‘Clocking in’ at the office has traditionally meant manually writing in your hours, or using your swipe card. However, new and innovative ways of signing-in to work have been met with both praise and concern. some of these include facial recognition technology, microchipping – and even fingerprints. Yet this means that employers get access to extremely sensitive information. It’s therefore understandable that employees may be hesitant to hand over their biometric data to their workplace, but this also raises larger questions relating to technology and privacy.
One employee, Jeremy Lee, was particularly concerned by the prospect of providing his fingerprints to his employer and ended up refusing to. This led to Jeremy’s termination for failing to comply with the new workplace policy.
Are fingerprints sensitive information?
We live in a world where information is shared at an unprecedented rate. A lot of this information is mundane, such as names and ages. However, some is sensitive and can tell you a lot about someone. The law has recognised this and defines sensitive information under the Privacy Act 1988 (Cth) as information which relates to a person’s:
- Racial or ethnic origin
- Political beliefs
- Criminal record history
- Sexual orientation
- Health information
- Biometric information
But how sensitive is this information these days? For example, we can often decipher a person’s political beliefs just by looking at their social media profiles. Similarly, every day devices we use have begun collecting our sensitive information. A well known example of this is using your fingerprint to unlock your phone. Though this may be easier than remembering your passcode, it’s important to remember that this information is stored on your phone. Sensitive information is still just that – sensitive – but it’s a lot easier to access these days.
What information can my employer collect?
Employers have the right to collect any information about an employee which is relevant to the employment relationship. This includes email address, phone number and residential address. However, there is some information which you don’t have to disclose. This includes details regarding your beliefs, race, orientation, health – and fingerprints.
Employers have to comply with provisions outlined in the Privacy Act. Under this, sensitive information can only be obtained through notifying employees and gaining their consent. Therefore, an employer can notify you that they want to collect your sensitive information – but you don’t have to provide it.
A win for employee (and privacy) rights
After Jeremy lost his unfair dismissal case in the FWC, he appealed it. Upon appeal, the Court found that Jeremy’s employer had breached the Privacy Act. This is because they didn’t follow the process for requesting the information properly. Jeremy’s employer did not give him an opportunity to say no, but terminated him instead. Yet despite the fact that employers cannot force employees to provide sensitive information, the concept of sensitive information itself remains unresolved. Is it a form of property? And if so, what other rights do we have over it?
With these and many other profound questions still unanswered, it may be better to keep using your trusty swipe card for now.
