aggrieved employees, says that more than 50 percent of the people who come to her office bring digital evidence. Some cases are settled for six figure sums.[iv] One case is now in its eighth year.[v] Obviously, not anticipating surreptitious recording is expensive.

Blackmail – Recordings force outcomes. Recently, three employees bugged their boss for a promotion, literally. They hid a recorder in his office and tried to blackmail him with the video footage.[vi]

Sex – Spycams are being placed in areas where there is an expectation of privacy (locker-rooms, business-provided restrooms, etc.). The problem is epidemic.[vii] Dozens of these stories appear in the news every week, and these are only the few who got caught. Inspecting privacy areas is now a regular part of our clients’ due diligence inspections.

What Can You Do?

Totally eliminating the possibility of surreptitious recording is not a realistic goal. Think protection. Aim at mitigating the threat and the damage it causes using this two point strategy.

1.    Create a written policy. In addition to its deterrent value, a policy provides discipline / termination leverage, and a stronger standing in court.

2.    Conduct proactive verification sweeps (TSCM)[viii] for covert recording devices. This is especially effective in combating industrial espionage. It also shows your due diligence when defending trade secret and bathroom spycam cases.

This two-pronged approach sends a strong message to anyone considering making you a target. Should you be recorded, or need to handle a covert recording workplace issue, you will find being prepared is the winner’s strategy.

Elements of a Workplace Recording Policy

The following are some of the most common elements of establishing a creditable and comprehensive workplace recording policy:

  •   Work with an attorney who specializes in employment matters.
  • ·Clearly define the purpose of the policy, e.g.
    •  to encourage an atmosphere for honest and open workplace communications,
    • to protect trade secrets, confidential and proprietary information,
    • to protect employee privacy — against spycams in restrooms, showers, changing areas, etc.)
  •  Clearly define the specific conditions where recording is permissible, e.g.
    • as part of the manufacturing process,
    • customer service quality control,
    •  when specifically relevant to Section 7 of the National Labor Relations Act.[ix]
  • ·Include a formal TSCM inspection schedule (debugging sweep) to show due diligence; important in expectation-of-privacy (spycam) and trade secret cases.
  •  List the types of recordings you want to prohibit.  (audio, video, data)
  •  Make it clear the policy covers everything business-related; on and off premises.
  •  List who may, and under what conditions, create exemptions to the policy.
  •  Review and update the policy periodically.
  •  Keep an acknowledged copy of the latest revision in employees’ personnel files.
  • ·Obtain an acknowledged copy from all visitors.

Tips for Management

As a security manager you must always be diligent when it comes to considering the potential threats to your organization’s data and privacy concerns. Here are some basics:

  •  Assume your discussions are being recorded.
  •  Before proceeding, ask if they are recording. Ask again during the conversation. If they say no and record anyway, well… juries don’t like sneaky liars.
  • Be professional. If you would not say it in a courtroom, don’t say it.
  • Red Flag – When an employee tries to recreate a previous conversation with you.
  • To increase due diligence credibility, have the TSCM debugging inspections conducted by an independent specialist.

Information losses, arbitration hearings and lawsuits are costly and embarrassing. Implementing a policy to mitigate this risk is very inexpensive insurance, and a good business practice. Do it today.

This security report is also available in electronic form with links to make sharing with colleagues easier.

About the Author:

Kevin D. Murray CPP, CISM, CFE is a business counterespionage consultant with over three decades of experience. Feel free to contact him directly with your questions or comments at:

Information about Murray Associates electronic surveillance detection and business counterespionage services is available at:









[viii] Technical Surveillance Countermeasures