Americans with Disabilities Act

Covers workplace surveillance that involves:

Wellness programs that do not accommodate a worker's disability

AI used in employment decisions (AI may discriminate against individuals with disabilities)

Electronic Communications Privacy Act of 1986

Prohibits an employer from deliberately intercepting the oral or electronic communications of employees without legitimate business purpose (necessitated law enforcement or relevant statute) or consent by at least one of the parties.

Surveillance must be performed with an electronic device

Eavesdropping does not count

Two party consent states (both parties being recorded must consent to recordings): California, Connecticut, Delaware, Florida, Hawaii, Illinois, Kansas, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania, Utah, and Washington.

Employee Polygraph Protection Act (EPPA)

Prohibits lie detector tests on employees.

Fair Labor Standards Act (FLSA)

Covers wage concerns.

According to the Department of Labor, the use of AI and automated systems could lead to a violation of the FLSA regarding hours worked, wages owed, or lactation breaks.

Fair Credit Reporting Act (FCRA)

Protects against some cases of workplace surveillance that use AI or algorithms in decision processes.*

*According to Consumer Financial Protection Circular 2024-06.

Federal Family and Medical Leave Act (FMLA)

According to the Department of Labor, the use of AI and automated systems could lead to violations "regarding an employee's eligibility or certification for protected leave."

Genetic Information Non-Discrimination Act (GINA)

Prohibits genetic discrimination

Applies in cases attempting to obtain genetic information for discriminatory purposes.

National Labor Relations Act

Protects nonmanagerial employees who engage in concerted activity over terms and conditions of employment.

Protecting rights to organize, seek better working conditions, and negotiations.

Occupational Safety and Health Act (OSH) Act

OSHA asserts that workers have the right to refuse dangerous work conditions.

This act, therefore, applies to any surveillance technologies that interfere with safety and health of working conditions.

Providing Urgent Maternal Protections for Nursing Mothers (PUMP) Act

Puts in place policies that protect the right for nursing mothers to pump in the workplace and the associated breaks needed to engage in this activity.

Title VII of the Civil Rights Act

Covers discrimination as a result of the use of AI systems, including for employment decisions

DOL Wage and Hour Division issued its Field Assistance Bulletin No. 2024-1

AI use by employers without "responsible human oversight" may lead to Fair Labor Standards Act violations or Family and Medical Leave Act violations.

CFPB Takes Action to Curb Unchecked Worker Surveillance

Published 2024

Makes explicit the need for employers to follow the Fair Labor Standards Act when using AI/algorithmic systems in the workplace.

EEOC guidance issued in 2022 makes it clear that employers’ use of software, algorithms, and AI for assessing job applicants and employees may violate the Americans with Disabilities Act

Guidance issued in 2022

Makes explicit the need for employers to follow the Fair Labor Standards Act when using AI/algorithmic systems in the workplace.

EEOC's Final Rule on Employer Wellness Programs and Title I of the Americans with Disabilities Act

Issued in 2016

EEOC issues a rule to provide guidance on incentives that employers can offer to employees to participate in wellness programs that ask them to answer disability-related questions or to undergo medical examinations.

EEOC Issues Title VII Guidance on Employer Use of AI, Other Algorithmic Decision-Making Tools

Issued 2023

For more information see the ACLU report on this decision: https://www.aclu.org/press-releases/aclu-applauds-eeocs-guidance-for-assessing-automated-systems-used-in-employment-decisions.

EEOC Highlights How Wearable Technologies May Implicate Employment Discrimination Laws

Issued in 2024

Fact sheet no longer available.

“The Equal Employment Opportunity Commission (EEOC) has issued guidelines emphasizing that employers are liable for any biases in AI tools they use.”

Released 2024

“The EEOC AI and Algorithmic Fairness Initiative requires AI tools used for hiring and other employment decisions to comply with federal equal employment opportunity laws.”

Launched 2021

NLRB General Counsel Seeks Limits On Employer Electronic Surveillance and Automated Management Practices

Issued 2022, Rescinded 2025

Memorandum, not explicit policy

California Consumer Privacy Act

Effective 2018

Sets an elevated standard for privacy disclosures, requiring businesses to inform employers and consumers about the collection of their personal information, use, and disclosure of data to service providers or third parties.

California Privacy Protection Agency Board

2024 Decision

Advances rules about how businesses use artificial intelligence and collect the personal information of consumers, workers, and/or students.

No Robo Bosses Act (Senate Bill 7)

Introduced in 2025, but still under consideration in the California Assembly

Regulates the use of automated decision systems in employment, limiting AI-driven tools in hiring, promotions, and disciplinary action.

Colorado Privacy Act (CPA)

Effective from July 1, 2025

Employers of Colorado-based employees must obtain consent prior to collecting and using biometric information or/and adopting biometric policies.

SB 24-205: Colorado's AI Act

Signed 2024

Requires developers and deployers to use reasonable care to mitigate algorithmic discrimination in decisions made by AI-systems, including employment decisions.

§31-48d of the Connecticut General Statutes

Issued 2024

Employers must provide written notice to employees who will be subjected to electronic monitoring.

2024 Delaware Code Title 19 - Labor Chapter 7. EMPLOYMENT PRACTICES Subchapter I. General Provisions § 705. Notice of monitoring of telephone transmissions, electronic mail and Internet usage.

Issued 2024

Employers monitoring telephone calls, email, or internet use in some cases may be required to notify employees in writing or electronically each time the employee accesses the surveilled resource.

Illinois' Biometric Information Privacy Act (BIPA)

Effective 2008

Per the ACLU: The law ensures that individuals are in control of their own biometric data and prohibits private companies from collecting it unless they:

-Inform the person in writing of what data is being collected or stored. (e.g. fingerprint is stored when using TouchID to log into bank account app on phone)

-Inform the person in writing of the specific purpose and length of time for which the data will be collected, stored and used. (e.g. fingerprint is stored for ease of logging into app and only for a duration of six months)

-Obtain the person's written consent. (e.g. user signs their name before sharing their fingerprint)

New York Senate Bill S2628

Effective May 2022

Requires prior written notice upon hiring of an employee of any and all electronic surveillance that may occur.

Warehouse Workers Protection Act

Effective ​​June 1, 2025 employers must implement injury reduction programs

Establishes legal and safety requirements for employers to implement in certain types of warehouses.