Privacy Issues in the Workplace

In addition to a violation of the Penal Code, employee tracking with the use of cellular telephones or similar devices may raise employee privacy claims under the California and United States Constitutions.

J. B IOMETRICS “Biometrics” is an automated method used to recognize an employee’s unique physiological or behavioral characteristics. 507 Biometrics is a general term that is used to describe a process or a characteristic. 508 Biometrics is often used to improve security and productivity in the workplace. “Physiological biometrics” include fingerprint scanners or sensors, and iris recognition technology. 509 “Behavioral biometrics” include voice, keystroke, gait and signature recognition capabilities. 510 Biometrics is used to track productivity and to grant employees access to secured workspaces or locations. information poses both privacy and security risks for employers. Generally, this data is electronically stored. Employers must weigh the risk of privacy violations that will result if an employee’s personal data is lost, stolen or misplaced against the convenience that using biometrics may afford to employers. For example, because fingerprints are unique to each person, the risk of identity theft is great if a hacker were to obtain fingerprint information along with other employee data. Because of the risks involved with the use of this technology, employers should use biometrics only when they have legitimate business needs that justify its use. For example, employers may use biometrics to restrict access to highly secured buildings, such as prisons. However, we advise that all employers seek legal counsel and technical advice before implementing this type of technology. Biometrics poses privacy considerations for employers because it requires that employers collect employee physiological or behavioral data. The collection and storage of this highly confidential K. E MPLOYER ’ S A FFIRMATIVE D UTY TO R EPORT E MPLOYEES ’ U NLAWFUL A CTIVITY ON THE I NTERNET In a case of first impression, an appellate court in New Jersey has found that, under certain circumstances, an employer may be subject to a common law negligence claim for failing to report an employee’s use of workplace computers to access child pornography. In Doe v. XYC Corp, 511 a mother brought an action for negligence on behalf of her minor daughter against her husband’s employer for failing to report the husband’s use of a workplace computer to access pornography and send nude photos of the daughter to a child porn site. The trial court granted the employer summary judgment on the grounds that it had no duty. The appellate court reversed finding that the employer’s computer use policy, which included monitoring employee’s computer use and resulted in the detection of employee’s access to child porn sites, created a duty to report the “employee’s activities to the proper authorities to take effective internal action to stop these activities whether by termination or some less drastic remedy.” This case does not reflect California law, and it is unclear if it reflects current trends in the law. The decision is instructive, however, in that it raises questions concerning whether an employer has

Privacy Issues in the Workplace ©2021 (s) Liebert Cassidy Whitmore 159

Made with FlippingBook Learn more on our blog