"Employee surveillance" sounds a lot more nefarious than the reality of these systems for most organizations.
Your network admin has had access to the proxy, and by extension, all your browsing history since forever. Now, your UEBA does that, but mainly just sits there and flags things like a user normally hitting a single host to suddenly hitting 300 hosts on the network, or a user having an average data upload of 500MB/week to 200GB in a single session.
Very few people care if you're using the corporate network to listen to YouTube Music (or even looking for other jobs), most just want to be notified of data exfiltration, compromised accounts, or malicious network activity.
It's not that simple. The more data points there are, the stricter the rules can get. A user having an average data upload of 500MB/week would be flagged at 50 MB in 5 minutes. I expect that the system self-adapts until it flags at least some users and I expect those flagged are not the technologically challenged users that browse anywhere and click anything, but the most competent users that perform "weird" actions such as ping, ftp, open the command prompt, etc.
Your network admin has had access to the proxy, and by extension, all your browsing history since forever. Now, your UEBA does that, but mainly just sits there and flags things like a user normally hitting a single host to suddenly hitting 300 hosts on the network, or a user having an average data upload of 500MB/week to 200GB in a single session.
Very few people care if you're using the corporate network to listen to YouTube Music (or even looking for other jobs), most just want to be notified of data exfiltration, compromised accounts, or malicious network activity.