Employer s Right to Privacy

Employer's Right to Privacy

Employers are usually incorporated and, as such, they have some of the same rights as individuals in society. They can sue and be sued. They can enter into contracts and conduct business in their own name . In the same way, they have a right to privacy. For an employer, the privacy issue is more than who knows what; it is also about the use of private company resources and facilities. The access to a company's resources and facilities may provide a mechanism by which the company's privacy can be compromised. The implementation of biometrics by an employer or its employees can help control privacy issues in a number of ways. What follows are some of the areas in which a company can use biometrics to ensure its privacy:

• Protection of trade secrets and proprietary information

• Protection and safety of employees and customers

• Background checks

• External reporting and auditing requirements

• Access control

Let's examine each in more detail.

Protection of Trade Secrets and Proprietary Information

Many companies value their trade secrets and proprietary information more highly than their capital resources. These corporate secrets give them a competitive advantage in the marketplace . If these were to be compromised and exposed publicly or to a competitor, it could have catastrophic results for the company, employees, and shareholders. This is equivalent to an individual's wanting his/her personal thoughts to remain private.

Consider, for example, a publicly traded cola company. If the secret recipe for a cola was compromised, then competitors could imitate the flavor, and it might allow market fringe players to gain a larger market share. The loss of market share would cause a decrease in share price, reducing company equity and shareholder value. As the stock price falls and the revenues decrease, the company may be forced to lay off employees and reduce expenditures. This would have multiple effects in the economy. With less money being spent by the company, and a loss of spending by the laid-off employees, tertiary businesses would be affected.

This compromise of corporate privacy is an issue for all interested parties. The root cause of the invasion of privacy was the lack of access control to the trade secret. The trade secret could have been stored on a computer server, on a network, or in a secure location. Access to it was either controlled through password authentication to the network or by key card to the secure area. As we saw in Chapter 2, the password is a weak factor of authentication for a number of reasons, and simple possession tokens are not a strong enough factor of authentication on their own. To strengthen the privacy of a company's trade secrets and proprietary information, the employer could employ a biometric for network authentication. This would help ensure that the person authenticating to the network is the one who should or should not have access to the sensitive information. If a biometric was used for physical access to a restricted area of the company, then only authorized employees would be able to access the data stored there. This use of biometrics is easily justified due to the importance of the data being protected. An employee objecting to using a biometric for access control holds less significance than the rights of the employer, employees, and shareholders protecting their monetary interests. In doing this, the privacy of the company's "thoughts" is better safeguarded.

Protection of Personal Data about Employees and Customers

In today's litigious environment, a corporation is not only expected to protect itself, but also its employees and customers. The corporation is expected to safeguard customer information from unauthorized access and tampering. At the same time, employees have expectations that the confidential information collected about them will be treated with privacy.

For a customer of a healthcare provider, the information stored with the provider could be used maliciously against the customer. This is an example of privacy of the physical person. I may need to share certain private physical health information for insurance. Thus, there is an expectation that the information provided will be treated with the utmost concern for privacy. If the privacy of the individual is not respected, the following could happen with an invasion of privacy:

• Denial of insurance coverage due to pre-existing conditions or family history

• Denial of employment based on a disability or medical preconditions

• Threat of exposure of a medical procedure or condition

• Removal or addition of medical conditions that if treated or untreated could cause illness or death

The customer expects the healthcare provider to take all necessary steps to safeguard this information. Using biometrics would help to mitigate the risk to the customer. If biometrics were used for authentication to the database containing the customer data, the healthcare provider would be able to control and audit who accessed the data and what changes they may have made. Once again, the public good that using a biometric device would provide would negate any employee objections to the use of biometrics.

For an employee of a corporation, protecting the data gathered about the employee is of great importance. The type of information that an employer may have gathered about an employee due to his/her employment may include:

• Background and criminal histories

• Previous employment history

• Current address and contact information

• Bank account information for direct deposit

• Current health coverage

• Web surfing activities

• Email correspondence

• Salary information

The exposure of any of the above information would infringe on the privacy of the employee. The employee would thus have an expectation that the company would treat access to this information in the same manner as customer data. Here again, the use of biometric devices can help insure that this information remains confidential. Access control and auditing can once again be meaningful if the people accessing the data are biometrically authenticated. The privacy rights of employees who access the data stored about other employees and customers need to be second to the privacy rights of the employees and customers to whom the data applies.

Background Checks

Before we would invite a total stranger into our home, we would want to know more about him/her. We would try to find out as much about his/her background as we could. This may give us some indication of what to expect from the stranger currently and into the future. In the same way, a corporation will want to know about the background of any potential employee before hiring him/her. This would afford the corporation the opportunity to either reject him/her as an applicant or hire him/her being well aware of his/her background. These background checks have historically involved letters of reference, follow-up phone calls to references, and police checks. All the checks conducted rely on the applicants being truthful about his/her identity and providing legitimate credentials as proofs of identity. A dishonest applicant could easily provide false information and credentials. The applicant may be trying to hide previous employment with the company or previous criminal activity.

In recent times, many corporations have been using ink fingerprinting to validate identity and, in turn , using these fingerprints for criminal background checks. This method requires taking accurate prints and shipping them off-site for verification. Both could result in time lags that could give the candidate, if hired , the ability to commit a fraudulent act.

The use of a biometric device that generates Automated Fingerprint Identification System (AFIS)-quality images can reduce the time of a background check and will tell you immediately if the image is usable. In this instance, the use of the biometric not only protects the corporation, but also speeds up the applicant's hiring process. All parties concerned benefit from this use of biometrics.

