After the quantified self, the quantified employee; but what about privacy?

Posted on Mar 2, 2019 by Glyn Moody

Back in 2017, Privacy News Online wrote about workplace surveillance. The systems described were all based on monitoring how employees were using company technology. They noted every email sent and received, tracking both sides of instant messaging applications, recording social networking activity, storing online searches and which Web sites are visited. But technology has moved on in the intervening time, and there are now other ways to keep an eye on employees, as an article in the Washington Post describes:

Devices worn on employees’ bodies are an increasingly valuable source of workforce health intelligence for employers and insurance companies. It’s fueling a boom in the use of wrist-borne health and fitness monitors such as those made by Fitbit, Garmin and Apple.

Using on-body devices, popular with the “quantified self” movement, employers can track every second of a worker’s day. They can see when they are walking around, and when they are sedentary. By aggregating data, companies can tell how much employees have been moving during the day, and during what periods. There are plenty of good reasons to do that: encouraging workers to take more steps, or to break up periods of sitting down, has clear health benefits. That’s a win-win situation: people are probably happier because they are healthier, while companies benefit from fitter, more content workers. There may be direct financial benefits for people who choose to wear such devices:

In general, employees in such programs voluntarily sign up for digital health monitoring. They are lured by cash, reduced premiums, or reimbursements for co-payments and deductibles, which have skyrocketed for many people with insurance. The devices are handed out free or discounted.

The article reveals that the uptake of such schemes has been rapid. Some 20% of US employers who offer health insurance collected data in 2018 from these kind of devices, compared to 14% the year before.

However, there is an important privacy issue with such schemes. The Washington Post notes that many people using wearable monitoring devices believe that the health data they generate and send back to the manufacturers is covered by the Health Insurance Portability and Accountability Act (HIPAA). This law prohibits doctors, hospitals and insurance companies from disclosing personal health information. But the article points out that these rules don’t apply if an employee voluntarily gives health data to an employer or a company such as Fitbit or Apple. Since those kind of organizations are not covered by HIPPA’s rules, highly-personal information may be shared widely.

As numerous posts on this blog have pointed out, once such data is available for use by other companies, it is frequently aggregated with personal information derived from other sources. The resulting picture of an individual can be extremely detailed. In particular, it may reveal aspects of a person’s life that they wish to keep private. That’s especially true for health information of the kind generated by wearable devices, which provide long-term patterns that are often indicative of underlying problems:

Real-time information from wearable devices is crunched together with information about past doctors visits and hospitalizations to get a health snapshot of employees. Sleep monitoring has especially profound implications. Poor sleep can be a key indicator of depression, substance abuse or other mental disturbances. Overweight insomniacs, as measured in this new world, for example, will stand out faster as potentially costly health insurance risks.

The information that employees provide to enable their health to be monitored and improved may turn out to have negative consequences for them. Aggregated information may reveal that they should be paying more for their health insurance. Similarly, it may indicate to a company that there are potential physical or mental health problems.

Interestingly, many younger people at one company discussed in the Washington Post article have chosen not to wear the tracking devices. Because they are younger, and healthier, the benefit of being monitored all the time is typically less than for older employees with more health problems. This means that there is likely to be a tendency – perhaps even an expectation – that people will start to wear on-wrist devices as they get older, and are more at risk of health problems.

That, in its turn, may encourage some managers to select or keep healthier older workers when taking on new staff, or firing existing ones. Similarly, it’s conceivable that some companies will decide that promoting healthier employees is a better long-term investment. Another problem is when data is gathered about a person outside work. Sleeping patterns and heartbeat variations may indicate personal problems that are not evident at work – for example excessive alcohol consumption, or drug use. Again, that information may influence managers when it comes to making decisions about who should do particularly challenging work, or take on high-responsibility roles, or who can be trusted to represent the company at important meetings or conferences.

The fundamental problem is, once more, the normalization of surveillance, this time in the workplace. In that context, there is the added issue of consent: it’s hard to refuse to agree to an employer’s request to join schemes using on-body devices, especially if co-workers have accepted them. Although there are undoubted benefits of monitoring things like the number of steps taken, and heart rate, what is often overlooked is what happens to that data after it leaves the device.

To avoid the very serious downsides of losing control of highly-personal information, we need to ensure that employees are always informed how their data may be used. They must also be given the option to specify that it can only be used for very circumscribed purposes that truly serve their interests, requiring an explicit and informed opt-in. New workplace laws may be needed to extend the reach of HIPAA. These steps are certainly no panacea, but they will help to reduce some of the major problems for privacy that today’s approach will almost certain engender.

Featured image by Casey Fleser.

VPN Service