PRIVACY June 30, 2026

Protecting Screens Without Surveilling People

The first reaction many people have to ScreenStop is a fair one. You hear "AI," "webcam," and "monitoring" in the same sentence, and you picture a camera watching workers all day, footage piling up on a server somewhere, a manager scrubbing through it later. If that were what we'd built, you'd be right to refuse it.

← Back to Blog

It isn't — and the difference isn't a footnote. It's the entire design.

Screen DLP exists because the most sensitive moment in any data-protection story is also the least protected one: the instant information is on a screen, in front of a human, in a room we don't control. Network controls, endpoint controls, and cloud controls all stop at the glass. ScreenStop covers what happens at the glass. The challenge was always to do that without turning the workplace into a surveillance floor. Here is how we approached it.

Nothing leaves the device

All detection runs locally, on the machine itself. By default, nothing — no video, no images, no events — ever leaves it. The camera feed is processed in real time and discarded frame by frame; it is never recorded, never uploaded, and never sent to us. In the standard on-premises deployment, the entire system lives inside your perimeter, and data crosses the boundary only if you deliberately configure it to.

That's not a privacy feature bolted onto a monitoring product. It's the starting assumption everything else is built on top of: the box keeps to itself unless you tell it otherwise.

It protects the person at the screen — not the other way around

It helps to be precise about who the system is actually guarding. ScreenStop watches the screen's surroundings, not the worker's behaviour. It flags when a second person is reading over someone's shoulder. It flags when a phone is raised to photograph the display. It locks the workstation when the person steps away and leaves sensitive data exposed.

Every one of those is a threat to the employee and the data in front of them, not a way of policing the employee themselves. The person at the desk is the one the system keeps safe — their work stays theirs, and the customer data on their screen doesn't walk out of the room in someone else's camera roll.

Deployed where the risk is, not everywhere

You don't install ScreenStop across an entire workforce. It's scoped by role and risk, not by headcount. A bank might cover its trading desks or a contractor environment handling regulated data, and leave engineering or back-office teams out entirely. The system runs only where the exposure genuinely justifies it.

This isn't just a convenience. Proportionality — applying a control only where it's necessary and no further — is one of the core tests any serious data-protection regime asks you to meet. Targeted deployment is how the product is designed to help you pass it, rather than work around it.

Everything is configurable, and minimal by default

Where logging or capture is enabled at all, it's built for restraint. Silent operation, data minimisation, and encryption at rest are all available, and stored captures are designed to be opened only during an audited incident — not browsed casually by a supervisor. Nothing is switched on by default that you haven't deliberately chosen to switch on.

The configuration is the product. Two organisations running ScreenStop can have radically different privacy postures, because both are deciding exactly what the system does and where.

Where this is heading: privacy by activation

The clearest answer to the privacy question is one we're building toward now. On our roadmap is a content filter that keeps the system dormant until sensitive data is actually on screen. You would define what counts as sensitive — say, your CRM or your internal chat — and during ordinary work outside those contexts, the system simply does nothing.

Call it privacy by activation: the protection engages only when the data you care about is the thing on display, and stays asleep the rest of the time. It's the logical endpoint of everything above, and it's the direction the product is moving.

Privacy and protection are not a trade-off

The assumption baked into most monitoring tools is that you buy security by spending privacy — that to protect data, you have to watch people. We started from the opposite premise. Done right, protecting what's on the screen and respecting the person in front of it are the same project, not competing ones.

That's a claim worth scrutinising rather than taking on faith. If you'd like to walk through the privacy architecture in detail — including what to hand your data-protection team — we're glad to.

Walk through the privacy architecture with us

Local processing. Role-scoped deployment. Minimal by default. See exactly what ScreenStop does — and doesn't.

Request a Demo →