Sure, but the contents of what that proposed agreement can be - and are - limited by law.
You can't offer a salary below minimum wage even if both parties agree. You can't have people work hours above a certain limit even if both parties agree. And (at least in EU) in the exact same manner you can't have take-it-or-leave monitoring of all employees even if both parties agree.
Such monitoring may be permissible with genuine 'freely given consent' if it was given without any expectation of terminating the relation or any other adverse consequences or differential treatment. If you say "I'll give you $100 if you consent", the employee can agree, but that doesn't count as valid consent or binding contract and doesn't permit you to do the thing with that employee's data, privacy rights aren't for sale even if people would want to sell them. And you might get consent from some of the employees, but IMHO there isn't (and shouldn't) be any EU-legal way to ensure that you get consent from everyone, because if you do, that's a good sign that's not "valid consent" as defined by EU law, that it wasn't freely given but conditional or coerced.
A good analogy for how consent and privacy is handled in Europe (not in USA though) IMHO is like consent to sexual acts; if in an otherwise identical situation consent given in that manner wouldn't be appropriate to violate someones asshole, chances are that consent wouldn't be valid also for violating their privacy; If part of employment contract or company policies says "I consent to my manager arbitrarily monitoring me" it is about as legally binding as it saying "I consent to my manager arbitrarily fucking me", i.e. just empty words.
> If you say "I'll give you $100 if you consent", the employee can agree, but that doesn't count as valid consent or binding contract and doesn't permit you to do the thing with that employee's data
Yes - illegal things are illegal, of course. I can pay someone $1 to kill someone as a freely arrived at agreement, but that's illegal. What I was saying is orthoganal to legality. It's about whether or not the employer-employee relationship is 100% coercive.
It might not be 100% coercive, however, at least in the EU the general legal principle seems to be that by default it should be assumed that it is coercive, due to the inherent power imbalance in employment contracts.
E.g. PriceWaterhouseCoopers was fined for unlawful handling employee data despite having having the employees "agree" to it (https://www.lexology.com/library/detail.aspx?g=9a315cca-bc71...), and the "consent" being in the employee handbook effectively was an additional violation "PwC had processed the personal data in an unfair and transparent manner, by giving the false impression that it was relying on consent".
For resolving such issues, quoting that article, "the EDPB/ICO guidelines stipulate that in an employment context, consent cannot be given freely as there is most likely an imbalance of power between the employer and the employee".
It could be that in some particular scenario the relationship wasn't coercive at all and the consent is valid, but it would be up to the employer to demonstrate that, and if somehow 100% of employees consented to monitoring, it could be very, very difficult for the employer to demonstrate that no "motivation" (positive or negative) was involved and everyone really just loves being monitored as a pure coincidence.
You can't offer a salary below minimum wage even if both parties agree. You can't have people work hours above a certain limit even if both parties agree. And (at least in EU) in the exact same manner you can't have take-it-or-leave monitoring of all employees even if both parties agree.
Such monitoring may be permissible with genuine 'freely given consent' if it was given without any expectation of terminating the relation or any other adverse consequences or differential treatment. If you say "I'll give you $100 if you consent", the employee can agree, but that doesn't count as valid consent or binding contract and doesn't permit you to do the thing with that employee's data, privacy rights aren't for sale even if people would want to sell them. And you might get consent from some of the employees, but IMHO there isn't (and shouldn't) be any EU-legal way to ensure that you get consent from everyone, because if you do, that's a good sign that's not "valid consent" as defined by EU law, that it wasn't freely given but conditional or coerced.
A good analogy for how consent and privacy is handled in Europe (not in USA though) IMHO is like consent to sexual acts; if in an otherwise identical situation consent given in that manner wouldn't be appropriate to violate someones asshole, chances are that consent wouldn't be valid also for violating their privacy; If part of employment contract or company policies says "I consent to my manager arbitrarily monitoring me" it is about as legally binding as it saying "I consent to my manager arbitrarily fucking me", i.e. just empty words.