ALL Metrics
-
Views
-
Downloads
Get PDF
Get XML
Cite
Export
Track
Research Article

Bridging the Electronic Surveillance Gap: A Comparative Legal Analysis of Workplace Privacy in the Digital Age.

[version 1; peer review: awaiting peer review]
PUBLISHED 30 Jun 2026
Author details Author details
OPEN PEER REVIEW
REVIEWER STATUS AWAITING PEER REVIEW

Abstract

Background

The increasing use of digital technologies in contemporary workplaces has transformed the employment relationship by expanding employers’ capacity to monitor employees through electronic communications, remote work platforms, artificial intelligence tools, biometric systems, keystroke logging, GPS tracking, and internet-use monitoring. These practices raise serious concerns regarding employee privacy, dignity, autonomy, and informational self-determination.

Methods

This article adopts a comparative doctrinal legal methodology. It examines workplace surveillance regulation in the United States, the European Union, particularly under the General Data Protection Regulation, the United Kingdom, and relevant international labour standards. The analysis also considers key judicial developments, including the European Court of Human Rights decision in Bărbulescu v. Romania, to assess how courts balance employer interests against employee privacy rights.

Results

The study finds a significant “electronic surveillance gap” between rapidly developing monitoring technologies and existing legal protections. In the United States, workplace surveillance remains largely shaped by employer property rights and limited privacy expectations, leaving many private-sector employees insufficiently protected. By contrast, the European framework provides stronger safeguards through transparency, lawful basis requirements, data minimisation, and proportionality. However, even the GDPR faces challenges in addressing AI-driven surveillance, remote monitoring, biometric processing, and opaque algorithmic decision-making. The United Kingdom and international labour standards reflect an intermediate approach but still lack comprehensive and technology-neutral safeguards.

Conclusions

The article concludes that current legal frameworks remain fragmented and insufficient to regulate modern workplace surveillance effectively. It recommends legislative reform based on mandatory transparency, meaningful consent or alternative lawful safeguards, proportionality testing, limits on intrusive monitoring, protection of biometric and AI-generated data, and stronger enforcement mechanisms. A coherent, rights-based, and technology-neutral framework is necessary to balance legitimate business interests with fundamental employee privacy rights in the digital.

Keywords

workplace surveillance, employee privacy, GDPR, electronic monitoring, Bărbulescu v. Romania, proportionality principle, biometric data, remote work monitoring, artificial intelligence surveillance, labor law.

1. Introduction

The digital transformation of the workplace has profoundly reconfigured employment relationships in the twenty-first century, enabling employers to exercise unprecedented forms of surveillance over employees. Contemporary monitoring technologies-ranging from keystroke logging systems and biometric analysis tools to artificial intelligence applications capable of predicting worker behavior, as well as real-time GPS tracking-have rendered the modern workplace an environment of pervasive and continuous oversight (Aloisi & Gramano, 2019). However, this rapid technological evolution has significantly outpaced the development of legal frameworks designed to safeguard employee privacy, giving rise to what has been conceptualized in legal scholarship as the “electronic surveillance gap” (Watt, 2009; Fleetwood, 2025).

This gap has been further exacerbated by the COVID-19 pandemic, which accelerated the transition toward remote work and extended employer monitoring into private domestic spaces. As a result, the traditional demarcation between professional and personal spheres has become increasingly blurred, exposing structural deficiencies in existing regulatory regimes that were primarily conceived for conventional workplace environments. These developments raise critical questions regarding the adequacy of current legal protections in addressing the unique risks posed by technologically mediated surveillance.

From a comparative perspective, the regulation of workplace surveillance reveals significant divergence across jurisdictions. The United States predominantly adopts a property-based approach, affording employers broad discretion to monitor employees, particularly in the private sector, with relatively limited legal constraints (Watt, 2009). In contrast, the European Union has developed a rights-based regulatory framework anchored in the General Data Protection Regulation (GDPR), which imposes stringent obligations relating to transparency, purpose limitation, data minimization, and proportionality (Aloisi & Gramano, 2019). Notwithstanding its relative robustness, even the GDPR faces challenges in addressing emerging technologies, particularly those associated with algorithmic management and artificial intelligence.

Against this backdrop, the present study addresses a central research problem: the inadequacy of existing legal and regulatory frameworks in effectively governing contemporary workplace surveillance practices while maintaining an equitable balance between competing interests. The significance of this research lies in its threefold contribution. First, it identifies the specific technological and regulatory deficiencies that render employees vulnerable to intrusive monitoring practices. Second, it critically examines how different legal systems reconcile employer prerogatives-such as productivity, risk management, and information protection-with employees’ fundamental rights to privacy, dignity, and autonomy. Third, it proposes evidence-based recommendations for legislative reform and regulatory best practices.

The study is guided by four principal research questions: (1) What constitutes the “electronic surveillance gap” in contemporary workplace regulation? (2) How do different legal systems—particularly those of the United States, the European Union, and the United Kingdom—regulate workplace surveillance, and what are their respective strengths and limitations? (3) What legal principles have been developed by courts to balance competing interests, and how effective are they in addressing emerging surveillance technologies? and (4) What reforms and safeguards are necessary to ensure effective and proportionate protection of employee privacy while preserving legitimate employer interests?

2. Methodology

This study adopts a doctrinal legal methodology complemented by a comparative analytical approach. It systematically examines primary legal sources, including statutes, regulations, and case law across multiple jurisdictions, with particular emphasis on the United States, the European Union, and the United Kingdom. Core legislative instruments analyzed include the GDPR (Regulation 2016/679), national implementing laws such as Spain’s Ley Orgánica 3/2018, Germany’s Federal Data Protection Act (BDSG), Croatia’s GDPR Implementation Act, the UK Data Protection Act 2018, and the U.S. Electronic Communications Privacy Act.

The case law analysis focuses on leading judicial decisions, notably Bărbulescu v. Romania (2017), alongside jurisprudence from the Court of Justice of the European Union and national data protection authorities. The study further incorporates over 60 peer-reviewed sources (2002–2026), addressing legal, ethical, and technological dimensions of workplace surveillance.

Through comparative evaluation, the research identifies shared principles-particularly proportionality, transparency, and legitimate purpose—while highlighting divergences in regulatory models and enforcement practices, thereby informing context-sensitive legal recommendations.

