Wearable technology is creating new privacy headaches for employers, a leading law firm has warned.
Technologies such as Google Glass and smart watches are gradually making their way into the workplace.
But the intrusive nature of these devices, which could be used by employees to take clandestine photographs or videos, are ringing alarm bells among some employers, says lawyer Sue McLean at Morrison and Foerster.
“There are huge privacy and ethical implications around wearable technology,” she said in an interview with Computer Weekly.
She said wearable technology is likely to become more of a pressing issue for employers over the next few years as technologies, such as Google Glass, find new uses in the work place and home.
The market for wearable technology is set to grow from $1.6 billion to $5 billion, according to research by Gartner.
But as its use becomes more widespread, employers will need to put policies in place governing how staff use the technology.
For example, if a person wearing Google Glass videos a meeting with other employees, that could be construed as bullying, says McClean.
Similarly, an employee in a disciplinary action could use a wearable device to surreptitiously record the meeting – and then go on to use the recording in legal proceedings.
“Companies have to be very clear on how and why employees use wearable technology, make sure they are clear what the rules are, and that they have taken adequate precautions to comply with privacy regulations and the law,” she says.
Research has shown, says McClean, that employees using wearable technology are more productive if they know they are being monitored.
However, the technology raises potential privacy and data protection concerns that will need to be addressed by employers and trade unions.
For example, it may be legitimate to ask a fire fighter to wear Google Glass, showing a floor plan, to help them navigate through a burning building. But there may not be a good case for issuing Google Glass to shop assistants.
“It may depend what the job is, and whether employees can require wearable technology from a health and safety point of view, ” she says.
Companies may need to restrict or ban the use of wearable technology where employees have access to valuable intellectual property.
Organisations may choose to ban Google Glass from call centres, for example, where staff have access to customer records containing personal details about clients.
The technology could also raise new data protection issues, if companies use it to display sensitive data about their customers.
Virgin Atlantic, for example, has announced plans to issue staff at Heathrow airport Google Glass, to keep first class passengers up to data on flight information, weather and local events at their destination.
The devices, to be rolled out following a pilot earlier in the year, are able to alert staff to important passengers, by flashing their names, frequent flyer status and flight numbers on a mini-screen.
“Some of the information [in this type of application] could be classified as sensitive information. So if you are Jewish, and you chose Kosher food for your flight, that would show your religious affiliation,” she says.
Companies will need to make sure sensitive data is adequately secured, so it cannot accidently be leaked, she says, or be exposed to hacking risks.
Similarly, employees using Google Glass to make video recordings, will need to make sure that people in the video have consented to be filmed or recorded.
Experiences in the US have shown that so far, people have a tendency to over-react to new technology.
In January, Homeland Security agents removed a man from the cinema, and questioned him for several hours about potential copyright infringement, after he was spotted wearing Google Glass.
The man, who said he had only been wearing the Glass because it was fitted with his prescription lenses, was only able to prove his innocence when he persuaded officials to connect his Glass to a PC to examine its contents.
In another case a woman was accused of distracted driving when she was found to be wearing Google Glasses after being pulled over for speeding in the US. The charges were dropped because there was no evidence she had been distracted or had the device turned on.
Mobile phone cameras produced a similar reaction when they were first introduced, with many organisations responding by banning people with smart phones, said McClean.
“That has gone away now because organisations realise you can’t ban all mobile phones, “ she says.
Meanwhile across the ocean:
Wearable technology must comply with UK data privacy laws, the Information Commissioner’s Office (ICO) has warned.
The warning follows the UK launch of Google Glass, which is set to take the collection and processing of data by wearable technology to a new level.
Recent progress in hardware means wearable technology is likely to become as common in the workplace as mobile phones.
This will force UK company owners to start considering their response to Google Glass and other wearable technology, according to Andrew Paterson, senior technology officer at the ICO.
For example, some bar owners in the US have already banned Google Glass from their premises because of customers’ concerns about being filmed without their knowledge, Paterson wrote in a blog post.
Although he believes it will be up to society to decide how comfortable they are with wearables, like any new technology, the devices must comply with the law.
“In the UK, this means making sure that these devices operate in line with the requirements of the UK Data Protection Act (DPA),” said Paterson.
Anyone using a wearable technology for their own purposes is unlikely to breach the DPA, which includes an exemption for the collection of personal information for domestic purposes.
“But if you were to one day decide that you’d like to start using this information for other purposes outside of your personal use, for example to support a local campaign or to start a business, then this exemption would no longer apply,” said Paterson.
However, organisations that use wearable technology to process personal information will almost always be covered by the DPA, he added.
“This means that they must process the information collected by these devices in compliance with the legislation,” he said.
“This includes making sure that people are being informed about how their details are being collected and used, only collecting information that is relevant, adequate and not excessive, and ensuring that any information that needs to be collected is kept securely and deleted once it is no longer required.”
If the wearable technology can capture video or pictures, like Google Glass, then organisations must address the issues raised in the ICO’s CCTV Code of Practice.
Paterson notes that an update to the code is currently out for consultation until 1 July 2014.
He said there is also useful guidance on the Surveillance Camera Commissioner’s website, which has direct relevance to the use of wearables containing cameras.
Paterson said the rise of wearable technology raises exciting new possibilities and is set to become widespread in years to come.
“But organizations must not lose sight of the fact that wearables must still operate in compliance with the law and consumers’ personal information must be looked after,” he said.
As the use of wearable technology becomes more widespread, employers will need to put policies in place governing how staff use the technology, said lawyer Sue McLean at law firm Morrison and Foerster.
For example, if a person wearing Google Glass videos a meeting with other employees, that could be construed as bullying, McLean told Computer Weekly.
Similarly, an employee in a disciplinary action could use a wearable device to surreptitiously record the meeting – and then use the recording in legal proceedings.
McLean added: “Companies have to be very clear on how and why employees use wearable technology, make sure they are clear what the rules are, and that they have taken adequate precautions to comply with privacy regulations and the law.”
Find out about accomplishments and Fairpromise