Australia: When Does the Use of Workplace Biometrics Violate the Privacy Act?

By Naomi Seddon and Merille Raagas May 6, 2019
LIKE SAVE
Australia: When Does the Use of Workplace Biometrics Violate the Privacy Act?

​Australia's Fair Work Commission (FWC) is evaluating for the first time whether an employee may be fired for refusing to submit to biometric finger scanning required by an employer. The case involves an employee's concerns about the collection of sensitive data and a potential violation of the Australian Privacy Act.

Under the act, if an organization has personal information about someone that was collected for a particular purpose, the entity generally must not use or disclose the information for another purpose unless that person has consented. Organizations that breach privacy laws may face significant criminal and civil penalties.

In this case, the employer announced that all employees had to use the biometric scanners to record their attendance at work.

Concerned about the collection of his personal information, an employee objected. In turn, the employer fired him for violating its attendance policy. After an FWC commissioner denied the plaintiff's unfair dismissal claim, the employee appealed to the FWC full bench.

The plaintiff argued that the commissioner failed to consider whether the request to comply with the fingerprint scanning policy was lawful and reasonable, particularly when the employee refused to consent to the disclosure of his biometric data.

The FWC full bench agreed to hear the appeal, satisfied that this matter raised "important, novel and emerging issues." If it rules in the employer's favor, its decision could allow employers to take workers' biometric information despite employees' objections. As part of these proceedings, the FWC is expected to examine the progression of biometric technology and workers' privacy rights. The litigation is pending.

[SHRM members-only toolkit: Introduction to the Global Human Resources Discipline]

Notice

In many Australian jurisdictions, employers violate the law when they fail to obtain employees' consent or, in some areas and industries, when they don't consult with workers on how personal information is collected, stored and used. Accordingly, employers should notify workers about how the biometric data will be stored; the risks of collecting information, such as the possibility of data breaches; how it will be managed and the purpose for the collection.

Employers should also be prepared to respond to employees' concerns about biometric data collection policies and processes, particularly when changes might have a major effect on workers' employment.

Naomi Seddon and Merille Raagas are attorneys with Littler in Los Angeles.

LIKE SAVE

Job Finder

Find an HR Job Near You
Search Jobs

SHRM CONNECT

Find your peers in SHRM's online community.

Find your peers in SHRM's online community.

Join SHRM Connect

SPONSOR OFFERS

HR Daily Newsletter

News, trends and analysis, as well as breaking news alerts, to help HR professionals do their jobs better each business day.