3. Conceptual framework

3.1. Defining privacy in employment contexts

Privacy within the employment relationship constitutes a complex and multidimensional legal concept encompassing several interrelated dimensions. At its core, workplace privacy refers to the employee’s entitlement to control personal information, to be protected from unjustified intrusions into private activities, and to preserve a sphere of autonomy and dignity within the hierarchical structure of employment (Watt, 2009). However, this notion is inherently contested, as the employment relationship necessarily entails a degree of employer supervision and managerial control.

Doctrinal analysis identifies multiple dimensions of workplace privacy. Informational privacy concerns the collection, processing, storage, and dissemination of employees’ personal data. This dimension lies at the heart of modern data protection regimes, particularly under the GDPR, which confers upon individuals rights of access, transparency, and control over personal data (Aloisi & Gramano, 2019). Spatial privacy relates to the protection of physical areas where individuals reasonably expect freedom from surveillance, such as restrooms or private offices. Decisional privacy encompasses the individual’s freedom to make personal choices-particularly regarding off-duty conduct, political affiliation, and personal relationships-without undue employer interference. Bodily privacy, in turn, addresses protection against physical or biometric intrusions, including health monitoring and biometric data processing.

The concept of a “reasonable expectation of privacy” has emerged as a central analytical standard, particularly within U.S. jurisprudence. This test assesses whether an individual’s expectation of privacy is one that society is prepared to recognize as reasonable, taking into account factors such as workplace policies, the nature of the information, and the degree of intrusion (Watt, 2009). By contrast, the European legal tradition adopts a broader, dignity-based conception of privacy rooted in fundamental rights. Article 8 of the European Convention on Human Rights guarantees respect for private life, which the European Court of Human Rights has extended to workplace contexts, subject to limitations justified in a democratic society (Gumzej & Dragičević, 2019). These protections are further operationalized through the GDPR, which embeds principles such as lawfulness, transparency, proportionality, and data minimization.

3.2. Surveillance and electronic monitoring: Conceptual boundaries

Workplace surveillance encompasses a wide spectrum of practices through which employers observe, record, and analyze employee conduct and communications. Within this broad category, electronic monitoring refers specifically to the deployment of digital technologies for such purposes. Technological advancements have significantly expanded the scope of monitoring practices, now including email and internet surveillance, keystroke logging, screen recording, GPS tracking, biometric authentication systems, AI-driven performance analytics, and video surveillance incorporating facial recognition technologies (Hanif & do Couto, 2025; Chrysochou & Iglezakis, 2018).

Scholarly analysis distinguishes between various forms of monitoring based on their operational characteristics. A fundamental distinction exists between overt and covert monitoring: the former involves transparent practices where employees are informed, whereas the latter occurs without their knowledge, raising heightened legal and ethical concerns and often triggering stricter regulatory scrutiny (Gumzej & Dragičević, 2019). Another distinction is between continuous and targeted monitoring, the former involving pervasive surveillance of the workforce, while the latter is limited to specific individuals based on reasonable suspicion. Additionally, the distinction between content and metadata monitoring differentiates between capturing the substance of communications and collecting transactional data such as timestamps and recipients.

Employers justify surveillance practices on various grounds, including productivity enhancement, quality assurance, regulatory compliance, prevention of misconduct, protection of confidential information, and mitigation of legal risks (Kiser et al., 2010). Nevertheless, surveillance extends beyond mere operational oversight to encompass broader socio-legal implications. Drawing on Foucauldian theory, particularly the notion of the panopticon, scholars have emphasized the disciplinary effects of surveillance, whereby the possibility of constant observation induces self-regulation among employees. This phenomenon of “digital panopticism” fundamentally reshapes workplace dynamics, potentially constraining autonomy, creativity, and collective engagement (Saini, 2025).

3.3. The employment relationship and power asymmetry

The employment relationship is intrinsically characterized by structural power asymmetry, wherein employers possess economic authority, managerial discretion, and control over working conditions, while employees remain economically dependent and subject to organizational discipline. This imbalance has significant implications for the protection of workplace privacy (Yaroshenko et al., 2025; Aloisi & Gramano, 2019).

First, power asymmetry undermines the validity of employee consent as a legal basis for surveillance. Although consent is recognized in many legal systems as legitimizing data processing, its voluntariness within the employment context is highly contested. The GDPR explicitly acknowledges this concern, noting that consent is unlikely to be “freely given” where a clear imbalance exists between the data subject and the controller, as is typical in employment relationships (Komanovics, 2023). Employees may acquiesce to monitoring practices due to implicit or explicit pressures, thereby calling into question the legitimacy of consent-based justifications.

Second, this asymmetry shapes the formulation and implementation of workplace monitoring policies. Employers generally retain unilateral authority to establish such policies, often with limited employee participation or collective bargaining. This dynamic may result in regulatory frameworks that prioritize managerial interests at the expense of employee privacy. Accordingly, scholars advocate for enhanced mechanisms of worker participation, including collective bargaining and consultative processes, to ensure more balanced governance of surveillance practices (Grau, 2019).

Third, while employers possess legitimate managerial prerogatives-such as directing work, evaluating performance, and ensuring workplace discipline-legal systems must delineate the boundary between permissible oversight and excessive surveillance. This is commonly achieved through the application of the principle of proportionality, requiring that monitoring measures be necessary, appropriate, and not excessive in relation to legitimate objectives (Volosevici, 2025).

Finally, the power imbalance affects the practical enforcement of privacy rights. Employees may hesitate to assert legal claims due to fear of retaliation or adverse employment consequences. This underscores the necessity for robust institutional safeguards, including independent supervisory authorities and accessible remedies, to ensure effective protection of employee privacy beyond individual enforcement mechanisms.

4. Legal landscape

The regulation of workplace surveillance reflects markedly different legal philosophies across jurisdictions. In the United States, the prevailing model is shaped by limited federal intervention, fragmented state protections, and strong deference to managerial prerogatives, particularly in private employment. This approach is often described as property-based, since employers are generally permitted to monitor activities conducted on employer-owned premises, devices, and communication systems (Watt, 2009).

Constitutional protection is limited. The Fourth Amendment guards against unreasonable searches and seizures, but it primarily constrains state action rather than private employers. Public employees may invoke some constitutional privacy expectations, yet these are qualified by the government’s operational interests as employer. In O’Connor v Ortega (1987), the Supreme Court acknowledged that public employees may retain a reasonable expectation of privacy in the workplace, but held that work-related searches need only satisfy a reasonableness standard, rather than the stricter requirements of warrant or probable cause.

