It is? I guess I'm in a special boat being a developer and being able to run Linux at work since 2012, but even on the corporate Windows/Mac workstations, I don't think I've been at a company that's installed any type of spyware (other than standard remoting tools used by help desk and controlled with Group Policies).
They don't disclose what they do, and typically it's a function of company size. Once you get past a certain point and there is budget for an IT department, they start installing things like 'endpoint management' and redirect your DNS to something that logs all DNS records, etc.
Things like DNS tracing apply outside their network too, like WFH situations with no VPN.
Overall in practice, there is nothing stopping creepy sysadmin, boundary overstepping lawyer or creepy manager from secretly stalking specific employees by pushing IT departments to install extra monitoring software or just plain spying on specific employees.
