Employee-privacy advocates are not in favor of biometrics in the workplace. But many employers do not share the concern. Biometrics are being used in workplaces across the country for purposes ranging from security to timekeeping and attendance.

What are Biometrics?

You may not know it, but you have probably seen biometrics in use numerous times. Catch any modern spy movie and there is sure to be a scene where the main character accesses the inevitable Restricted Area using the fingerprint of a dead man via a “borrowed” digit. Or maybe the triple-secret bank vault can be opened only via a retina scan of the bank’s Very Important President. You get the idea.

Biometrics run the gamut from simple to NASA-level technology. Biometrics on the most basic level could include simple ID badges with the employee’s mug-shot style photograph. Signatures are even included in biometrics that are used as a security measure. Today, employers utilize password-management systems that require employees to regularly change their personal passwords in order to access the company’s network.

The term “biometrics” refers to a method of authenticating the identity of an individual using enduring physical or behavioral characteristics. Any system that utilizes biometrics relies on the use of biometric identifiers. Also known as “BIs,” biometric identifiers are select pieces of information that relay an encrypted picture of some unique feature of the person’s biological makeup. Common BIs include fingerprints, retinal scans and voice scans.

Other identifiers that have been suggested and used include: hands, feet, faces, ears, teeth, veins, voices, signatures, typing styles (keystroke), gaits and odors.

How Effective Are Biometrics?

In the employment context, biometrics are used as an authentication tool. The BI is compared to the authenticated BI, which is stored in a database. Used this way, biometrics offer a nearly infallible security system. Unlike traditional security measures, like passwords or security badges, biometrics cannot be shared, lost, forgotten, stolen, or recreated.

But there are security risks for the user. For example, the authenticating, or original, data must be kept as secure as possible, which usually means not being sent wirelessly. And, if it is sent across a network, encryption should be at a maximum. As a compromise, systems often provide for a larger margin of error. And, unlike passwords and security questions, biometrics cannot be changed or revoked when the employment relationship ends.

What Else Could Go Wrong?

Well, lots, actually. Unauthorized access to highly sensitive personal information raises very legitimate concerns about identity theft–a problem that already has employers on high alert for potential liability. And, without any regulatory system in place, what about the potential privacy implications? Surely, employees will want to know what other information can be obtained should the wrong person have access to the database.

Not As Futuristic As You Might Think

Use of biometrics in the workplace is not just for the big screen. Biometrics as a timekeeping system have already been implemented in companies such as Dunkin’ Donuts and McDonald’s franchises. Biometrics as a security tracking system are being used at some Marine Corps bases. And cities and municipalities across the country use biometrics to track public employees for timekeeping and security.

As you might imagine, there are lots of voices in opposition of biometrics in the workplace. The American Civil Liberties Union (ACLU), has been one of the strongest. Labor unions also oppose this use of technology. Privacy and employee-rights advocates are equally unenthusiastic.

But advocates of biometrics (and the companies that make and sell biometrics-based systems), point to increased accountability and reduced employee fraud as the starting point for major cost savings and productivity.

We’ll have to keep an eye (or, in this case, a retina) on the use of biometrics at work.

For additional information, see More Employers Scanning Workers’ Hands
Biometric Technology Replacing Timecards; Employers Tout Efficiency, Unions Cry Foul a recent article on the CBS News website.

The American Management Association (AMA) and The ePolicy Institute have recently released the results of their survey on Electronic Monitoring & Surveillance. The survey is of great interest to employers, who face more and more issues in this area.

Some highlights from the survey:

E-Mail and Internet-Related Terminations:

The 28% of employers who have terminated employees for e-mail misuse did so for the following reasons: violation of any company policy (64%); inappropriate or offensive language (62%); excessive personal use (26%); breach of confidentiality rules (22%); other (12%).

The 30% of bosses who have fired workers for Internet misuse cite the following reasons: viewing, downloading, or uploading inappropriate/offensive content (84%); violation of any company policy (48%); excessive personal use (34%); other (9%).

Internet, E-Mail, Blogs and Social Networking:

Employers are primarily concerned about inappropriate Web surfing, with 66% monitoring Internet connections. Fully
65% of companies use software to block connections to inappropriate websites—a 27% increase since 2001 when AMA/ePolicy Institute first surveyed electronic monitoring and surveillance policies and procedures. Employers who block access to the Web are concerned about employees visiting adult sites with sexual, romantic, or pornographic content (96%); game sites (61%); social networking sites (50%); entertainment sites (40%); shopping/auction sites (27%); and sports sites (21%). In addition, companies use URL blocks to stop employees from visiting external blogs (18%).

Computer monitoring takes many forms, with 45% of employers tracking content, keystrokes, and time spent at the keyboard. Another 43% store and review computer files. In addition, 12% monitor the blogosphere to see what is being written about the company, and another 10% monitor social networking sites.

Of the 43% of companies that monitor e-mail, 73% use technology tools to automatically monitor e-mail and 40% assign an individual to manually read and review e-mail.

Telephone and Voice Mail:

Six percent of employers have fired employees for misuse or private use of office phones. Fully 45% monitor time spent and numbers called, and another 16% record phone conversations. An additional 9% monitor employees’ voicemail messages. Most employers notify employees of phone (84%) and voicemail (73%) monitoring.

Video Surveillance:

Almost half (48%) of the companies surveyed use video monitoring to counter theft, violence and sabotage. Only 7% use video surveillance to track employees’ on-the-job performance. Most employers notify employees of anti-theft video surveillance (78%) and performance-related video monitoring (89%).

Global Satellite Positioning and Emerging Surveillance Technology:

Employers who use Assisted Global Positioning or Global Positioning Systems satellite technology are in the minority, with only 8% using GPS to track company vehicles; 3% using GPS to monitor cell phones; and fewer than 1% using GPS to monitor employee ID/Smartcards. The majority (52%) of companies employ Smartcard technology to control physical security and access to buildings and data centers. Trailing far behind is the use of technology that enables fingerprint scans (2%), facial recognition (0.4%) and iris scans (0.4%).