At the federal statutory level, the principal instrument is the Electronic Communications Privacy Act 1986 (ECPA), comprising the Wiretap Act and the Stored Communications Act. Although the ECPA prohibits intentional interception of electronic communications, its protective value in employment is significantly weakened by broad exceptions. The “ordinary course of business” exception permits employer monitoring for business purposes, while the consent exception authorizes monitoring where one party has consented (Watt, 2009). Judicial interpretation has often given these exceptions a wide scope, leaving many forms of employee monitoring practically permissible. Moreover, the ECPA does not regulate silent video surveillance and remains technologically outdated, having been enacted before the widespread use of internet, mobile, biometric, and algorithmic monitoring tools (Ciocchetti, 2011).

State-level protections partially mitigate these weaknesses. Some states impose two-party consent requirements for recording communications, while others, including Connecticut, Delaware, and New York, require prior notice before certain workplace monitoring practices. Yet such rules usually require notice rather than meaningful consent, and remedies remain limited. Common law privacy actions, especially intrusion upon seclusion, also provide only narrow protection because courts frequently conclude that employees lack a reasonable expectation of privacy in employer-provided systems, particularly where monitoring policies exist. The at-will employment doctrine further weakens resistance to surveillance by allowing termination for a wide range of reasons. Consequently, the U.S. framework remains fragmented and under-protective, especially regarding AI-based surveillance, biometrics, and remote work monitoring (Watt, 2009; Bueckert, 2008).

By contrast, the European Union adopts a rights-based and data-protection-oriented model. The General Data Protection Regulation, Regulation (EU) 2016/679, constitutes the central framework governing workplace monitoring where employee personal data are processed. Although not designed exclusively for employment, the GDPR applies fully to surveillance practices involving employee data and imposes rigorous obligations of legality, transparency, purpose limitation, data minimization, accuracy, storage limitation, confidentiality, and accountability (Aloisi & Gramano, 2019; Komanovics, 2023).

The lawful bases under Article 6 GDPR are especially significant in employment. Consent is generally problematic because Recital 43 recognizes that power asymmetry may prevent consent from being freely given. Employers therefore often rely on contractual necessity, legal obligation, or legitimate interests. The latter requires a balancing assessment between the employer’s interests and the employee’s rights and freedoms (Volosevici, 2025). Article 88 GDPR further permits Member States to adopt more specific employment-related rules, producing national variations. Spain’s Ley Orgánica 3/2018 regulates video surveillance and geolocation; Germany’s BDSG contains detailed rules on employee data processing; and Croatia has adopted specific provisions on workplace video surveillance and administrative penalties (Gumzej & Dragičević, 2019).

Article 22 GDPR is also relevant to algorithmic management, as it protects individuals from decisions based solely on automated processing where such decisions produce legal or similarly significant effects. Nevertheless, its practical effectiveness remains contested because of uncertainty surrounding its scope, exceptions, and application to complex AI-based workplace systems (Aloisi & Gramano, 2019). Employees also benefit from extensive rights of information, access, rectification, erasure, restriction, portability, and objection. Enforcement is entrusted to independent Data Protection Authorities, which may investigate, audit, and impose substantial administrative fines reaching €20 million or 4% of annual global turnover, whichever is higher (Volosevici, 2025).

Following Brexit, the United Kingdom retained a framework largely aligned with the EU model through the UK GDPR and the Data Protection Act 2018. The UK GDPR preserves the core principles, lawful bases, and individual rights of the EU regime, while the Information Commissioner’s Office serves as the national supervisory authority. ICO guidance on worker monitoring stresses that employers must identify a lawful basis, undertake legitimate interests assessments where appropriate, ensure transparency, and demonstrate proportionality. Although the UK has expressed interest in regulatory divergence to reduce business burdens, its continued EU adequacy status limits substantial departures from EU-level protection (Sethi, 2025).

International labour standards provide an additional normative framework. The ILO Code of Practice on the Protection of Workers’ Personal Data (1997) requires that employee data be processed lawfully, fairly, and only for purposes directly relevant to employment. It emphasizes transparency, direct collection where possible, necessity, proportionality, access rights, and limits on continuous surveillance except for health, safety, or property protection. Although non-binding, the Code remains influential. However, it predates modern AI, biometric, and remote surveillance technologies and therefore requires updating to address contemporary workplace realities.

Comparatively, the U.S., EU, and UK frameworks reveal deep philosophical divergence. The U.S. model privileges employer property rights and operational discretion, relying mainly on notice, limited statutes, and difficult private litigation. The EU model treats privacy and data protection as fundamental rights requiring legality, transparency, proportionality, and independent enforcement. The UK remains close to the EU approach, though future divergence remains possible. The most important differences concern consent, proportionality, transparency, enforcement, and technological scope. EU law recognizes the weakness of employee consent, requires proportionality, mandates detailed transparency, and provides technology-neutral protection. U.S. law, by contrast, often accepts implied consent, imposes limited proportionality requirements, and regulates surveillance through fragmented technology-specific rules. These differences demonstrate that effective protection of workplace privacy depends not only on formal legal rules, but also on the underlying legal conception of employment, power, dignity, and the role of law in regulating managerial authority.

5. The electronic surveillance gap

5.1. Regulatory fragmentation and the nature of the gap

The “electronic surveillance gap” denotes the growing disjunction between employers’ technological capacity to monitor workers and the ability of existing legal frameworks to regulate such practices effectively. This gap has been widely identified as a structural weakness in contemporary labour and privacy law (Watt, 2009; Fleetwood, 2025; Bueckert, 2008). It arises, first, from technological obsolescence: many workplace surveillance laws were enacted before the development of the internet, cloud computing, smartphones, algorithmic tools, and remote monitoring systems. The U.S. Electronic Communications Privacy Act of 1986, for example, was designed for telephone and early electronic communications and is poorly adapted to current forms of digital surveillance (Ciocchetti, 2011).

Secondly, the gap is reinforced by regulatory fragmentation. Workplace monitoring is governed through a dispersed body of rules derived from labour law, data protection law, telecommunications law, constitutional law, and tort law. These regimes often operate without sufficient coordination, producing inconsistent protection depending on the technology used, the jurisdiction concerned, the employment sector, and the legal basis invoked (Watt, 2009). Thirdly, sectoral inconsistencies remain significant, since public-sector employees often enjoy stronger privacy protections than private-sector workers, while private-sector protection may vary according to industry, company size, or union representation (Bueckert, 2008).

