This case study addresses an ethical and legal dilemma faced by Mandy, a security administrator tasked with providing weekly reports on employee website access. The core issue revolves around the potential breach of employee privacy due to undisclosed data surveillance. The case utilizes Chris MacDonald's methodology to analyze the moral dimensions, identify interested parties (manager and employees), and assess the values at stake (trust, autonomy). It highlights violations of the ACS Code of Ethics, particularly regarding confidentiality and professionalism. Furthermore, the case references the Workplace Privacy Act 2011, emphasizing the need for a notice of surveillance. Mandy is advised to propose a solution involving proper notification to employees before surveillance. The conclusion emphasizes the importance of ethical conduct and legal compliance to avoid potential legal repercussions and maintain a positive work environment.