Finger scanning gets thumbs down

Time and attendance technology runs up against privacy

When shingle manufacturer IKO Industries tried to introduce a fingertip scanning system to track timekeeping, payroll and security issues at its Hawkesbury, Ont., plant, only three of the more than 80 employees in the bargaining unit turned up to enrol.

This dismal turnout was evidence that, despite a series of presentations by representatives of Kronos Technology, the company providing the new finger-scan system, the fears of the employees had not been allayed. Chiefly they were concerned that the personal information they provided could be used for other purposes than payroll timekeeping, citing fears of “constant surveillance,” and of unauthorized background checks and credit checks.

A Kronos pamphlet designed to explain away those very concerns only added fuel to the fire in advising that its biometrics could be used for just such procedures. Employees were also worried that an outside hacker could steal information from system.

The company argued that it was up to the union to justify why it should not implement the system. It noted the new technology would save time in processing payroll and could be used to account for the whereabouts of staff in a plant emergency.

The union asserted that the company could not justify the invasion of its employees’ privacy by collecting information on their unique physical features. It suggested that the card-swipe method presently in place had never been studied in terms of its efficiency in processing payroll. Further, there had been to date, no significant issues of breach of trust, such as employees punching in for someone else or allowing entry to unauthorized visitors. It argued the decision to introduce fingertip scanning contravened the management rights provisions of the collective agreement and that management should justify the decision to introduce the new technology.

The company countered with extensive evidence about the proposed Kronos system. A Kronos representative, Dan Skiba, argued that in the first place, the scan recorded –– without especially high resolution –– only the underlying surface of the fingertip, not the whole fingerprint. The information would be scanned into a very limited system memory, which would be deleted seconds after scanning, once an encrypted mathematical template was created from the partial image. The proposed scan is useful only if the person already has a record in the system; it cannot be used to match individuals as is done in police fingerprint identification. Finally, Skiba attested that only six Kronos employees had the “intricate knowledge necessary to alter, copy or transmit the template.”

The arbitrator agreed that the onus was on the union to prove employee privacy was being invaded. She observed that each workplace biometric system needed to be judged on the merits of its own specific features. However, she acknowledged that “biometric data retained in encrypted form on the template is fundamentally different from the sort of employee information one would expect to be traditionally maintained for payroll purposes.” She concluded that measuring the subsurface ridges and valleys of a person’s fingertip are “within the realm of the employee’s private life.”

She noted that significant privacy safeguards were built in to the Kronos technology, but that the biometric information was retained in the system rather than by the individual to whom it related. She was concerned about the disposition of employee templates after termination of their employment. She was leery of the fact that Kronos employees could locate the template and reverse engineer the information on it and that the information would be “accessible to a ‘select few’ Kronos officials.”

Even though there did not seem to be much use for the data outside the proposed system, the arbitrator agreed with the union that, “the usefulness of information or data does not in itself determine whether privacy has been invaded.”

The union had satisfied the onus placed on it to prove the privacy rights of its workers were being infringed.

That said, was the privacy issue of sufficient importance when compared to the legitimate goals of the company to provide the most cost-efficient payroll services and the best security measures?

The arbitrator said the answer in this particular situation is that privacy rights of the employees come first. In the first place, the Kronos company had a card-swipe system which could provide a time-efficient method of payroll record-keeping while not requiring fingertip scanning. It would not help in identifying cheating, but no evidence was given that “buddy punching” had been a problem in the past.

As far as security was concerned, the arbitrator noted that security risks at a shingle manufacturing company are not particularly high. Not only that, there had never been an emergency requiring evacuation of the plant. If one arose, the card-swipe system could give enough information as to whether any employee remained on the premises during an emergency evacuation. A gate at the plant entrance, in addition to the already existing security cameras, could help monitor entrance to the plant.

However, it is important to note that the arbitrator, in upholding this particular grievance, warned that it was not to be seen as a blanket condemnation of all workplace biometrics.

For more information: IKO Industries Ltd., Hawkesbury, Ont., and the United Steelworkers of America, Local 8580, an Ontario Arbitration Board decision; Mary Lou Tims – Sole Arbitrator, May 27, 2005.

Lorna Harris is the assistant editor of Canadian HR Reporter’s sister publication CLV Reports, newsletters that report on collective bargaining and other issues in labour relations. She can be reached at (416) 298-5141, ext. 2617 or [email protected].

To read the full story, login below.

Not a subscriber?

Start your subscription today!