The problem is further complicated by cross-border employment arrangements, especially where digital platforms or multinational employers monitor workers across jurisdictions. Although the GDPR provides some extraterritorial protection for EU workers, substantial gaps remain for employees in jurisdictions with weaker privacy regimes. Finally, even where formal legal safeguards exist, enforcement deficits persist. Employees may be unaware of their rights, reluctant to complain due to fear of retaliation, or unable to access effective remedies, while regulatory authorities may lack adequate resources or powers (Volosevici, 2025).

5.2. Remote work and telework monitoring

The expansion of remote work, particularly after the COVID-19 pandemic, has exposed the inadequacy of surveillance laws designed for physical workplaces. In conventional settings, monitoring usually occurred within employer-controlled premises. Remote work alters this balance by extending surveillance into the employee’s home, a space traditionally associated with heightened privacy protection.

Three core difficulties arise. First, spatial boundaries become unstable. Monitoring tools used for work purposes may inadvertently capture information about family members, household activities, private possessions, or domestic relationships. Secondly, temporal boundaries become blurred, as continuous monitoring systems may track workers beyond normal working hours, intruding into personal time. This has strengthened arguments for a legally recognized “right to disconnect”, limiting both work-related communications and surveillance outside working hours. Thirdly, existing laws provide insufficient guidance on how to apply principles such as transparency, proportionality, and consent when surveillance takes place inside the home.

Remote monitoring tools now include time-tracking software, productivity applications, keystroke logging, screenshot capture, webcam surveillance, and AI-based activity analysis. Where such technologies operate continuously, they may create a degree of surveillance far exceeding what would ordinarily be acceptable in a physical workplace. The absence of specific legal rules for home-based work surveillance leaves employees exposed to intrusive monitoring with limited practical remedies.

5.3. AI-Based surveillance and algorithmic management

Artificial intelligence has intensified the electronic surveillance gap by enabling employers to collect, process, and interpret vast quantities of worker data. AI-based systems may identify behavioural patterns, predict performance, evaluate productivity, and inform disciplinary or managerial decisions. Their use is particularly problematic because such systems are often opaque and difficult for employees to understand or challenge (Aloisi & Gramano, 2019; Kumar et al., 2026).

Algorithmic management refers to the use of automated systems to allocate tasks, assess performance, monitor productivity, predict misconduct or resignation, analyse facial expressions or voice patterns, and recommend hiring, promotion, or dismissal decisions. These tools raise several legal concerns. The first is opacity and explainability. Many AI systems function as “black boxes”, making it difficult to determine how a particular evaluation or decision was reached. Although Article 22 GDPR protects individuals against solely automated decisions producing legal or similarly significant effects, its practical scope remains contested (Singh et al., 2026; Aloisi & Gramano, 2019).

The second concern is bias and discrimination. AI systems trained on historical data may reproduce or intensify inequalities based on race, gender, age, disability, or other protected characteristics. Yet algorithmic discrimination is often difficult to detect or prove, especially where systems are proprietary. The third concern is the intensity and pervasiveness of AI surveillance. By combining keystrokes, emails, biometric data, application usage, video feeds, and behavioural signals, AI systems may construct detailed profiles of employees, potentially undermining dignity, autonomy, and proportionality. Existing frameworks, including the GDPR, offer partial protection, while the EU AI Act seeks to address high-risk employment systems. In the United States, however, federal regulation of AI workplace surveillance remains largely underdeveloped.

5.4. Biometric data collection

Biometric surveillance-including fingerprints, facial recognition, iris scans, voiceprints, and gait analysis-is increasingly used for authentication, access control, timekeeping, and performance monitoring. Under Article 9 GDPR, biometric data used for unique identification constitutes a special category of personal data subject to heightened protection. Nevertheless, significant regulatory gaps remain.

Facial recognition is particularly controversial. Employers may use it for access control, attendance, or continuous monitoring, while some systems analyse facial expressions to infer emotional states or engagement. Such uses raise concerns regarding accuracy, especially for individuals with darker skin tones; consent, given the imbalance of power in employment; function creep, where data collected for one purpose is used for another; and dignity, since constant biometric analysis may be experienced as dehumanizing.

Legal protection varies substantially. Under the GDPR, processing biometric data requires a specific lawful basis, but employee consent is often problematic. Some U.S. states, including Illinois, Texas, and Washington, have enacted biometric privacy laws requiring notice and consent, though their scope and enforcement differ. Regulatory weaknesses remain in relation to biometric security standards, retention and deletion duties, transparency obligations, and continuous biometric monitoring.

5.5. Keystroke logging and desktop monitoring

Keystroke logging records every key pressed by an employee, while desktop monitoring may capture screenshots, application usage, internet activity, and mouse movements. These tools allow highly granular and continuous surveillance of computer use. Although they may serve legitimate purposes, such as investigating misconduct or ensuring cybersecurity, their continuous deployment creates substantial privacy risks (Watt, 2009).

Keystroke logging may capture passwords, personal communications, medical information, financial data, and confidential information unrelated to work. It therefore eliminates any meaningful zone of privacy, even during short personal activities or breaks. Regulation remains limited. In the United States, the ECPA’s business-use exception often permits such monitoring, while some state laws require notice but not consent. In the EU, GDPR principles of lawful basis, transparency, and proportionality apply, although enforcement is uneven.

Key gaps include the absence of a clear distinction between targeted monitoring based on reasonable suspicion and indiscriminate continuous monitoring; insufficient protection for personal communications during work; inadequate transparency; and limited remedies for excessive monitoring (Watt, 2009; Kiser et al., 2010).

5.6. Email, internet monitoring, and geolocation

Email and internet monitoring remain among the most common forms of workplace surveillance. In the United States, the ECPA’s consent and business-use exceptions generally allow monitoring on employer systems, particularly where employees have received notice. However, uncertainties persist regarding personal accounts accessed on work devices, bring-your-own-device arrangements, and the distinction between metadata and content (Watt, 2009).

In Europe, Bărbulescu v. Romania established that employees retain a reasonable expectation of privacy in workplace communications and that monitoring must be notified in advance, pursue a legitimate aim, and satisfy proportionality. Yet implementation differs across Member States, leaving unresolved questions about permissible scope (Komanovics, 2023). New concerns also arise from AI-based content analysis and natural language processing.

GPS tracking similarly raises acute privacy concerns. While employers may legitimately monitor location during working hours for safety, logistics, or performance verification, tracking outside work may reveal sensitive information about religion, health, political activity, or personal relationships. Under GDPR principles, geolocation must be lawful, transparent, proportionate, and limited in duration and purpose. However, regulatory gaps persist regarding off-duty tracking, function creep, data retention, and the special sensitivity of location data.

