Section: What Can Be Done to Protect Privacy?
...Subsection: Ethical Responsibilities of Computer Professionals, Managers, and System Users

Computer professionals designing systems that will contain individual, personal data---as well as managers and users of such systems---should always respect the privacy rights of those individuals. In particular, they should seek to:

• Avoid collecting unnecessary data.
• Allow data access only to authorized persons.
• Make sure the data are accurate.
• Provide individuals with the chance to review data about themselves, and to correct it if needed.
• Don't collect personal information for one purpose and then let it be used for some other purpose, without the consent of the individuals it is about.
• Dispose of the data after a reasonable period of time.

System designers should avoid using social security numbers (SSNs) as keys to databases if it is not necessary. SSNs are a poor choice for a database ID (see Hibbert 1997).

Invasive monitoring of employees by computer may be legal---for the present---but it certainly is not a move designed to foster good employer-employee relations.