[GekkePrutser]

I really don't understand how a company could distrust their employees as much as this to have a process and people in place to do all this crap. If they trust them that little, why are they even in business?

I can understand some industries might need it for some compliance thing. Law enforcement perhaps. But really some of the things that MS are tagging are completely arbitrary. Just the way you might want to leave, this is not something that could ever be associated with any kind of governmental compliance. It is simply not wrongdoing at all nor any indication of it.

I work closely with our insider threat team and they don't do anything preventative like this. They just investigate when allegations have been raised, and even then they are really hands-off in terms of internal comms. They have to get special permission to access that, showing proof of the allegations. They behave like the police would, get explicit permissions (akin to a warrant in law enforcement).

The process you describe is more akin to what an intelligence organisation would do, with dragnet surveillance. Totally not acceptable in a business environment IMO.