6. Employee rights and employer interests in workplace surveillance

6.1. Employee rights: Privacy, dignity, and informational self-determination

Workplace surveillance directly implicates a set of fundamental employee rights, foremost among them the right to privacy, which is firmly entrenched in international and regional legal instruments, including Article 8 of the European Convention on Human Rights and Article 7 of the EU Charter of Fundamental Rights. Although the scope of privacy within employment contexts is necessarily attenuated compared to private life, jurisprudence and scholarship consistently affirm that employees retain a legitimate expectation of privacy in the workplace (Gumzej & Dragičević, 2019).

Closely intertwined with privacy is the right to human dignity, a foundational principle across numerous constitutional systems. For instance, Article 1 of the German Basic Law enshrines the inviolability of human dignity. Excessive or intrusive surveillance may undermine this principle by reducing employees to objects of managerial control, fostering environments of mistrust, and disregarding individual autonomy. Notably, national implementations of European data protection law, such as the Croatian GDPR Implementation Act, explicitly require that workplace monitoring respect employee dignity (Park et al., 2026; Gumzej & Dragičević, 2019).

The concept of informational self-determination, rooted in German constitutional jurisprudence, further reinforces employee protections. It denotes the individual’s right to control the collection, processing, and dissemination of personal data. This principle is operationalized under the GDPR through a comprehensive framework of rights, including access, rectification, erasure, restriction, portability, and objection, thereby enabling employees to exercise a degree of control over their personal information even within hierarchical employment relationships (Howe et al., 2026, p. X; Aloisi & Gramano, 2019).

Equally critical are procedural guarantees, which underpin the effectiveness of substantive rights. Employees are entitled to prior notification of surveillance practices, participation-where applicable-in consultative mechanisms such as collective bargaining, access to personal data, and the ability to challenge unlawful or inaccurate processing. The strength of these procedural safeguards often determines the practical enforceability of privacy protections (Volosevici, 2025).

In addition, the emerging right to disconnect reflects evolving labor realities, particularly in digitally mediated work environments. By safeguarding employees’ ability to disengage from work-related communications outside working hours, this right-first codified in France in 2017-addresses the erosion of temporal boundaries between professional and private life in the context of remote monitoring.

6.2. Employer interests: Security, productivity, and liability

Against these rights, employers assert a range of legitimate interests that may justify monitoring practices. Security and loss prevention constitute primary concerns, encompassing the protection of physical assets, confidential information, and cybersecurity infrastructure, as well as the prevention of theft and industrial espionage. These objectives are widely recognized as legitimate, although the proportional scope of surveillance required to achieve them remains contested (Sosa Navarro, M. 2026; Kiser et al., 2010).

Employers also invoke productivity and performance management rationales, arguing that monitoring facilitates efficiency, objective evaluation, and identification of training needs. However, critical scholarship questions whether continuous or invasive monitoring is necessary to achieve such goals, suggesting that less intrusive alternatives may suffice.

Further justification arises from legal compliance and liability mitigation. Employers may be obligated to monitor certain activities to comply with sector-specific regulations or to prevent liability arising from employee misconduct, including harassment, discrimination, or data breaches. In this sense, surveillance may function as both a preventive and evidentiary tool (Kiser et al., 2010).

Additional legitimate interests include quality control, particularly in service-oriented sectors such as call centers, and evidence gathering in the investigation of suspected wrongdoing. Nevertheless, these interests are not absolute. Legal doctrine emphasizes that not all employer claims are equally compelling, and some may be disproportionate or pretextual. The mere existence of a potential benefit does not automatically justify intrusive monitoring (Aloisi & Gramano, 2019).

6.3. The balancing test

Given the inherent tension between employee rights and employer interests, legal systems have developed balancing frameworks to assess the lawfulness of workplace surveillance. These frameworks recognize that neither privacy rights nor managerial prerogatives are absolute, and that permissibility depends on contextual evaluation.

Under the GDPR, the legitimate interests basis (Article 6(1)(f )) requires a tripartite assessment: (1) the existence of a legitimate interest pursued by the employer; (2) the necessity of the processing for achieving that interest; and (3) a balancing of interests to determine whether employee rights override the employer’s objectives (Volosevici, 2025).

Similarly, the European Court of Human Rights has articulated a structured balancing approach in its Article 8 jurisprudence. In Bărbulescu v. Romania (2017), the Grand Chamber established a multi-factor test considering prior notification, the scope and intrusiveness of monitoring, the legitimacy of the employer’s reasons, the availability of less intrusive alternatives, the consequences for the employee, and the presence of adequate safeguards (Komanovics, 2023).

National data protection authorities have applied these principles rigorously. For instance, the Romanian authority has identified violations where monitoring lacked clear justification, exceeded necessity, or failed to ensure transparency and employee consultation (Volosevici, 2025).

Despite its flexibility, the balancing approach has attracted criticism. Scholars argue that it may inadequately protect employees due to structural power imbalances and the inherent subjectivity of balancing tests. Conversely, proponents contend that such flexibility is essential to accommodate diverse workplace contexts and rapidly evolving technologies.

6.4. The principle of proportionality

The principle of proportionality constitutes a cornerstone of European legal analysis and increasingly influences global regulatory approaches. It requires that surveillance measures satisfy three cumulative criteria:

Suitability: the measure must be capable of achieving the intended objective;

Necessity: no less intrusive alternative should be reasonably available;

Proportionality stricto sensu: the benefits must outweigh the harm to employee rights.

In practice, proportionality has generated key normative guidelines. Continuous and indiscriminate monitoring is generally deemed excessive, whereas targeted surveillance based on reasonable suspicion is more likely to be permissible. Covert monitoring is allowed only in exceptional circumstances, such as serious misconduct investigations, and subject to strict safeguards. Monitoring in highly sensitive areas is typically prohibited (Gumzej & Dragičević, 2019).

Regulatory practice confirms these principles. Authorities in the Czech Republic, Croatia, and Germany have consistently emphasized limitations on scope, duration, and purpose, rejecting generalized or unjustified monitoring practices (Šmejkal, 2019; Gumzej & Dragičević, 2019).

6.5. The legitimate purpose doctrine

Finally, the legitimate purpose doctrine requires that surveillance be grounded in clearly defined, explicit, and lawful objectives, in accordance with the GDPR’s purpose limitation principle (Article 5(1)(b)). Legitimate purposes may include security, legal compliance, misconduct prevention, quality assurance, and performance evaluation. However, such purposes must be genuine, specific, and proportionate.

