District of Columbia
DC Employee Monitoring Laws: Notice, GPS, and Privacy Rules (2026)

The District of Columbia has no statute requiring an employer to give notice before monitoring computers, phones, or email, unlike Connecticut, Delaware, New York, or Maine. Federal ECPA's "ordinary course of business" exception and DC's one-party consent recording law, D.C. Code § 23-542, set the baseline instead.
Information last verified on 2026-07-09. This article has not yet been reviewed by a licensed lawyer.
Jurisdiction scope: This article covers the District of Columbia's employee monitoring landscape, including why it has no dedicated notice or social-media-password statute, its one-party consent recording law, its voyeurism statute, common-law privacy protections, and its data breach and pending algorithmic-transparency legislation. It does not re-derive DC's general call and video recording consent rules; see District of Columbia Recording Laws for that.
Why DC has no electronic-monitoring notice statute
Connecticut, Delaware, New York, and, starting in 2026, Maine each require an employer to give employees some form of notice before starting electronic monitoring of computer, phone, or internet activity. The District of Columbia has not enacted a comparable statute. That means a DC employer is not required by any District law to post a notice, obtain a signed acknowledgment, or otherwise flag that it monitors workplace email, internet use, or phone activity, though its own internal policies or a union contract may impose that obligation separately.
In the absence of a District-specific notice statute, the baseline is federal. Title I of the Electronic Communications Privacy Act amends the Wiretap Act, 18 U.S.C. §§ 2510 to 2523, to bar intercepting wire, oral, or electronic communications without consent, but § 2511(2)(a)(i) creates an "ordinary course of business" exception for a provider of a wire or electronic communication service, a category courts extend to an employer that owns the phone, email, or computer system used. In Watkins v. L.M. Berry & Co., 704 F.2d 577 (11th Cir. 1983), the court held that once a monitored call is identified as personal rather than business, continued listening can fall outside that exception. DC employers rely on this federal framework, plus DC's own recording consent law described below, rather than a state-style notice statute.
Recording consent at work: DC's one-party rule
The District is a one-party consent jurisdiction under D.C. Code § 23-542, covered in depth at District of Columbia Recording Laws and its workplace-specific page. The statute permits a person who is a party to a wire or oral communication, or who has the prior consent of one party to it, to intercept that communication, unless the interception is for the purpose of committing a crime, a tort, or another injurious act. Because an employer that owns the phone or email system is generally treated as a party to communications routed through it, DC's one-party rule tends to give employers more latitude to record or monitor without every participant's consent than an all-party consent jurisdiction would, though the ordinary-course-of-business limits described above still apply. This article does not re-derive that consent framework further; see the linked pages for the full rules, including penalties, which reach a fine of up to $12,500 or up to five years imprisonment for unlawful interception, plus civil liability.
No DC social media password law
Unlike roughly 27 states, tracked by the National Conference of State Legislatures, the District of Columbia has not enacted a statute barring an employer from requesting an employee's or applicant's social media username or password. Nearby jurisdictions, including Maryland and Virginia, do have such laws, but DC does not, so a District employer that asks for social media login credentials is not violating a DC-specific statute by doing so, though the request could still raise other legal issues depending on what the employer does with the access.

DC's voyeurism statute and hidden workplace cameras
D.C. Code § 22-3531 makes it unlawful to secretly or surreptitiously observe, or to electronically record without express and informed consent, a person in a place where they have a reasonable expectation of privacy, including while dressing, undressing, or using a restroom. The statute carves out an exception for security monitoring in one's own home and for buildings that post prominent surveillance notices, but it is not written as an employment statute and does not authorize an employer to install a hidden camera in a restroom or changing area. A basic violation is a misdemeanor punishable by up to a year in jail; distributing material a person knew or reasonably believed violated the statute is a felony punishable by up to five years.
Common-law privacy protection: intrusion upon seclusion
Because DC has no dedicated monitoring-notice statute, its courts' common-law privacy tort carries more relative weight than it would in a state with a detailed statutory scheme. In Wolf v. Regardie, 553 A.2d 1213, 1217 (D.C. 1989), the DC Court of Appeals recognized intrusion upon seclusion, drawn from the Restatement (Second) of Torts § 652B, as requiring an invasion or interference, by physical intrusion, by use of sight or hearing, or by some other form of investigation or examination, into a place where the plaintiff has secluded themselves or into their private or secret concerns, that would be highly offensive to an ordinary, reasonable person. Courts applying this tort in the employment context have generally required an intrusion well beyond routine business monitoring, but it remains a potential claim where an employer's surveillance goes further than the ordinary-course-of-business exception or a legitimate business purpose would support.
GPS and vehicle tracking
DC has not enacted an employer-specific statute requiring notice before placing a GPS tracker in a company vehicle, and this article does not attempt to reconstruct a District-specific tracking-device criminal statute here. For the general legal framework covering GPS trackers in the District, including consent principles, see Washington DC GPS Tracking Laws.
Biometric time clocks and data breach notification
DC has not enacted a biometric privacy statute comparable to Illinois' Biometric Information Privacy Act, 740 ILCS 14, which requires written consent before collecting a fingerprint or facial scan and creates a private right of action. DC's data breach notification law does reach biometric data indirectly: D.C. Code § 28-3851 defines "biometric data" (a fingerprint, voice print, genetic print, or retina or iris image used to authenticate identity) as a category of "personal information," and § 28-3852 requires notification to affected DC residents after a breach involving that data. That means a DC employer whose biometric time clock data is breached has a District notification duty, described in more depth at District of Columbia Data Privacy Laws, even though the District has no equivalent to BIPA's consent-before-collection requirement or private right of action for the collection itself.