An applicant may be concerned that the biometric data collected for this purpose could be subverted for other uses, or shared with others. If the applicant was not successful or was not hired, would the biometric data collected be destroyed ? For the corporation, it would be in its best interest to keep this data to deter the unsuccessful candidate from re-applying and current employees from committing illegal activities. In this case, both the employer and the candidate or employee have reasonable privacy concerns. How to address these will be dealt with later in this chapter.

External Reporting and Auditing Requirements

Employers often have private information about their business activities or other non-public information. Company employees, in conducting their jobs, can use this private information. However, if this private information was used for other means, it would be an invasion of the employer's right to privacy. This invasion of privacy may have consequences to third parties. To know if this has happened , the employer may need to have reports and audits done to detect the wrongful use of the private information. As such, governments and other licensing bodies have imposed reporting and auditing requirements on corporations. These requirements are mainly put into place for the safeguarding of privacy and to prevent the exploitation of insider information. To meet these requirements, corporations are quite often required to:

• Provide separation of data

• Provide accurate transaction reports

• Provide internal memos and emails

A detailed description of how biometrics can help achieve the above follows.

Provide separation of data

In many corporations, there could be an internal conflict of interest based on the data collected and the activities that the corporation is involved in. For example:

• A financial conglomerate that acts as both an investment bank and an open markets trading company ” The information that the investment bank part of the company has access to could provide a trading advantage to the open markets portion of the company.

• A healthcare conglomerate that offers both insurance and healthcare delivery services ” The delivery side of the business could feed back to the insurance side new or pre-existing health conditions that could result in the loss of insurability or an increase in premiums.

• A utilities producer that is also a reseller and market maker for the utility it produces ” The market maker side of the corporation could have knowledge of a plant's going offline or a new supply's coming to the market before it is publicly known. The producer side of the company could restrict additional capacity during a peak consumption period, thus causing prices to spike and larger margins for the produced capacity.

In each of the examples, the requirement for separation of data can be accomplished with biometrics. With biometrics controlling access to the data, only the properly accredited employees would have access to create or read the data stored. It could be argued that if the properly accredited employees do have access to the data, or change the data and then share it verbally with the other side of the company, this would then give the company an unfair competitive advantage. In this case, biometrics do not prevent this exchange from happening, but biometrics can provide the "smoking gun" for what took place. If the individuals involved are confronted with their actions, the non- repudiation property of biometrics would prevent them from denying their actions. The access to the data and the subsequent activities based on knowing the data could be tracked back to the individuals involved based on their biometric authentication. For example, imagine the following scenario from the financial sector: An investment banker biometrically authenticates to get the latest sales forecasts for a customer. He/she then has lunch with a trader friend and shares the latest sales data. The trader later authenticates to the trading system and trades the security. Both cannot deny doing their parts in the fraudulent activity because of the biometric authentications.

Provide accurate transaction reports

When an employee conducts an activity as part of his/her job function or on behalf of the corporation, an accurate record should be kept. This record needs to indicate the following:

• Who performed the transaction?

• What was the transaction?

• Where was the transaction conducted?

• When was the transaction executed?

Biometrics can help provide support for each of the above.

Who performed the transaction?

With a biometric authentication, there is never any doubt about who performed a transaction. The employee would have authenticated to activate the application. A subsequent authentication can be performed to commit the transaction. In this way, the user 's name is bound to the transaction record. If a digital signature is in use at the company, then the digital signature would be affixed to the transaction as well.

What was the transaction?

A transaction record could be changed after completion. If this happened, there could be a question of what really took place. If a biometric authentication was required to access the transaction log, that access and activity would be recorded, along with the biometric authentication to make the change. In this case, biometrics can be used to protect the integrity of the record after a transaction has been recorded.

Where was the transaction conducted?

Sometimes the location where a transaction took place can be of importance. The location may be used to prove collusion between two parties, or that the transaction was illegal based on government regulation. The transaction log would record the IP address of the computer from which the transaction was executed. If the application transaction log was compromised, the biometric authentication log file could be used to provide the proper IP address. In this scenario, the biometric authentication creates a unique log file on the biometric server that records the address of the computer and the application that requested the authentication.

When was the transaction executed?

Like the previous example, the timing of a transaction can be important. The time of a transaction can prove when the information in question was used. In the case of information being used before it was publicly known, it can prove insider knowledge. As in previous examples, the biometric server authentication log can be used to validate transaction time.

Provide internal memos and emails

With the scandal-ridden collapse of numerous corporations and the many accusations of insider trading, an electronic paper trail is more important than ever. The internal memos and emails of a corporation are like an individual's thoughts. They are written down and may be shared with others in trust. The privacy of these "thoughts" needs to be protected.

Internal emails and memos have brought down many empires and have put previously untouchable corporate executives in jail. Many defense lawyers could argue that the accused never actually sent an email or wrote a memo. In turn, the prosecution will want to show that the accused authored the correspondence. Both would benefit from biometric authentication. If the accused was required to biometrically authenticate to send correspondence, it would show that he/she did or did not send a certain memo or email. To have a stronger case, it would be best if the email or memo was digitally signed and the signature could be used only if it was biometrically authenticated. In this case, the combination of digital signature and biometric authentication would prove innocence or guilt.

Access Control

It is clear from the employer's perspective that privacy concerns are best addressed when biometrics are used for access control. The further upstream a privacy breach can be prevented, the better. The earliest point in most cases to prevent a privacy breach is at the point of authentication. If we can insure that only the proper employees have access to their required information, employer privacy can be safeguarded.