A central concern is function creep, whereby data collected for one purpose is repurposed for incompatible uses. Such practices violate core data protection principles unless supported by an independent legal basis. Accordingly, regulatory authorities emphasize the necessity of prior documentation and justification of surveillance purposes, as well as continuous evaluation of their legitimacy (Bueckert, N. 2009; Volosevici, 2025).

7. Case law analysis

7.1. European court of human rights: Bărbulescu v. Romania

The judgment of the European Court of Human Rights in Bărbulescu v. Romania (Application no. 61496/08, Grand Chamber, 5 September 2017) represents a landmark development in the legal regulation of workplace surveillance. The case concerned the dismissal of an employee following employer monitoring of Yahoo Messenger communications, which revealed personal use in violation of internal policies prohibiting non-work-related activity.

The Grand Chamber held that Romania had violated Article 8 of the European Convention on Human Rights, emphasizing that domestic courts had failed to strike a fair balance between the employee’s right to privacy and the employer’s interests. Crucially, the Court affirmed that employees retain a reasonable expectation of privacy in workplace communications, even when employer-owned systems are used and even where internal policies restrict personal use.

To operationalize Article 8 compliance, the Court articulated a six-factor proportionality test:

Prior notification: Employees must be clearly and expressly informed in advance of the nature, scope, and purposes of monitoring.

Extent of intrusion: A distinction must be drawn between metadata monitoring and content inspection, the latter constituting a more severe interference.

Legitimate justification: Employers must demonstrate specific and genuine reasons for monitoring beyond abstract claims of efficiency or security.

Availability of less intrusive means: Authorities must assess whether alternative, less privacy-invasive measures could achieve the same objectives.

Consequences for the employee: The severity of sanctions—such as dismissal—requires heightened scrutiny.

Adequate safeguards: Effective procedural guarantees must exist, including restricted data access and the opportunity for employee response.

The Court concluded that Romanian courts had inadequately applied these criteria, particularly by failing to assess less intrusive alternatives and the proportionality of the monitoring measures. The decision has since exerted significant influence across European jurisdictions, reinforcing the application of Article 8 protections within employment contexts and embedding principles of proportionality, transparency, and procedural fairness (Komanovics, 2023; Ásványi, 2022).

7.2. Additional ECHR Jurisprudence: Köpke, Antović, and López Ribalda

Subsequent case law from the European Court of Human Rights has further elaborated the principles established in Bărbulescu.

In Köpke v. Germany (Application no. 420/07, 5 October 2010), the Court upheld covert video surveillance of an employee suspected of theft, finding no violation of Article 8. The surveillance was justified by reasonable suspicion of serious misconduct, was temporally limited, spatially targeted, and accompanied by post hoc procedural safeguards. This decision confirms that covert monitoring may be permissible in exceptional circumstances, provided it remains strictly proportionate.

Conversely, in Antović and Mirković v. Montenegro (Application no. 70838/13, 28 November 2017), the Court found a violation of Article 8 in relation to video surveillance of university professors in offices and classrooms. The surveillance lacked sufficient justification and failed to demonstrate that less intrusive alternatives were unavailable. The ruling underscores the heightened protection afforded to spaces where employees maintain stronger privacy expectations.

Similarly, in López Ribalda and Others v. Spain (Applications nos. 1874/13 and 8567/13, Grand Chamber, 17 October 2019), the Court upheld covert surveillance of employees suspected of theft, emphasizing proportionality, limited scope, and the existence of safeguards. However, the case generated significant judicial dissent, reflecting ongoing doctrinal tension regarding the permissible limits of covert surveillance.

Collectively, these decisions establish that workplace surveillance must be targeted, justified, proportionate, and procedurally safeguarded, with covert monitoring reserved for exceptional cases involving serious misconduct (Gumzej & Dragičević, 2019).

7.3. Court of Justice of the European Union

Although the Court of Justice of the European Union has not issued a comprehensive ruling specifically addressing workplace surveillance, its jurisprudence provides essential interpretative guidance under the General Data Protection Regulation (GDPR).

In Ryneš v. Úřad pro ochranu osobních údajů (Case C-212/13, 11 December 2014), the Court confirmed that video recordings constitute personal data and are therefore subject to data protection principles, including lawfulness, proportionality, and purpose limitation. These principles are directly applicable to workplace surveillance practices.

In Leistritz AG v. LH (Case C-534/20, 22 June 2022), the Court addressed the protection of Data Protection Officers under Article 38(3) GDPR, emphasizing the need for independence and effective remedies. While not directly concerned with monitoring practices, the decision reinforces institutional safeguards essential for lawful workplace data processing (Fusco, A. 2018; Chinea, 2022).

Despite these contributions, the absence of a unified CJEU doctrine on workplace surveillance leaves interpretative uncertainties regarding the application of GDPR principles in employment contexts (Komanovics, 2023).

7.4. National data protection authority practice

Decisions issued by national Data Protection Authorities (DPAs) across Europe provide practical elaboration of GDPR compliance requirements.

The Romanian DPA has identified recurrent violations, including excessive monitoring, lack of transparency, inadequate legitimate interest assessments, and insufficient access controls. It emphasizes structured compliance frameworks and transparent policies (Volosevici, 2025).

The Czech authority (UOOU) has held that indiscriminate monitoring is inherently disproportionate, rejecting employee consent as a valid legal basis where power imbalances exist. It further mandates adherence to data minimization, limiting monitoring to necessary and targeted measures (Šmejkal, 2019).

The Spanish Data Protection Agency (AEPD) requires prior notification and strict proportionality, supported by national legislation such as Ley Orgánica 3/2018. German authorities similarly impose stringent requirements grounded in both GDPR and constitutional protections, generally prohibiting continuous or covert monitoring absent exceptional justification.

The Croatian DPA has emphasized that monitoring solely for productivity purposes is insufficient, stressing the protection of employee dignity under Article 22 GDPR (Gumzej & Dragičević, 2019).

These administrative decisions collectively reinforce a coherent European approach grounded in transparency, proportionality, data minimization, and fundamental rights protection.

7.5. United states case law

In contrast, U.S. jurisprudence adopts a markedly less protective approach toward employee privacy.

In O’Connor v. Ortega, 480 U.S. 709 (1987), the Supreme Court recognized a limited expectation of privacy for public employees but subjected workplace searches to a reasonableness standard rather than warrant requirements. This protection does not extend to the private sector.

