Ukraine is discussing clearer rules for employee monitoring that could be embedded in the draft of a new Labor Code. The idea is to move common workplace controls out of a grey zone and define what is allowed, how workers must be informed, and where the red lines are.
For investors and operators, this is less about surveillance for its own sake and more about risk management: protecting client data, preventing internal leaks, and setting evidence standards when incidents happen, while avoiding privacy violations that can trigger disputes and reputational damage.
What is being discussed
The draft approach described by employer representatives includes a hybrid set of tools: video surveillance at workplaces, monitoring of corporate correspondence, and productivity trackers that can record mouse and keyboard activity or capture screen snapshots. The same discussion also highlights safeguards: monitoring should apply to employer-provided channels, not personal devices or private accounts.
Another expected element is mandatory transparency. Employees may need to receive clear written information about what is monitored, for what purpose, how long data is stored, and that it is not transferred to third parties. In some setups, written consent could be required.
Who is most likely to be affected
Monitoring is not expected to be universal. The logic points to roles and sectors that handle confidential, commercial, or client data such as IT, logistics, finance operations, customer support, and back-office functions with access to sensitive databases.
Physical no-go zones are also part of the discussion: cameras and monitoring tools should not be placed in toilets, locker rooms, showers, or medical rooms.
Business implications and how to prepare
Companies that rely on data security will likely treat the new rules as a governance upgrade: formal policies, documented employee notices, and standardized access controls. At the same time, the use of AI for analyzing monitoring data raises new compliance questions, even if final HR decisions are expected to remain with humans.
Practical preparation steps include mapping sensitive workflows, limiting monitoring to specific risks, separating corporate and personal channels, and setting strict retention and access controls. A clear process for handling refusals is also critical, because refusal to consent may become a hiring friction point in monitored roles.
Investor view: drivers, risks, opportunities
- Drivers: higher cyber risk, remote and hybrid work, increased value of customer data and trade secrets.
- Risks: privacy disputes, weak internal controls, data leaks from monitoring archives, reputational damage if policies are abused.
- Opportunities: demand for compliance frameworks, secure access infrastructure, and privacy-by-design tooling for Ukrainian enterprises.
