

Microsoft Teams knows when you're at your desk. That's not a revelation anyone inside Redmond would deny—the application logs presence status, meeting join times, message delivery receipts, and a reasonably comprehensive record of who spoke to whom and for how long. Pull the usage reports from the admin center and you'll find active user counts segmented by hour, file sync volumes, conference call duration breakdowns. This isn't hidden telemetry buried in an obscure audit log twelve menus deep—it's dashboarded for your IT staff's consumption.

The interesting question isn't whether this data collection happens. It's why enterprises cheerfully adopted a collaboration tool that functions, at the infrastructure level, as an employee activity monitor. The answer, of course, is that nobody had a better option when the pandemic made remote work mandatory overnight. But the deployment patterns that emerged tell a story about what organisations actually wanted from their "collaboration" stack once they had it deployed at scale.

Here's the thing: IT departments didn't stumble into this role. They were handed a tool that solved an operational problem—maintaining some semblance of coordination across distributed teams—and along with it came surveillance capabilities that would have been politically impossible to implement through traditional HR channels. Nobody would have voted for keystroke logging. But everybody accepted Teams, and Teams logs plenty enough to build behavioural profiles without ever touching the keyboard.

The remote-work era didn't invent workplace monitoring. It just made it ambient. The collaboration platform became the enforcement layer for a kind of data collection that, proposed explicitly, would have triggered immediate resistance from employees and civil libertarians alike. Instead, it arrived as a feature set, enabled by default, with IT as the quiet implementation partner. That's the story worth examining—not whether your vendor is selling your data to advertisers, but how enterprise IT became the compliance layer for surveillance infrastructure that nobody voted on.