Employers Must Follow Privacy Protocols When Implementing Biometric Attendance Systems

In response to concerns about employee attendance and building security, some employers have chosen to implement biometric attendance systems in the workplace. These systems allow an employer to monitor employees' work hours by measuring biological characteristics like fingerprints, handprints or facial features and associating this measurement with an identified individual. As biometric systems record personal information about identifiable individuals, their use by employers is subject to the requirements of privacy legislation.

The interplay between biometric attendance systems and employee privacy has been addressed by the Office of the Information and Privacy Commissioner of Alberta (OIPC) on two occasions: Investigation Report P2008-IR-005 and Investigation Report F2008-IR-001. In both cases, the employer implemented a biometric attendance system in order to more accurately record attendance and reduce instances of "buddy punching", a practice where one employee punches the time card of another employee who is late or absent. The systems did not store images of an employee's thumb or hand print, but instead converted measurements of an employee's hand or thumb into a unique numerical identifier.

The Commissioner concluded in both cases that the collection of personal employee information was reasonable. Despite this finding, both employers were found to have breached their obligation under privacy legislation to properly notify employees of the information being collected and the manner in which collected information would be used.

The OIPC Investigation Reports are instructive, as they raise a number of important takeaway points for employers who are considering a move from the traditional timecard to a more high tech option:

1. Employers who implement such systems in the workplace must take care to ensure that employees understand what information is being collected, how it is being collected and how the employer will use the information. This may include the preparation of a written privacy policy which is then made available to employees.
2. In both investigation reports, the Commissioner noted that the numerical identifiers generated by the biometric system could not be reverse engineered in order to reconstruct an image of the employee's hand or thumbprint. It was also noted that the collected information was transmitted and stored in encrypted form. In light of concerns about unauthorized access to or misuse of personal information, the level of security provided by an attendance system will be important if the legality of the system is challenged.
3. The Commissioner also noted in both reports that other methods of tracking attendance had been found to be ineffective. Employers who wish to use biometric systems in the workplace should therefore be able to articulate how the proposed system is needed to remedy a specific problem, such as buddy-punching, in light of any available methods which are less invasive.