A pending bill worth watching
The DC Council has considered a Stop Discrimination by Algorithms Act in more than one council period, first introduced by the Attorney General's office in 2021 and reintroduced in 2023, that would require notice and independent audits before an employer uses an automated decision-making tool for a "consequential" decision such as hiring, discipline, or termination. As of this writing the bill has not been enacted, so it does not currently impose any legal requirement on DC employers using AI-assisted hiring or monitoring software. Employers and employees tracking this area should confirm current status with the DC Council before relying on it either way.
Watch out: The absence of a DC monitoring-notice statute does not mean workplace surveillance is unregulated. Federal wiretap law's ordinary-course-of-business limits, DC's voyeurism statute, and the common-law intrusion upon seclusion tort all still apply, and an employer's own written policy can create separate contractual obligations.
Frequently asked questions
More District of Columbia Laws
- District of Columbia Dashcam Laws
- District of Columbia Drone Laws
- District of Columbia Police Bodycam Laws
- District of Columbia Recording Laws
- District of Columbia Smart Glasses Recording Laws
Disclaimer
This article presents general legal information about the District of Columbia's approach to employee monitoring, including the absence of a dedicated notice or social-media-password statute, DC's one-party consent recording law, its voyeurism statute, common-law privacy protections, and its data breach notification law. It is not legal advice and does not create an attorney-client relationship. Statutes, case law, and pending legislation described here are subject to amendment, judicial interpretation, and further Council action. Consult a lawyer licensed in the District of Columbia for advice about a specific workplace monitoring situation. Information last verified: July 9, 2026.

Related articles
- Employee Monitoring Laws by State
- District of Columbia Recording Laws
- District of Columbia Workplace Recording Laws
- Washington DC GPS Tracking Laws
- District of Columbia Data Privacy Laws
- US Recording Laws by State
Last updated: 2026-07-09. Statutes cited reflect their in-force version as of 2026-07-09.
Frequently Asked Questions
Does DC require employers to give notice before monitoring employees electronically?
No. Unlike Connecticut, Delaware, New York, or Maine, the District of Columbia has not enacted a statute requiring an employer to give notice before monitoring workplace computer, phone, or internet use. Federal wiretap law's ordinary-course-of-business exception applies instead.
Can a DC employer ask for my social media password?
There is no DC statute barring the request, unlike in about 27 other states tracked by the National Conference of State Legislatures, including neighboring Maryland and Virginia. A DC employer asking for social media login credentials is not violating a DC-specific statute by asking, though other legal issues could still arise depending on how the employer uses that access.
Is DC a one-party or two-party consent jurisdiction for workplace recording?
DC is a one-party consent jurisdiction under D.C. Code § 23-542. A person who is a party to a communication, or who has one participant's consent, may generally record it, unless the recording is for an unlawful or injurious purpose. See District of Columbia Recording Laws for the full framework.
Can my DC employer put a camera in the restroom or locker room?
No. D.C. Code § 22-3531 makes it a crime to secretly observe or record someone without consent in a place with a reasonable expectation of privacy, including while dressing, undressing, or using a restroom, regardless of who installed the camera.
What can I do if I think my DC employer's monitoring went too far?
Because DC has no dedicated monitoring-notice statute, the common-law tort of intrusion upon seclusion, recognized in Wolf v. Regardie, 553 A.2d 1213 (D.C. 1989), may apply if the intrusion was highly offensive to a reasonable person and went beyond a legitimate business purpose. This is general information, not an assessment of any specific situation; consult a DC-licensed employment lawyer.
Does DC require notice before [GPS tracking](/us-laws/gps-tracking-laws) a company vehicle?
No District statute specifically addresses employer notice for vehicle GPS tracking. See Washington DC GPS Tracking Laws for the general tracking-device framework that applies.
Is DC's Stop Discrimination by Algorithms Act in effect?
Not as of this writing. The bill has been introduced in more than one DC Council period without being enacted, so it does not currently require notice or audits for AI-based hiring or monitoring tools. Its status should be confirmed with the DC Council before relying on it.
Sources and References
- D.C. Code § 23-542, Interception, disclosure, and use of wire or oral communications prohibited(code.dccouncil.gov).gov
- D.C. Code § 22-3531, Voyeurism(code.dccouncil.gov).gov
- D.C. Code § 28-3851, Security Breach Protection Act definitions (biometric data as personal information)(code.dccouncil.gov).gov
- D.C. Code § 28-3852, Notification of security breach(code.dccouncil.gov).gov
- Wolf v. Regardie, 553 A.2d 1213 (D.C. 1989)(courtlistener.com)
- 18 U.S.C. § 2511(2)(a)(i), ordinary course of business exception to the federal Wiretap Act(law.cornell.edu)
- Watkins v. L.M. Berry & Co., 704 F.2d 577 (11th Cir. 1983)(openjurist.org)
- DC Office of the Attorney General, AG Racine Introduces Legislation to Stop Discrimination In Automated Decision-Making Tools(oag.dc.gov).gov