Article: Reforming Workplace Surveillance Law in Victoria: What Does This Mean for Employers?

Introduction

Technology has become central to how employers manage their workforces, particularly following the widespread adoption of remote and hybrid work. Surveillance tools have rapidly evolved, from traditional CCTVs to more advanced methods such as biometric scanning and AI-based analytics.

In response to these complications, on 15 May 2025 the Economy and Infrastructure Committee of the Victorian Parliament (Committee) released a comprehensive report recommending tighter regulations on workplace surveillance practices (Report). The Report found that Victorian laws lack adequate safeguards for transparency, data handling, and worker notification.

Key findings

The Report recognises that there are legitimate reasons for workplace surveillance. Employers consider surveillance a standard element in the workplace to protect company property, assets, and information, as well as to track performance and optimise processes. Other reasons include to ensure occupational health and safety and other obligations are met. Whilst the legitimacy of these uses is not in dispute, the current regulatory landscape is seen as out-of-date.

There is also little consistency between workplace surveillance laws across Australia. Victoria’s laws are embedded in general surveillance legislation, the Surveillance Devices Act 1999 (Vic) and the Privacy and Data Protection Act 2014 (Vic) (PDP Act). In contrast, New South Wales and the Australian Capital Territory (ACT) have dedicated workplace legislation. This inconsistency has led to calls for a clearer, more unified legal approach.

Key recommendations

The Committee made 18 recommendations and 29 findings in the Report. Key recommendations include:

surveillance must be reasonable, necessary, and proportionate to achieving a legitimate objective;
mandatory consultation and notice before implementing new workplace surveillance;
access of the workplace surveillance data;
an obligation that employers have a clear workplace surveillance policy;
covert surveillance only in limited circumstances; and
prohibition on selling surveillance data.

Below we explore four of the most significant recommendations in detail.

Reasonable, necessary, and proportionate surveillance

A central recommendation is the adoption of “principles-based” workplace surveillance legislation. This approach proposes a positive obligation on employers to conduct a risk assessment that any surveillance is reasonable, necessary, and proportionate to achieve a stated legitimate objective. Such assessment would help employers to understand and document the reason for the proposed workplace surveillance and the associated risks, evaluate how intrusive the surveillance might be for workers, and determine whether less intrusive means can be used to achieve the stated objective.

Whether surveillance is considered reasonable and proportionate would depend on the type and extent of the impact it has on workers’ legitimate expectations of privacy, community interests and employers’ ability to run a safe and productive workplace, as well as whether less intrusive alternatives exist to achieve the stated objective.

This approach seeks to ensure a fair balance between employers’ genuine needs for conducting surveillance and protecting workers’ privacy. The same principles of reasonableness, necessity and proportionality underpin Victoria’s PDP Act.

Mandatory consultation and notice

The Report also recommends that the Victorian Government strengthen transparency through mandatory consultation and notice requirements. Employers would be required to consult with workers before introducing new surveillance mechanisms. They would also be required to give workers two weeks’ written notice of new surveillance and disclose how workers’ data will be collected, used and stored. This includes whether the data may be used for performance or disciplinary processes.

Further new employees would be informed of any surveillance that is in place before commencing employment. Covert surveillance should be restricted to cases where an employee is suspected of criminal activity and should require approval by a court or Magistrate.

The Report also recommends that employers be required to develop a workplace surveillance policy that specifies the above information. Employers should provide the policy to employees and reissue it whenever the policy is updated.

Access of workplace surveillance data by employees

Another key shortcoming identified in the current legal framework is the lack of provisions granting employees access to surveillance data collected about them. The Report recommends the Victorian Government include a requirement in new workplace surveillance legislation that employers, upon request by an employee, must give the employee access to workplace surveillance data generated about the employee.

In the ACT, the Workplace Privacy Act 2011 (ACT) requires employers to enable employees access to data generated about them from workplace surveillance upon written request. If an employer refuses, then that data cannot be used in legal proceedings or to take adverse action against the worker.

Appointing a regulator to oversee workplace surveillance

The Report also recommends that the Victorian Government appoint a dedicated regulator to oversee the new workplace surveillance legislation. Possible bodies include the Office of the Victorian Information Commissioner (OVIC) and WorkSafe Victoria. The regulator would be tasked to oversee new workplace surveillance legislation with the power to inspect workplaces, investigate and resolve complaints, and prosecute offences.

Appointing an existing body to regulate workplace surveillance was preferred by many stakeholders in the inquiry, but it ultimately depends on how Victoria’s workplace surveillance laws are framed. If the legislation is framed around privacy principles, then OVIC would be best positioned to enforce them. If the new laws adopt an industrial relations approach, then WorkSafe and the Wage Inspectorate might be best placed to regulate their operation.

WorkSafe Victoria was proposed because of its experience with inspecting workplaces, mediating disputes between employers and employees, and overseeing negotiations in the occupational health and safety area. However, WorkSafe Victoria’s Chief Executive Officer, Joe Calafiore, has said that workplace surveillance does not clearly fit within WorkSafe’s legislative remit.

What This Means for Employers

For Victorian employers, the proposed reforms signal a significant likely shift in obligations and expectations around workplace surveillance.

Broadly, if adopted, these recommendations would place a positive obligation on employers to justify and limit surveillance, engage in consultation with employees and ensure data handling procedures are in place. To prepare, employers should review existing surveillance practices and prepare for potential regulatory oversight and compliance responsibilities.

Conclusion

As workplace surveillance becomes increasingly sophisticated, the legal framework governing the field is likely to evolve in response. Employers need to understand the changing landscapes and stay ahead of the curve.

Adam Colquhoun (Principal) Jolin Chao (Law Clerk) and Baldeep Singh (Law Clerk)

This article is general information only. It is not legal advice. If you need legal advice, please contact us.

ARTICLES

Article: Reforming Workplace Surveillance Law in Victoria: What Does This Mean for Employers?

Article: Reforming Workplace Surveillance Law in Victoria: What Does This Mean for Employers?

Share This Story, Choose Your Platform!

Related Posts

Webinar: Workplace Investigations: The Good, The Bad & The Ugly

In-person Seminar: Cautionary Tales in Employment Law

In-person Seminar: Dismissing Ill or Injured Employees

Article: Catching up on 2024: A Case Law Review

Part Time Employment Lawyer (Senior Associate) – WFH