Welcome back to this week’s P | A | C | T news, your newsletter by Tech Talent North.
As tech organizations embrace remote work and look to integrate AI tools into their people operations, new questions surrounding privacy, compliance, and the ethical boundaries of data use are emerging.
That’s why this week; we’ve turned to employment lawyer Jordan Michaux, Roper Greyell LLP, for a legal and practical lens on how AI and employee monitoring are reshaping the HR landscape. His insights offer a grounded framework for balancing innovation with responsibility.
As People and Culture leaders face a new frontier in workforce data, Jordan reminds us: privacy and performance don’t need to be at odds, if we lead with clarity, collaboration, and care.
Key takeaways:
- The legal line for employee monitoring is defined by necessity, transparency, and respect for privacy.
- AI tools must not replace human oversight, especially in performance decisions or hiring.
- HR data should be treated as a valuable business asset, not an administrative byproduct.
- Breach response starts with planning (not panic).
Jordan’s advice throughout is clear: as AI and data reshape HR, our role is not just to adapt but to lead responsibly.
With more and more HR teams adopting AI tools and remote work becoming standard, the conversation around privacy, compliance, and performance management is intensifying. In this week’s interview, Jordan Michaux breaks down what HR leaders need to know to navigate this evolving space.
Monitoring vs. Privacy: Where’s the Line?
“Everything with employee monitoring… is a balance between the organization’s operational need and the employee’s expectation of privacy.”
Jordan’s legal perspective is clear: employers have a right to monitor but only if it’s done reasonably and serves a clear organizational purpose.
And in a remote world, where home and work can blur, employee privacy expectations are higher. That makes it even more important to assess what tools you’re using, what data you’re collecting, and whether less intrusive options are available.
For HR, this means drafting policies that are transparent, purpose-driven, and proportional because it’s about more than just compliance, it’s about trust too.
The AI Trap: Don’t Lose the Human
“Unless there has been a human involved… it’s going to be really, really hard to dig into an AI tool and explain why the decision was made.”
HR is increasingly using AI for productivity tracking, hiring, and performance management but Jordan warns that the convenience comes with legal and ethical risks.
Generative AI models in particular function as “black boxes,” making it difficult (if not impossible) to trace how certain conclusions were reached and in the event of a termination or arbitration challenge, the absence of a human rationale can put organizations in a tough legal spot.
What’s more, over-collection of data is a growing concern. Many AI tools gather more information than is necessary, making compliance with notification and transparency requirements difficult.
Jordan’s advice?
Keep humans in the loop, especially in high-stakes decisions. Use AI to support, not replace, your HR judgment.
Who Owns HR Data Security?
“Treat your internal data… as an important part of the employment bargain.”
In many companies, HR is the largest data custodian but rarely the only one responsible for protecting it. Jordan stresses that ownership must be shared across departments.
HR teams should work closely with IT, legal, and privacy officers to ensure:
- Role-based access controls are enforced
- Systems are tailored to collect only necessary data
- Vendor contracts include strong data protections
In short: manage your data like you would a proprietary technology asset. Mishandling (even unintentionally) can lead to reputational damage, regulatory risk, and employee distrust.
Preparing for a Breach: Don’t Wait
“The thing that increases the risk most in a breach response is panic.”
Data breaches aren’t a matter of if, they’re a matter of when. Jordan reminds HR leaders that preparation is everything.
The first steps after a breach shouldn’t just be about damage control, but also effective coordination. Response time is important but so is accurately understanding exposure. HR has an important role as the “centre of the web,” gathering IT, legal, and decision-makers in one room to assess what happened and how best to respond.
Common mistakes? Acting too quickly without full understanding of the breach scope or failing to identify the right internal resources ahead of time.
Jordan’s recommendation:
- Develop a formal breach response plan
- Define your incident response team in advance
- Train your HR staff to recognize and escalate risks early
The faster you can activate the right people, the more effectively you can contain the damage.
Build with Privacy in Mind
As AI tools become more embedded in people operations, HR leaders are uniquely positioned to shape how organizations collect, use, and protect employee data.
Transparency isn’t just a checkbox; it’s a strategy to build trust in an increasingly data-driven world.
The message from Jordan Michaux is clear: the future of HR demands new systems and tools, but the core of great HR remains the same. It’s about being thoughtful, intentional, and above all, human.
If you’re interested in diving deeper into this topic or having your questions answered by a legal expert, Jordan will be speaking at Tech Talent North Western 2025. His session will go beyond the legal theory and focus on tactical, practical strategies HR leaders can use to avoid common pitfalls and implement responsible AI and data practices.
It’s not just about the fear factor, it’s about what you can do, today, to lead with confidence.
