The Assistant Privacy Commissioner of Canada recently determined that collecting employee biometric information for the purpose of controlling access to a number of company business applications did not contravene the Personal Information Protection and Electronic Documents Act (“PIPEDA”). The business applications were used for logging work-related information and for reporting employee absences from work. The employer used voice password technology to ensure only company employees were accessing the system.
Several employees complained that collection of the biometric information (i.e., employee voice prints) violated their privacy in contravention of Section 5(3) of the PIPEDA. Section 5(3) allows an organization to collect, use or disclose personal information only for purposes that a reasonable person would consider appropriate in the circumstances.
The employer asserted the business applications and voice passwords were introduced to enable field employees to log their work-related information in a secure, efficient and cost-effective manner. In particular, security was enhanced because only actual registered speakers could be authenticated. There was no password that an imposter could input.
The employer maintained security costs of the system were lower than those associated with managing traditional password access. In addition, the system eliminated the need for paper-based processes, thereby achieving a more cost-effective means of doing business.
The Assistant Commissioner accepted that the system was more efficient and cost effective than password management and paper processes. However, she found the most persuasive argument in favor of permitting the collection of biometric information was that the voice password was needed to ensure security. The company managed large amounts of customer personal information, and the system was aimed at safeguarding this information and meeting the expectation of customers that their data would be protected.
While the Assistant Commissioner agreed with the employees’ assertion that a voice print was an encroachment upon the person since it contained the behavioral and physical characteristics that make an individual’s voice unique, she found that under the circumstances the voice print did not reveal much information about an employee. In addition, she concluded that technological constraints only allowed the voice prints to be used for authentication purposes; they could not be used for spying on employees or for other inappropriate purposes. Further, the voice prints were stored in a secure database and housed under tightly controlled conditions.
This decision also addressed the employees’ contention that they should not be required to input into the automated system the medical reasons underlying any absence from work. The Assistant Commissioner agreed, determining that the requirement to provide such information was unreasonable. The company has since discontinued this workplace practice.