Under the Electronic Communications Privacy Act (ECPA), courts have broadly interpreted exceptions—particularly the “business use” and “consent” exceptions—to permit extensive employer monitoring. Employees are generally deemed to lack a reasonable expectation of privacy when using employer-provided systems, especially where monitoring policies are in place.

State law claims based on invasion of privacy are similarly constrained by judicial reluctance to recognize privacy expectations in workplace contexts and by the at-will employment doctrine.

Overall, U.S. case law reflects a property-based, employer-centric model, in stark contrast to the rights-based European framework that prioritizes employee privacy and dignity (Watt, 2009; Ciocchetti, 2011).

Comparative case law reveals a fundamental divergence between European and U.S. approaches. While European jurisprudence embeds workplace surveillance within a robust human rights framework governed by proportionality and procedural safeguards, U.S. law remains largely deferential to employer prerogatives. This divergence underscores the need for harmonized legal standards capable of addressing emerging surveillance technologies within a rights-sensitive regulatory paradigm.

8. Recommendations for closing the electronic surveillance gap

8.1. Legislative reform: Toward comprehensive statutory frameworks

Addressing the electronic surveillance gap necessitates comprehensive and forward-looking legislative reform. Scholars across jurisdictions consistently advocate for the adoption of dedicated statutory frameworks specifically regulating workplace surveillance (Watt, 2009; Bueckert, 2008; Fleetwood, 2025).

A central recommendation concerns the enactment of uniform national legislation, capable of harmonizing protections and ensuring legal certainty. As argued by Watt (2009), national-level statutes can standardize remedies and regulatory limits, thereby overcoming fragmented and inconsistent protections. This is particularly relevant in jurisdictions such as the United States, where the current patchwork of federal and state laws produces uneven safeguards. Comprehensive legislation should establish minimum standards, including requirements of prior notice, lawful basis, proportionality, and effective remedies.

In parallel, sector-specific regulations may be warranted to address contextual particularities. Bueckert (2008) emphasizes the need for differentiated regulatory regimes reflecting the operational realities of specific industries. For instance, surveillance in healthcare must reconcile employee monitoring with patient confidentiality, whereas financial sectors must accommodate regulatory compliance obligations. Sectoral frameworks thus allow for tailored protections without undermining overarching principles.

Legislative models should further adopt a technology-neutral approach, ensuring durability in the face of rapid technological evolution. As exemplified by the GDPR, such frameworks rely on general principles—transparency, purpose limitation, and data minimization—applicable irrespective of the technology employed. Nevertheless, this generality should be complemented by targeted guidance addressing high-risk or novel surveillance practices.

Importantly, legislation must incorporate explicit prohibitions on particularly intrusive practices, including continuous indiscriminate monitoring absent compelling justification, covert surveillance except in cases of serious misconduct supported by reasonable suspicion, and monitoring in sensitive or private spaces. Additionally, restrictions should extend to surveillance outside working hours and the deployment of biometric or emotion-recognition technologies without stringent safeguards.

Finally, robust procedural requirements are essential. Employers should be legally obliged to conduct privacy impact assessments, consult employees or their representatives, provide advance and transparent notice, adopt formal surveillance policies, and implement adequate technical and organizational safeguards.

8.2. Best practices for employers

While legislative reform remains indispensable, employers bear an independent responsibility to adopt best practices exceeding minimum legal thresholds.

A foundational measure is the systematic use of privacy impact assessments (PIAs) prior to the deployment of surveillance technologies. These assessments should identify categories of personal data processed, evaluate necessity and proportionality, consider less intrusive alternatives, and document the legal justification for monitoring practices (Volosevici, 2025).

Employers should further operationalize the principle of proportionality, ensuring that surveillance remains strictly limited to legitimate objectives. This entails prioritizing targeted over continuous monitoring, favoring metadata over content analysis, restricting monitoring duration, and periodically reassessing its necessity.

Transparency obligations must be rigorously implemented. Employees should receive clear, accessible, and comprehensive information regarding monitoring practices, including data types collected, purposes, retention periods, and access rights (Volosevici, 2025).

Moreover, organizations should establish clear and enforceable internal policies, developed—where feasible—in consultation with employees. These policies should define permissible monitoring practices, procedural safeguards, and consequences of misuse.

Complementary measures include training programs for managerial staff to ensure compliance with legal standards and ethical principles, and the implementation of technical safeguards, such as encryption, access controls, audit mechanisms, and data minimization techniques.

8.3. Transparency obligations

Transparency constitutes a cornerstone of effective privacy protection. It enables employees to understand, assess, and exercise their rights in relation to workplace surveillance.

First, advance notice must be provided prior to the commencement of monitoring. Such notice should be specific, detailed, and communicated in clear language, outlining the scope, purpose, and duration of surveillance activities (Komanovics, 2023).

Second, transparency must be continuous rather than episodic. Employers should provide ongoing updates, including notifications of changes in monitoring practices, periodic reporting, and accessible channels for employee inquiries.

Third, employees should be granted meaningful access rights, including the ability to obtain information on collected data, its use, and any disclosures to third parties. While subject to legitimate limitations, these rights should be interpreted broadly in favor of employee access.

Finally, employers should comply with documentation obligations, maintaining records of impact assessments, policies, and employee notifications, subject to review by supervisory authorities and, where appropriate, employee representatives.

8.4. Consent and collective bargaining

The role of consent in workplace surveillance remains contested due to inherent power imbalances within employment relationships. Where relied upon, consent must be freely given, informed, specific, and revocable. However, given the structural constraints on employee autonomy, consent should not serve as the primary legal basis for routine monitoring (Komanovics, 2023).

Collective bargaining mechanisms offer a more balanced alternative. Negotiation through unions or works councils can enhance legitimacy and ensure stronger safeguards (Grau, 2019). Accordingly, legislative frameworks should mandate consultation with employee representatives and encourage collective determination of surveillance policies.

In certain contexts, opt-out rights may be appropriate, particularly where monitoring is not essential to the employment relationship, such as in the use of personal devices or monitoring during non-working periods.

8.5. Enforcement mechanisms and remedies

Effective enforcement is indispensable for translating legal norms into practical protection.

Regulatory oversight should be entrusted to independent data protection authorities, equipped with investigatory powers, audit capabilities, and the authority to impose binding orders and significant sanctions. The GDPR model provides a valuable, albeit imperfect, reference point (Volosevici, 2025).

