York

717-845-1524

Bloomsburg

570-784-6770
Make A Payment

York

717-845-1524

Bloomsburg

570-784-6770
Make A Payment

Insights

Yes, You Need to Be Big Brother and You Need To Be Clear How!

Categories : Business Law, General Counsel Corner
June 01, 2026

Written by James Sanders

Companies, boards and executives are under pressure to “do something in AI,” and many vendors are quietly meeting that demand with powerful monitoring and analytics tools. These systems can track keystrokes, mouse movement, app usage, and communications metadata, then feed that data into models that promise productivity gains or risk insights. For many organizations, this level of surveillance would have been unthinkable a few years ago; today it can be deployed with a few clicks in an admin console.

For business leaders, the issue is not whether AI and monitoring tools are useful—they plainly can be—but whether their use is lawful, proportionate, and aligned with the company’s values and risk tolerance. That requires treating AI‑driven monitoring first and foremost as a data‑governance and people‑governance problem, not just an IT upgrade. If left to grow in the shadows, these tools can create litigation, regulatory, and cultural problems that far outweigh any marginal productivity benefit.

The legal risk buckets are familiar, but the way AI amplifies them is new. On the privacy front, businesses must be clear about what they monitor, why they monitor it, and how long they retain it, with disclosures that are specific rather than boilerplate. Employment and labor issues arise when monitoring data is used for discipline, performance management, or terminations, particularly if algorithms produce metrics that disproportionately impact protected groups or are used mechanically without human review. Data governance and cybersecurity risks surface when sensitive employee, customer, or deal information is ingested into third‑party models, potentially outside the company’s control or even its awareness.

So what should you do for your company? A few things to consider:

  • Start with an inventory: identify every monitoring, analytics, and AI tool touching employee or customer data, then classify them by risk level and purpose.
  • Update or create an AI and data‑governance policy that sets boundaries around acceptable uses, training data, retention, and third‑party access.
  • Align your employee handbook, acceptable‑use policy, and key vendor contracts with that framework, including clear language on monitoring and data use. 

Handled thoughtfully, AI‑enabled monitoring can become part of a mature data‑governance program instead of a future litigation exhibit.   Yes, if you are implementing AI, you need to be Big Brother….however, you need to be clear how you are doing it. 

About the Author

James Sanders

James Sanders

Managing Partner

James Sanders is an experienced attorney with a deep and comprehensive knowledge of business law, specializing in mergers and acquisitions. Combining extensive legal expertise with a strong foundation in business strategy, James provides sophisticated and practical counsel tailored to the complex needs of business owners and corporate clients.

Read Full Bio

Share: