Surveillance Act NSW: Key Points For Employers

Workplace surveillance can help you protect people, property and data - but in New South Wales, the rules are strict. If you’re thinking about using CCTV, tracking vehicles, monitoring emails or recording calls, there are specific laws you need to follow before you switch anything on.

In NSW, two laws are particularly important for employers: the Workplace Surveillance Act 2005 (NSW) and the Surveillance Devices Act 2007 (NSW). Together, they set out when and how you can monitor staff, what notice you need to give, and what’s off limits.

In this guide, we’ll break down the essentials in plain English so you can put lawful, fair and transparent systems in place. We’ll also cover practical steps like policy drafting, signage, and handling recorded information - all with the goal of giving you confidence to manage risk and respect your team’s privacy.

What Is The Surveillance Devices Act (NSW) And How Does It Affect Employers?

The Surveillance Devices Act 2007 (NSW) regulates listening devices, optical surveillance devices, tracking devices and data surveillance devices. It applies broadly to individuals and organisations in NSW, including employers.

At a high level, the Act makes it a criminal offence to use a device to monitor a “private” activity or conversation unless you have consent from all parties or a specific legal exception applies. This is especially relevant for audio recording and call monitoring.

Employers also need to consider the Workplace Surveillance Act (covered in the next section), which specifically regulates camera, computer and tracking surveillance of “employees at work.” In practice, you should design your surveillance approach to comply with both laws at the same time.

If you want a broader overview of device rules beyond NSW, it’s helpful to understand Australia-wide recording laws, and - in NSW specifically - the nuances in NSW recording laws around audio and call recordings.

Workplace Surveillance Act 2005 (NSW): Your Obligations At A Glance

The Workplace Surveillance Act 2005 (NSW) governs surveillance of employees “at work” using cameras, computer monitoring and tracking devices. It permits “overt” surveillance with proper notice and signage, and strictly controls “covert” surveillance.

Overt Surveillance - Notice And Transparency

• Written notice: You must give employees at least 14 days’ written notice before overt surveillance starts (unless a shorter period is mutually agreed in writing).
• Clear description: The notice must state the kind of surveillance (camera, computer, tracking), how it will be carried out, when it will start, and whether it is continuous or for a specified period.
• Signage for cameras: If you use CCTV, signs must be clearly visible in the areas under surveillance.
• Computer monitoring: If you monitor email, internet or device activity, this must be explained in your notice and policy (for example, that emails may be logged, stored and reviewed).

Covert Surveillance - Magistrate Authority Only

Covert surveillance (surveillance without an employee’s knowledge) is prohibited unless you have a covert surveillance authority issued by a Magistrate, and only for the purpose of investigating suspected unlawful activity by particular employees. Strict limits apply to how it’s conducted and used.

Where You Cannot Monitor

You must not conduct camera surveillance in bathrooms, change rooms or similar private areas. This is a strict line - even with notice.

Tracking Employees And Vehicles

Tracking devices can only be used with proper written notice (overt surveillance). If you’re tracking company vehicles, be clear about when tracking is on, whether it’s active after hours, and how the data will be used.

Handling Records

Keep surveillance records secure and only use or disclose them for lawful purposes connected to your business (for example, investigating misconduct or safety incidents). It’s a good idea to set clear retention periods that align with your wider data governance practices and consider your obligations under data retention laws.

Can You Record Calls Or Conversations With Staff In NSW?

Audio recording is the area most likely to trip businesses up in NSW. Under the Surveillance Devices Act, recording a “private conversation” is generally prohibited unless all parties consent, or a narrow exception applies (such as where a party records a conversation and it is reasonably necessary to protect their lawful interests).

In practice, if you plan to record calls for training, quality assurance or safety, obtain express consent upfront and tell the person clearly that the call is being recorded. Provide an alternative (for example, “Continue to a non-recorded line” or “Opt out by advising the operator”).

For employees, set out your approach in your workplace surveillance notice and policy, and obtain written acknowledgement. If you record internal meetings, seek agreement from all participants.

For a deeper dive into phone monitoring and what consent looks like in different scenarios, it’s worth reviewing the specific rules around business call recording laws and whether it’s legal to record a phone call when you are a party to the call.

Using CCTV And Monitoring Computers: Practical Rules To Follow

CCTV and computer monitoring are common in workplaces - from retail spaces and warehouses to offices and field operations. Here’s how to stay compliant and practical.

CCTV In The Workplace

• Give the 14‑day notice and install prominent signs in camera zones.
• Avoid prohibited areas (bathrooms, change rooms) and be thoughtful in areas where staff reasonably expect higher privacy (break rooms).
• Limit access to footage to authorised personnel, log access, and set documented retention periods.
• Use footage only for legitimate purposes (safety, security, investigating misconduct) and keep a paper trail if footage supports disciplinary action.

If you are new to cameras at work, this short primer on cameras in the workplace may help, and you can also read a broader overview of CCTV laws in Australia and security camera laws as context.

Computer, Email And Internet Monitoring

• Spell out what you’re monitoring (e.g. email content, email metadata, browsing history, keystrokes, screenshots) and why.
• Explain whether monitoring is continuous or ad hoc and who can review the data.
• Apply the policy consistently, train managers to follow it, and ensure any disciplinary process aligns with your employment contracts and Fair Work obligations.
• For contractors and applicants (who may fall outside the employee records exemption under federal privacy law), ensure your Privacy Policy explains what you collect and why.

BYOD And Remote Work

If staff use their own devices, be explicit about what monitoring applies (if any), what business apps are required, and how company data is managed. Consider separate user profiles, containerisation or Mobile Device Management (MDM) to reduce privacy risks.

Third-Party Vendors

If a security provider, IT vendor or contact centre platform handles surveillance data, ensure your contract includes robust confidentiality, data security and access control clauses. Limit secondary use and require timely deletion on request.

What Should A Compliant Workplace Surveillance Policy Include?

A clear, well-communicated surveillance policy is essential. It helps you meet notice requirements, keeps everyone on the same page, and supports fair, transparent practices. Many employers include their surveillance rules in a broader Employee Privacy Handbook or Workplace Policy suite that sits alongside employment contracts.

Core Elements To Cover

• Scope: What surveillance you use (camera, computer, tracking, audio recording), where it applies, and to whom it applies (employees, contractors, visitors).
• Legal basis: A short, plain-English explanation that the policy is designed to meet the Workplace Surveillance Act 2005 (NSW) and Surveillance Devices Act 2007 (NSW).
• Notice: How and when employees receive notice (including the 14‑day period) and where CCTV signs are posted.
• Purpose: Security, safety, performance, training and compliance purposes - be specific so your use aligns with your stated purposes.
• Call recording: When calls are recorded, how consent is obtained, alternatives for non‑recorded lines, and opt‑out options where practical.
• Access and retention: Who can access footage/data, audit logging, retention timeframes, and secure deletion processes.
• Use and disclosure: When surveillance data may be used in investigations or disciplinary processes and when it may be disclosed to law enforcement or regulators.
• Remote work/BYOD: Expectations around device configuration, monitoring boundaries, and how personal information is protected.
• Review cycle: How often you review the policy and notify staff of changes.

Consultation And Implementation Tips

• Engage early: Let your team know what’s coming and why - transparency builds trust.
• Pilot and refine: Trial your setup in a small area, review results, fix blind spots and update signage.
• Train managers: Make sure leaders understand the limits (e.g. no cameras in private areas, no covert surveillance without authority).
• Document compliance: Keep copies of notices, sign locations, policy acknowledgements and training records.

Key Risks, Penalties And Best-Practice Tips

Breach of NSW surveillance laws can lead to criminal offences, fines and reputational damage. It can also undermine employee relations and jeopardise disciplinary processes if evidence is found to be unlawfully obtained.

Common Pitfalls To Avoid

• Skipping the 14‑day notice: Starting camera or computer monitoring without proper notice is a frequent mistake.
• Audio creep: Accidentally capturing audio with CCTV microphones in “private” conversations can cross legal lines - turn off audio unless you have a clear, lawful basis and consent.
• Monitoring in prohibited areas: Bathrooms, change rooms and similar spaces are never okay for cameras.
• Covert shortcuts: Conducting covert surveillance without a Magistrate’s authority is unlawful, even for serious concerns - follow the proper process.
• Using data for new purposes: If you collect footage for security and then use it for unrelated performance assessments without telling staff, you risk non‑compliance and unfair treatment claims.

Best-Practice Checklist

• Map your surveillance: What devices, where installed, who is monitored, and the specific purposes.
• Draft policy and notices: Align with NSW laws, get senior sign‑off, and issue notices at least 14 days before activation.
• Install signage: Make it obvious in camera zones; regularly check signs are still visible.
• Control access: Restrict who can view footage and logs; keep an audit trail of access and use.
• Set retention limits: Keep data only as long as necessary; align with your Privacy Policy and your internal retention schedule.
• Review vendors: Ensure contracts with CCTV/IT providers include strong confidentiality, security and deletion obligations.
• Refresh regularly: Revisit your approach at least annually, and whenever you change location, systems or work patterns.

If you’re unsure about a particular setup - like audio capture on body‑worn cameras, screen‑recording tools, or expanding monitoring to a new site - it’s sensible to get advice before you proceed. Our team can help you translate the law into a practical, tailored approach that fits your risk profile and culture.

Key Takeaways

• In NSW, the Workplace Surveillance Act and Surveillance Devices Act work together to regulate cameras, computer monitoring, tracking and audio recording in workplaces.
• Overt surveillance requires at least 14 days’ written notice to employees, clear signage for CCTV, and transparent policies describing what’s monitored and why.
• Covert surveillance is prohibited unless you obtain a Magistrate’s authority for suspected unlawful activity involving specific employees.
• Call and audio recording generally requires consent from all parties in NSW - build consent into your call flows and team policies to stay compliant.
• Limit access to footage and logs, set retention periods, and secure data handling across your systems and third‑party vendors.
• A clear policy, consistent practice and periodic reviews will help you manage legal risk and maintain trust with your team.

If you’d like a consultation on workplace surveillance in NSW - including notices, policies and compliant setups - you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no‑obligations chat.