Additionally, employees should benefit from private rights of action, including injunctive relief, compensatory and statutory damages, and legal costs. Such mechanisms complement regulatory enforcement and enhance accountability.

Strong anti-retaliation protections are equally essential to safeguard employees exercising their rights. Legal frameworks must prohibit adverse actions against individuals who challenge unlawful surveillance or participate in proceedings.

Finally, collective remedies, including class actions and representative complaints, are necessary to address systemic violations more effectively than individual litigation.

8.6. Technology-specific regulation

Although general principles should remain technology-neutral, certain high-risk technologies necessitate targeted regulation.

In relation to artificial intelligence and algorithmic management, legal frameworks should require transparency, explainability, human oversight, and safeguards against discriminatory outcomes. The proposed EU AI Act offers a relevant model.

With respect to biometric data, heightened protections are required due to its sensitivity and permanence. These should include strict purpose limitation, enhanced security, and prohibitions on invasive applications such as emotion detection.

For remote work monitoring, regulations must delineate clear boundaries between professional and private spheres, prohibiting monitoring in private spaces and outside working hours.

Finally, geolocation tracking should be strictly limited to legitimate work-related purposes, subject to transparency obligations and stringent data retention limits.

This integrated framework—combining legislative reform, administrative best practices, and technology-specific safeguards—offers a coherent pathway toward closing the electronic surveillance gap while preserving the balance between employer interests and fundamental employee rights.

9. Conclusion

The “electronic surveillance gap” constitutes a central and urgent challenge within contemporary labor and data protection law. As technological innovations have enabled increasingly intrusive, continuous, and granular monitoring of employees, existing legal frameworks have proven insufficient to safeguard privacy and dignity in the workplace. This study has identified the structural dimensions of this gap, examined comparative regulatory approaches, and assessed the complex interplay between employee rights and employer interests, while advancing targeted proposals for reform.

The comparative analysis demonstrates a clear divergence in regulatory philosophies. The United States continues to rely predominantly on a property-based model, affording employers broad discretion to monitor employees with limited legal constraints, thereby leaving significant deficiencies in privacy protection within the private sector (Watt, 2009). In contrast, the European Union has developed a rights-oriented framework grounded in the General Data Protection Regulation (GDPR), which emphasizes transparency, proportionality, and the protection of privacy as a fundamental right (Aloisi & Gramano, 2019). Nevertheless, even this advanced framework encounters limitations in addressing emerging surveillance technologies, particularly those driven by artificial intelligence, biometric identification, and remote monitoring practices.

The analysis further highlights specific domains where regulatory intervention is urgently required, including remote work surveillance extending into private spaces, opaque algorithmic management systems, the processing of sensitive biometric data, and comprehensive digital monitoring practices such as keystroke logging, geolocation tracking, and electronic communications surveillance. Judicial developments—most notably the European Court of Human Rights’ decision in Bărbulescu v. Romania (2017)—have articulated key principles, including the preservation of reasonable expectations of privacy, the necessity of transparency, and the application of proportionality and procedural safeguards. However, the implementation and effectiveness of these principles remain uneven across jurisdictions.

Achieving an equitable balance between employee rights and employer prerogatives requires a principled legal framework grounded in proportionality, whereby monitoring practices must be necessary, appropriate, and not excessive in relation to legitimate objectives. Employees’ rights to privacy, dignity, and informational self-determination must be effectively protected, while recognizing employers’ legitimate interests in productivity, security, and compliance.

Accordingly, closing the surveillance gap necessitates comprehensive and multi-layered reform. Legislative frameworks must evolve toward technology-neutral standards, reinforced by clear substantive limitations on intrusive practices and robust procedural safeguards. Enhanced transparency obligations, meaningful employee participation—particularly through collective mechanisms—and effective enforcement structures, including independent regulatory oversight and access to remedies, are essential. Moreover, tailored regulatory responses must address the unique risks associated with AI-driven systems and digital monitoring technologies.

Ultimately, the challenge is not to eliminate workplace surveillance, but to ensure that it operates within a coherent legal framework that upholds fundamental rights and human dignity. As digitalization continues to transform employment, the development of balanced, rights-respecting regulatory models remains both necessary and achievable through informed, comparative, and forward-looking legal design.

Ethical approval and consent

Ethical approval and consent were not required for this study as it is based exclusively on legal and doctrinal analysis of publicly available materials.

Comments on this article Comments (0)

Version 1
VERSION 1 PUBLISHED 30 Jun 2026
Comment
Author details Author details
Competing interests
Grant information
Copyright
Download
 
Export To
metrics
Views Downloads
F1000Research - -
PubMed Central
Data from PMC are received and updated monthly.
- -
Citations
CITE
how to cite this article
Mahdy E, Mosselhi A, Yassine C et al. Bridging the Electronic Surveillance Gap: A Comparative Legal Analysis of Workplace Privacy in the Digital Age. [version 1; peer review: awaiting peer review]. F1000Research 2026, 15:1026 (https://doi.org/10.12688/f1000research.182428.1)
NOTE: If applicable, it is important to ensure the information in square brackets after the title is included in all citations of this article.
track
receive updates on this article
Track an article to receive email alerts on any updates to this article.

Open Peer Review

Current Reviewer Status:
AWAITING PEER REVIEW
AWAITING PEER REVIEW
?
Key to Reviewer Statuses VIEW
ApprovedThe paper is scientifically sound in its current form and only minor, if any, improvements are suggested
Approved with reservations A number of small changes, sometimes more significant revisions are required to address specific details and improve the papers academic merit.
Not approvedFundamental flaws in the paper seriously undermine the findings and conclusions

Comments on this article Comments (0)

Version 1
VERSION 1 PUBLISHED 30 Jun 2026
Comment
Alongside their report, reviewers assign a status to the article:
Approved - the paper is scientifically sound in its current form and only minor, if any, improvements are suggested
Approved with reservations - A number of small changes, sometimes more significant revisions are required to address specific details and improve the papers academic merit.
Not approved - fundamental flaws in the paper seriously undermine the findings and conclusions
Sign In
If you've forgotten your password, please enter your email address below and we'll send you instructions on how to reset your password.

The email address should be the one you originally registered with F1000.

Email address not valid, please try again

You registered with F1000 via Google, so we cannot reset your password.

To sign in, please click here.

If you still need help with your Google account password, please click here.

You registered with F1000 via Facebook, so we cannot reset your password.

To sign in, please click here.

If you still need help with your Facebook account password, please click here.

Code not correct, please try again
Email us for further assistance.
Server error, please try again.