Whether used for monitoring remote employees in regulated industries or streamlining recruitment, facial recognition has massive potential for companies in every sector. However, just like any technology, facial recognition has a dark side.
by Rob Shavell
As employers leverage employees’ biometric data through facial scanning, they unknowingly widen their exposure to potential privacy abuses. With privacy a growing concern and a matter of increasing legal attention, employers need to carefully plan how they might use facial recognition in their business as well as understand potential employee concerns.
The rise of remote working over the past year has helped bring privacy concerns to the fore for employees everywhere. With the line between their home and work lives blurring, workers are increasingly worried about how much of their information employers can access. For employers, balancing this concern is essential. In a recent survey of 1,000 workers across different sectors, workplace platform developer Envoy discovered that over 37% of employees would consider resigning if their employer mishandled their personal information. A further study by CISCO showed that over 90% of people are insistent that their privacy should not be compromised even when dealing with the COVID-19 pandemic.
As employees look more carefully at how their personal information is being used, they’re likely to view facial recognition technologies in a less than favorable light. For their employers, the first step towards assuaging concerns regarding facial recognition is managing consent.
WHERE FACIAL RECOGNITION CROSSES THE LINE
Most concerns around facial recognition center around the use of the technology without an individual’s consent. As such, any business that uses facial recognition as a surveillance mechanism runs the risk of receiving a severe backlash. While social media companies have used facial recognition technology to enable face tagging features, users have a semblance of control over its use. On the other hand, unconsented use of facial recognition by employers may violate employee rights while also increasing the potential for abuse by bad actors.
For example, Verkada, a California based surveillance startup, is facing accusations of sexism and racism after allegations surfaced about the company’s facial recognition system being used to harass female employees. VICE’s report on the company highlighted instances of male employees using the software’s face search feature to collate pictures of their female co-workers, which they then distributed through a private Slack channel. Elsewhere, the University of Miami has attracted a slew of negative attention after allegations surfaced earlier this year that it used facial recognition software to identify protestors and discipline students. In a disturbing report from the New York times, facial recognition has also been used to profile minorities in the People’s Republic of China. However, while these examples showcase gross misuse of what is still a new technology, employers can also use facial recognition ethically provided they take a proactive approach to privacy at the same time.
HOW TO BALANCE PRIVACY CONCERNS WHEN IT COMES TO FACIAL RECOGNITION
The first step in privacy positive use of facial recognition in the workplace is giving employees control of the technology itself and showing a clear benefit to using facial recognition in the first place. For example, authentication protocols that use facial recognition can give employees control over how their biometric data is used while also showing a clear cybersecurity benefit to their employers.
Ultimately, however, when it comes to facial recognition or any new technology balancing privacy concerns requires a comprehensive approach. Across every facet of an organization, businesses can benefit from creating a privacy-first culture where privacy is promoted as a benefit for employees rather than an infringement on their rights. On one level, this means being transparent when it comes to employee data use, an action that has been shown to make employees more comfortable with their workplace data being used for monitoring purposes.
INVESTING IN WORKPLACE PRIVACY
Rolling out privacy as a benefit is an investment that all organizations considering technologies such as facial recognition should make. According to Accenture’s research, 55% of employees would not apply for a job with a company that had a reputation for poor use of its employees’ data. Furthermore, legislation such as GDPR in Europe and the recently passed CPRA in California point to a future in which a failure to protect employee data will create increasingly onerous fines for businesses.
A privacy-focused benefits package for employees combines transparency about data use with useful privacy awareness training and access to privacy-focused tools such as password managers and personal information removal services. For a relatively minimal cost on top of their existing personnel expenses, companies have the opportunity to present a positive privacy attitude to both employees and potential customers looking in. Such an approach can pay dividends not only when it comes to adopting new technologies but also for retaining and attracting top workplace talent.
FINAL THOUGHTS
As part of a broader digital transformation catalyzed by the COVID-19 pandemic, facial recognition creates new opportunities for businesses globally. However, as employees become more aware of how, why, and when their employers use their data, leveraging biometric data is fraught with reputational risk.
For forward-thinking companies, the key to mitigating concerns and developing a sustainable relationship with data use in the workplace is being proactive regarding privacy. For employees and employers alike, privacy works best as a benefit rather than a burden.
Rob Shavell is a Co-Founder and CEO of Abine / DeleteMe, The Online Privacy Company. Rob has been quoted as a privacy expert in the Wall Street Journal, New York Times, The Telegraph, NPR, ABC, NBC, and Fox News. Rob has also been a vocal proponent of privacy legislation reform, including as a public advocate of the California Privacy Rights Act (CPRA) and Abine is an early implementer of the new Global Privacy Control.alert-info